diff --git a/docs/enterprise/cluster-management-add-nodes.md b/docs/enterprise/cluster-management-add-nodes.md index 93851854f9..0c780d23b5 100644 --- a/docs/enterprise/cluster-management-add-nodes.md +++ b/docs/enterprise/cluster-management-add-nodes.md @@ -1,10 +1,10 @@ # Adding Nodes to kURL Clusters -This topic describes how to add primary and secondary nodes to an embedded cluster provisioned with Replicated kURL. +This topic describes how to add primary and secondary nodes to a Replicated kURL cluster. ## Overview -You can generate commands in the Replicated KOTS Admin Console to join additional primary and secondary nodes to embedded kURL clusters. Primary nodes run services that control the cluster. Secondary nodes run services that control the pods that host the application containers. Adding nodes can help manage resources to ensure that the application runs smoothly. +You can generate commands in the Replicated KOTS Admin Console to join additional primary and secondary nodes to kURL clusters. Primary nodes run services that control the cluster. Secondary nodes run services that control the pods that host the application containers. Adding nodes can help manage resources to ensure that the application runs smoothly. For high availability clusters, Kubernetes recommends using at least three primary nodes, and that you use an odd number of nodes to help with leader selection if machine or zone failure occurs. For more information, see [Creating Highly Available Clusters with kubeadm](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/) in the Kubernetes documentation. diff --git a/docs/enterprise/delete-admin-console.md b/docs/enterprise/delete-admin-console.md index 815b95d75c..cc47625b44 100644 --- a/docs/enterprise/delete-admin-console.md +++ b/docs/enterprise/delete-admin-console.md @@ -1,16 +1,20 @@ # Deleting the Admin Console and Removing Applications -This topic describes how to remove installed applications and delete the Replicated Admin Console from a cluster. See the following sections: -* [Remove an Application](#remove-an-application) -* [Delete the Admin Console](#delete-the-admin-console) +This topic describes how to remove installed applications and delete the Replicated Admin Console from a cluster. ## Remove an Application +This section describes how to remove an application instance that was installed with KOTS in an existing cluster. + +### About Removing an Installed Application Instance + The Replicated KOTS CLI `kots remove` command removes the reference to an installed application from the Admin Console. When you use `kots remove`, the Admin Console no longer manages the application because the record of that application’s installation is removed. This means that you can no longer manage the application through the Admin Console or through the KOTS CLI. By default, `kots remove` does not delete any of the installed Kubernetes resources for the application from the cluster. To remove both the reference to an application from the Admin Console and remove any resources for the application from the cluster, you can run `kots remove` with the `--undeploy` flag. It can be useful to remove only the reference to an application from the Admin Console if you want to reinstall the application, but you do not want to recreate the namespace or other Kubernetes resources. For example, if you installed an application using an incorrect license file and need to reinstall with the correct license. + +### Procedure To remove an application: @@ -46,36 +50,28 @@ To remove an application: ## Delete the Admin Console -When you install an application with the Admin Console, Replicated KOTS also creates the Kubernetes resources for the Admin Console itself on the cluster. The Admin Console includes Deployments and Services, Secrets, and other resources such as StatefulSets and PersistentVolumeClaims. - -By default, KOTS also creates Kubernetes ClusterRole and ClusterRoleBinding resources that grant permissions to the Admin Console on the cluster level. These `kotsadm-role` and `kotsadm-rolebinding` resources are managed outside of the namespace where the Admin Console is installed. Alternatively, when the Admin Console is installed with namespace-scoped access, KOTS creates Role and RoleBinding resources inside the namespace where the Admin Console is installed. - -If you need to completely delete the Admin Console and an application installation, such as during testing, follow one of these procedures depending on the type of cluster where you installed the Admin Console: - -* **Existing cluster**: Manually delete the Admin Console Kubernetes objects and resources from the cluster. See [Delete from an Existing Cluster](#existing) below. -* **Embedded cluster**: Remove Kubernetes from the VM where the cluster is installed. See [Delete from an Embedded Cluster](#embedded) below. +This section describes how to remove the KOTS Admin Console from an existing cluster. -:::note -These procedures do not uninstall the KOTS CLI. To uninstall the KOTS CLI, see [Uninstall](https://docs.replicated.com/reference/kots-cli-getting-started#uninstall) in _Installing the KOTS CLI_. -::: +### About Deleting the Admin Console from an Existing Cluster -### Delete from an Existing Cluster {#existing} +When you install an application, KOTS creates the Kubernetes resources for the Admin Console itself on the cluster. The Admin Console includes Deployments and Services, Secrets, and other resources such as StatefulSets and PersistentVolumeClaims. -In existing cluster installations, if the Admin Console is not installed in the `default` namespace, then you delete the Admin Console by deleting the namespace where it is installed. +By default, KOTS also creates Kubernetes ClusterRole and ClusterRoleBinding resources that grant permissions to the Admin Console on the cluster level. These `kotsadm-role` and `kotsadm-rolebinding` resources are managed outside of the namespace where the Admin Console is installed. Alternatively, when the Admin Console is installed with namespace-scoped access, KOTS creates Role and RoleBinding resources inside the namespace where the Admin Console is installed. -If you installed the Admin Console with namespace-scoped access, then the Admin Console Role and RoleBinding RBAC resources are also deleted when you delete the namespace. Alternatively, if you installed with the default cluster-scoped access, then you manually delete the Admin Console ClusterRole and ClusterRoleBindings resources from the cluster. +In existing cluster installations, if the Admin Console is not installed in the `default` namespace, then you delete the Admin Console by deleting the namespace where it is installed. -The application vendor can require, support, or not support namespace-scoped installations. For more information, see [supportMinimalRBACPrivileges](/reference/custom-resource-application#supportminimalrbacprivileges) and [requireMinimalRBACPrivileges](/reference/custom-resource-application#requireminimalrbacprivileges) in _Application_. +If you installed the Admin Console with namespace-scoped access, then the Admin Console Role and RoleBinding RBAC resources are also deleted when you delete the namespace. Alternatively, if you installed with the default cluster-scoped access, then you manually delete the Admin Console ClusterRole and ClusterRoleBindings resources from the cluster. For more information, see [supportMinimalRBACPrivileges](/reference/custom-resource-application#supportminimalrbacprivileges) and [requireMinimalRBACPrivileges](/reference/custom-resource-application#requireminimalrbacprivileges) in _Application_. For more information about installing with cluster- or namespace-scoped access, see [RBAC Requirements](/enterprise/installing-general-requirements#rbac-requirements) in _Installation Requirements_. -To delete the Admin Console from an existing cluster: +### Procedure + +To completely delete the Admin Console from an existing cluster: 1. Run the following command to delete the namespace where the Admin Console is installed: - :::note - * You cannot delete the `default` namespace. - * This command deletes everything inside the specified namespace, including the Admin Console Role and RoleBinding resources if you installed with namespace-scoped access. + :::important + This command deletes everything inside the specified namespace, including the Admin Console Role and RoleBinding resources if you installed with namespace-scoped access. ::: ``` @@ -83,6 +79,10 @@ To delete the Admin Console from an existing cluster: ``` Replace `NAMESPACE` with the name of the namespace where the Admin Console is installed. + :::note + You cannot delete the `default` namespace. + ::: + 1. (Cluster-scoped Access Only) If you installed the Admin Console with the default cluster-scoped access, run the following commands to delete the Admin Console ClusterRole and ClusterRoleBinding from the cluster: ``` @@ -93,28 +93,4 @@ To delete the Admin Console from an existing cluster: kubectl delete clusterrolebinding kotsadm-rolebinding ``` -### Delete from an Embedded Cluster {#embedded} - -If you installed on a cluster created by Replicated kURL, KOTS installs the Admin Console in the `default` namespace. Kubernetes does not allow the `default` namespace to be deleted. - -To delete the Admin Console from an embedded cluster, use the kURL `tasks.sh` `reset` command to remove Kubernetes from the system. - -:::important -The `reset` command is intended to be used only on development servers. It has the potential to leave your machine in an unrecoverable state. It is not recommended unless you are able to discard this server and provision a new one. -::: - -Instead of using the `reset` command, you can also discard your current VM (if you are using one) and recreate the VM with a new OS to reinstall the Admin Console and an application. - -For more information about the `reset` command, see [Resetting a Node](https://kurl.sh/docs/install-with-kurl/managing-nodes#reset-a-node) in the kURL documentation. - -To delete the Admin Console from an embedded cluster: - -1. Run the following command to remove Kubernetes from the system: - - ``` - curl -sSL https://k8s.kurl.sh/latest/tasks.sh | sudo bash -s reset - ``` - -1. Follow the instructions in the output of the command to manually remove any files that the `reset` command does not remove. - -If the `reset` command is unsuccessful, discard your current VM, and recreate the VM with a new OS to reinstall the Admin Console and an application. +1. (Optional) To uninstall the KOTS CLI, see [Uninstall](https://docs.replicated.com/reference/kots-cli-getting-started#uninstall) in _Installing the KOTS CLI_. \ No newline at end of file diff --git a/docs/enterprise/image-registry-kurl.md b/docs/enterprise/image-registry-kurl.md index ffa80942b6..4ece0229e3 100644 --- a/docs/enterprise/image-registry-kurl.md +++ b/docs/enterprise/image-registry-kurl.md @@ -1,4 +1,4 @@ -# Image Registry for kURL Clusters +# Working with the kURL Image Registry This topic describes the Replicated kURL registry for kURL clusters. @@ -26,7 +26,7 @@ For more information, see [admin-console garbage-collect-images](/reference/kots ## Disable Image Garbage Collection -Image garbage collection is enabled by default for embedded kURL clusters that use the kURL registry. +Image garbage collection is enabled by default for kURL clusters that use the kURL registry. To disable image garbage collection: @@ -56,8 +56,8 @@ The kURL registry image garbage collection feature has following limitations: To prevent this from happening, include the optional images in the `additionalImages` list of the Application custom resource. For more information, see [`additionalImages`](/reference/custom-resource-application#additionalimages) in _Application_. -* **Shared Image Registries**: The image garbage collection process assumes that the registry is not shared with any other instances of Replicated KOTS, nor shared with any external applications. If the embedded kURL registry is used by another external application, disable garbage collection to prevent image loss. +* **Shared Image Registries**: The image garbage collection process assumes that the registry is not shared with any other instances of Replicated KOTS, nor shared with any external applications. If the built-in kURL registry is used by another external application, disable garbage collection to prevent image loss. -* **Customer Supplied Registries**: Image garbage collection is supported only when used with the embedded kURL registry. If the KOTS instance is configured to use a different registry, disable garbage collection to prevent image loss. +* **Customer Supplied Registries**: Image garbage collection is supported only when used with the built-in kURL registry. If the KOTS instance is configured to use a different registry, disable garbage collection to prevent image loss. * **Application Rollbacks**: Image garbage collection has no effect when the `allowRollback` field in the KOTS Application custom resource is set to `true`. For more information, see [Application](/reference/custom-resource-application) in _KOTS Custom Resources_. diff --git a/docs/enterprise/image-registry-settings.mdx b/docs/enterprise/image-registry-settings.mdx index 1a73adc278..86d318a548 100644 --- a/docs/enterprise/image-registry-settings.mdx +++ b/docs/enterprise/image-registry-settings.mdx @@ -8,11 +8,11 @@ This topic describes how to configure private registry settings in the Replicate Using a private registry lets you create a custom image pipeline. Any proprietary configurations that you make to the application are shared only with the groups that you allow access, such as your team or organization. You also have control over the storage location, logging messages, load balancing requests, and other configuration options. -Private registries can be used with online or air gap clusters. For embedded kURL clusters, if the Replicated kURL installer spec includes the kURL Registry add-on, then the embedded registry is used to host the application images. For more information about the kURL Registry add-on, see [Image Registry for kURL Clusters](image-registry-kurl). +Private registries can be used with online or air gap clusters. For kURL clusters, if the Replicated kURL installer spec includes the kURL Registry add-on, then the built-in kURL registry is used to host the application images. For more information, see [Working with the kURL Image Registry](image-registry-kurl). ## Prerequisites -Your domain must support a Docker V2 protocol. For more information, see [Private Registry Requirements](installing-general-requirements#private-registry-requirements) in _Installation Requirements_. +Your domain must support a Docker V2 protocol. For more information, see [Compatible Image Registries](installing-general-requirements#registries) in _KOTS Installation Requirements_. ## Configure Private Registries in Online Clusters diff --git a/docs/enterprise/installing-embedded-automation.mdx b/docs/enterprise/installing-embedded-automation.mdx new file mode 100644 index 0000000000..ad414ec12c --- /dev/null +++ b/docs/enterprise/installing-embedded-automation.mdx @@ -0,0 +1,64 @@ +import ConfigValuesExample from "../partials/configValues/_configValuesExample.mdx" +import ConfigValuesProcedure from "../partials/configValues/_config-values-procedure.mdx" + +# Installing with Embedded Cluster from the Command Line + +This topic describes how to install an application with Replicated Embedded Cluster from the command line. + +## Overview + +You can use the command line to install an application with Replicated Embedded Cluster. A common use case for installing from the command line is to automate installation, such as performing headless installations as part of CI/CD pipelines. + +To install from the command line, you provide all the necessary installation assets, such as the license file and the application config values, with the installation command rather than through the Admin Console UI. Any preflight checks defined for the application run automatically during headless installations from the command line rather than being displayed in the Admin Console. + +## Prerequisite + +Create a ConfigValues YAML file to define the configuration values for the application release. The ConfigValues file allows you to pass the configuration values for an application from the command line with the install command, rather than through the Admin Console UI. For air-gapped environments, ensure that the ConfigValues file can be accessed from the installation environment. + +The KOTS ConfigValues file includes the fields that are defined in the KOTS Config custom resource for an application release, along with the user-supplied and default values for each field, as shown in the example below: + + + + + +## Online (Internet-Connected) Installation + +To install with Embedded Cluster in an online environment: + +1. Follow the steps provided in the Vendor Portal to download and untar the Embedded Cluster installation assets. For more information, see [Online Installation with Embedded Cluster](/enterprise/installing-embedded). + +1. Run the following command to install: + + ```bash + sudo ./APP_SLUG install --license-file PATH_TO_LICENSE \ + --config-values PATH_TO_CONFIGVALUES \ + --admin-console-password ADMIN_CONSOLE_PASSWORD + ``` + + Replace: + * `APP_SLUG` with the unique slug for the application. + * `LICENSE_FILE` with the customer license. + * `ADMIN_CONSOLE_PASSWORD` with a password for accessing the Admin Console. + * `PATH_TO_CONFIGVALUES` with the path to the ConfigValues file. + +## Air Gap Installation + +To install with Embedded Cluster in an air-gapped environment: + +1. Follow the steps provided in the Vendor Portal to download and untar the Embedded Cluster air gap installation assets. For more information, see [Air Gap Installation with Embedded Cluster](/enterprise/installing-embedded-air-gap). + +1. Ensure that the Embedded Cluster installation assets are available on the air-gapped machine, then run the following command to install: + + ```bash + sudo ./APP_SLUG install --license-file PATH_TO_LICENSE \ + --config-values PATH_TO_CONFIGVALUES \ + --admin-console-password ADMIN_CONSOLE_PASSWORD \ + --airgap-bundle PATH_TO_AIRGAP_BUNDLE + ``` + + Replace: + * `APP_SLUG` with the unique slug for the application. + * `LICENSE_FILE` with the customer license. + * `PATH_TO_CONFIGVALUES` with the path to the ConfigValues file. + * `ADMIN_CONSOLE_PASSWORD` with a password for accessing the Admin Console. + * `PATH_TO_AIRGAP_BUNDLE` with the path to the Embedded Cluster `.airgap` bundle for the release. \ No newline at end of file diff --git a/docs/enterprise/installing-embedded-requirements.mdx b/docs/enterprise/installing-embedded-requirements.mdx new file mode 100644 index 0000000000..57ea034cec --- /dev/null +++ b/docs/enterprise/installing-embedded-requirements.mdx @@ -0,0 +1,19 @@ +import EmbeddedClusterRequirements from "../partials/embedded-cluster/_requirements.mdx" +import EmbeddedClusterPortRequirements from "../partials/embedded-cluster/_port-reqs.mdx" +import FirewallOpenings from "../partials/install/_firewall-openings.mdx" + +# Embedded Cluster Installation Requirements + +This topic lists the installation requirements for Replicated Embedded Cluster. Ensure that the installation environment meets these requirements before attempting to install. + +## System Requirements + + + +## Port Requirements + + + +## Firewall Openings for Online Installations + + \ No newline at end of file diff --git a/docs/enterprise/installing-embedded.mdx b/docs/enterprise/installing-embedded.mdx index f968de4de9..366b7dc0ab 100644 --- a/docs/enterprise/installing-embedded.mdx +++ b/docs/enterprise/installing-embedded.mdx @@ -10,7 +10,7 @@ Before you install, complete the following prerequisites: -* Ensure that the required domains are accessible from servers performing the installation. See [Firewall Openings for Online Installations](/enterprise/installing-general-requirements#firewall-openings-for-online-installations). +* Ensure that the required domains are accessible from servers performing the installation. See [Firewall Openings for Online Installations](/enterprise/installing-embedded-requirements#firewall-openings-for-online-installations). ## Install diff --git a/docs/enterprise/installing-existing-cluster-airgapped.mdx b/docs/enterprise/installing-existing-cluster-airgapped.mdx index bf009f28e6..b31534490c 100644 --- a/docs/enterprise/installing-existing-cluster-airgapped.mdx +++ b/docs/enterprise/installing-existing-cluster-airgapped.mdx @@ -14,7 +14,7 @@ import PushKotsImages from "../partials/install/_push-kotsadm-images.mdx" import PlaceholderRoCreds from "../partials/install/_placeholder-ro-creds.mdx" import KotsVersionMatch from "../partials/install/_kots-airgap-version-match.mdx" -# Air Gap Installation in Existing Clusters +# Air Gap Installation in Existing Clusters with KOTS @@ -26,7 +26,7 @@ Complete the following prerequisites: -* Ensure that there is a compatible Docker image registry available inside the network. For more information about Docker registry compatibility, see [Private Registry Requirements](/enterprise/installing-general-requirements#private-registry-requirements). +* Ensure that there is a compatible Docker image registry available inside the network. For more information about Docker registry compatibility, see [Compatible Image Registries](/enterprise/installing-general-requirements#registries). KOTS rewrites the application image names in all application manifests to read from the on-premises registry, and it re-tags and pushes the images to the on-premises registry. When authenticating to the registry, credentials with `push` permissions are required. diff --git a/docs/enterprise/installing-existing-cluster-automation.mdx b/docs/enterprise/installing-existing-cluster-automation.mdx index 19f0977b35..de52dbabb7 100644 --- a/docs/enterprise/installing-existing-cluster-automation.mdx +++ b/docs/enterprise/installing-existing-cluster-automation.mdx @@ -1,64 +1,55 @@ import ConfigValuesExample from "../partials/configValues/_configValuesExample.mdx" +import ConfigValuesProcedure from "../partials/configValues/_config-values-procedure.mdx" import PlaceholdersGlobal from "../partials/install/_placeholders-global.mdx" import PlaceholderAirgapBundle from "../partials/install/_placeholder-airgap-bundle.mdx" -import PlaceholderNamespaceEmbedded from "../partials/install/_placeholder-namespace-embedded.mdx" import PlaceholderNamespaceExisting from "../partials/install/_placeholder-namespace-existing.mdx" -import IntroEmbedded from "../partials/install/_automation-intro-embedded.mdx" import DownloadKotsBundle from "../partials/install/_download-kotsadm-bundle.mdx" -import DownloadkURLBundle from "../partials/install/_download-kurl-bundle.mdx" -import ExtractKurlBundle from "../partials/install/_extract-kurl-bundle.mdx" import InstallKotsCliAirGap from "../partials/install/_install-kots-cli-airgap.mdx" import InstallKotsCli from "../partials/install/_install-kots-cli.mdx" import PushKotsImages from "../partials/install/_push-kotsadm-images.mdx" import KotsVersionMatch from "../partials/install/_kots-airgap-version-match.mdx" import PlaceholderRoCreds from "../partials/install/_placeholder-ro-creds.mdx" +import AccessAdminConsole from "../partials/install/_access-admin-console.mdx" -# Installing from the Command Line +# Installing with the KOTS CLI -This topic describes how to install an application with Replicated KOTS, Replicated Embedded Cluster, or Replicated kURL from the command line. +This topic describes how to install an application with Replicated KOTS in an existing cluster using the KOTS CLI. ## Overview -You can use the command line to install an application with Replicated KOTS, Replicated Embedded Cluster, or Replicated kURL. A common use case for installing from the command line is to automate installation, such as performing headless installations as part of CI/CD pipelines. +You can use the KOTS CLI to install an application with Replicated KOTS. A common use case for installing from the command line is to automate installation, such as performing headless installations as part of CI/CD pipelines. -To install from the command line, you provide all the necessary installation assets, such as the license file and the application config values, with the installation command rather than through the Admin Console UI. Any preflight checks defined for the application run automatically during headless installations from the command line rather than being displayed in the Admin Console. +To install with the KOTS CLI, you provide all the necessary installation assets, such as the license file and the application config values, with the installation command rather than through the Admin Console UI. Any preflight checks defined for the application run automatically from the CLI rather than being displayed in the Admin Console. -## Prerequisite - -Create a ConfigValues YAML file to define the configuration values for the application release. You will pass the ConfigValues file with the installation command. For air-gapped environments, ensure that the ConfigValues file can be accessed from the installation environment. - -For more information, see [Generating a ConfigValues File](/vendor/releases-configvalues). +The following shows an example of the output from the kots install command: -**Example:** - - - -## Install + ``` + • Deploying Admin Console + • Creating namespace ✓ + • Waiting for datastore to be ready ✓ + • Waiting for Admin Console to be ready ✓ + • Waiting for installation to complete ✓ + • Waiting for preflight checks to complete ✓ -### Embedded Cluster + • Press Ctrl+C to exit + • Go to http://localhost:8800 to access the Admin Console -To install with Embedded Cluster in an online environment: + • Go to http://localhost:8888 to access the application + ``` -1. Follow the steps provided in the Vendor Portal to download and untar the Embedded Cluster installation assets. For more information, see [Online Installation with Embedded Cluster](/enterprise/installing-embedded). +## Prerequisite -1. Run the following command to install: +Create a ConfigValues YAML file to define the configuration values for the application release. The ConfigValues file allows you to pass the configuration values for an application from the command line with the install command, rather than through the Admin Console UI. For air-gapped environments, ensure that the ConfigValues file can be accessed from the installation environment. - ```bash - sudo ./APP_SLUG install --license-file PATH_TO_LICENSE \ - --config-values PATH_TO_CONFIGVALUES \ - --admin-console-password ADMIN_CONSOLE_PASSWORD - ``` - - Replace: - * `APP_SLUG` with the unique slug for the application. - * `LICENSE_FILE` with the customer license. - * `ADMIN_CONSOLE_PASSWORD` with a password for accessing the Admin Console. - * `PATH_TO_CONFIGVALUES` with the path to the ConfigValues file. See [Generating a ConfigValues File](/vendor/releases-configvalues). +The KOTS ConfigValues file includes the fields that are defined in the KOTS Config custom resource for an application release, along with the user-supplied and default values for each field, as shown in the example below: + -### KOTS in an Existing Cluster + + +## Online (Internet-Connected) Installation -To install with KOTS in an existing cluster: +To install with KOTS in an online existing cluster: 1. @@ -78,76 +69,7 @@ To install with KOTS in an existing cluster: - The following shows an example of the output from the kots install command: - - ``` - • Deploying Admin Console - • Creating namespace ✓ - • Waiting for datastore to be ready ✓ - • Waiting for Admin Console to be ready ✓ - • Waiting for installation to complete ✓ - • Waiting for preflight checks to complete ✓ - - • Press Ctrl+C to exit - • Go to http://localhost:8800 to access the Admin Console - - • Go to http://localhost:8888 to access the application - ``` - -### kURL - - - -To install with kURL on a VM or bare metal server: - -1. Create the kURL cluster: - - ```bash - curl -sSL https://k8s.kurl.sh/APP_NAME | sudo bash - ``` - -1. Install the application in the cluster: - - ```bash - kubectl kots install APP_NAME \ - --shared-password PASSWORD \ - --license-file PATH_TO_LICENSE \ - --config-values PATH_TO_CONFIGVALUES \ - --namespace default \ - --no-port-forward - ``` - - Replace: - - - - - -## Air Gap Install - -### Embedded Cluster - -To install with Embedded Cluster in an air-gapped environment: - -1. Follow the steps provided in the Vendor Portal to download and untar the Embedded Cluster air gap installation assets. For more information, see [Air Gap Installation with Embedded Cluster](/enterprise/installing-embedded-air-gap). - -1. Ensure that the Embedded Cluster installation assets are available on the air-gapped machine, then run the following command to install: - - ```bash - sudo ./APP_SLUG install --license-file PATH_TO_LICENSE \ - --config-values PATH_TO_CONFIGVALUES \ - --admin-console-password ADMIN_CONSOLE_PASSWORD \ - --airgap-bundle PATH_TO_AIRGAP_BUNDLE - ``` - - Replace: - * `APP_SLUG` with the unique slug for the application. - * `LICENSE_FILE` with the customer license. - * `PATH_TO_CONFIGVALUES` with the path to the ConfigValues file. See [Generating a ConfigValues File](/vendor/releases-configvalues). - * `ADMIN_CONSOLE_PASSWORD` with a password for accessing the Admin Console. - * `PATH_TO_AIRGAP_BUNDLE` with the path to the Embedded Cluster `.airgap` bundle for the release. - -### KOTS in an Existing Cluster +## Air Gap Installation {#air-gap} To install with KOTS in an air-gapped existing cluster: @@ -184,81 +106,6 @@ To install with KOTS in an air-gapped existing cluster: -### kURL - - - -To install in an air-gapped kURL cluster: - -1. Download the kURL `.tar.gz` air gap bundle: - - - -1. - -1. Create the kURL cluster: - - ``` - cat install.sh | sudo bash -s airgap - ``` - -1. Install the application: - - ```bash - kubectl kots install APP_NAME \ - --shared-password PASSWORD \ - --license-file PATH_TO_LICENSE \ - --config-values PATH_TO_CONFIGVALUES \ - --airgap-bundle PATH_TO_AIRGAP_BUNDLE \ - --namespace default \ - --no-port-forward - ``` - - Replace: - - - - - - - ## (Optional) Access the Admin Console -When you install an application in an existing cluster or when you provision a cluster with the kURL installer, you also install KOTS in the cluster. KOTS deploys the Admin Console. The Admin Console is a user interface where you can manage and upgrade your application instances. - -By default, during installation, KOTS automatically opens localhost port 8800 to provide access to the Admin Console. The `--no-port-forward` flag in the `kots install` command prevents KOTS from creating a port forward to the Admin Console. - -After you install with the `--no-port-forward` flag, you can optionally create a port forward so that you can log in to the Admin Console in a browser window. - -To access the Admin Console: - -1. If you installed in a VM where you cannot open a browser window, forward a port on your local machine to `localhost:8800` on the remote VM using the SSH client: - - ```bash - ssh -L LOCAL_PORT:localhost:8800 USERNAME@IP_ADDRESS - ``` - Replace: - * `LOCAL_PORT` with the port on your local machine to forward. For example, `9900` or `8800`. - * `USERNAME` with your username for the VM. - * `IP_ADDRESS` with the IP address for the VM. - - **Example**: - - The following example shows using the SSH client to forward port 8800 on your local machine to `localhost:8800` on the remote VM. - - ```bash - ssh -L 8800:localhost:8800 user@ip-addr - ``` - -1. Run the following KOTS CLI command to open localhost port 8800, which forwards to the Admin Console service: - - ```bash - kubectl kots admin-console --namespace NAMESPACE - ``` - Replace `NAMESPACE` with the namespace where the Admin Console was installed. - - For more information about the `kots admin-console` command, see [admin-console](/reference/kots-cli-admin-console-index) in the _KOTS CLI_ documentation. - -1. Open a browser window and go to `https://localhost:8800`. - -1. Log in to the Admin Console using the password that you created as part of the `kots install` command. \ No newline at end of file + \ No newline at end of file diff --git a/docs/enterprise/installing-existing-cluster.mdx b/docs/enterprise/installing-existing-cluster.mdx index 93a6f7780c..d6cd744407 100644 --- a/docs/enterprise/installing-existing-cluster.mdx +++ b/docs/enterprise/installing-existing-cluster.mdx @@ -4,7 +4,7 @@ import LicenseFile from "../partials/install/_license-file-prereq.mdx" import InstallCommandPrompts from "../partials/install/_kots-install-prompts.mdx" import AppNameUI from "../partials/install/_placeholder-app-name-UI.mdx" -# Online Installation in Existing Clusters +# Online Installation in Existing Clusters with KOTS diff --git a/docs/enterprise/installing-general-requirements.mdx b/docs/enterprise/installing-general-requirements.mdx index c462dd7f2d..0f1d81b85a 100644 --- a/docs/enterprise/installing-general-requirements.mdx +++ b/docs/enterprise/installing-general-requirements.mdx @@ -1,11 +1,10 @@ import DockerCompatibility from "../partials/image-registry/_docker-compatibility.mdx" import KubernetesCompatibility from "../partials/install/_kubernetes-compatibility.mdx" -import EmbeddedClusterRequirements from "../partials/embedded-cluster/_requirements.mdx" -import EmbeddedClusterPortRequirements from "../partials/embedded-cluster/_port-reqs.mdx" +import FirewallOpenings from "../partials/install/_firewall-openings.mdx" -# Installation Requirements +# KOTS Installation Requirements -This topic describes the requirements for installing applications with Replicated KOTS. It includes requirements for installing KOTS in existing clusters and in clusters created with Replicated Embedded Cluster or Replicated kURL. +This topic describes the requirements for installing in a Kubernetes cluster with Replicated KOTS. :::note This topic does not include any requirements specific to the application. Ensure that you meet any additional requirements for the application before installing. @@ -34,15 +33,11 @@ Replicated recommends using a version of KOTS that is compatible with Kubernetes -## Existing Cluster Requirements +## Minimum System Requirements -To install KOTS in an existing cluster, your environment must meet the following minimum requirements. +To install KOTS in an existing cluster, your environment must meet the following minimum requirements: -### Minimum System Requirements - -To install the Admin Console on an existing cluster, the cluster must meet the following requirements: - -* **Admin console minimum requirements**: Existing clusters that have LimitRanges specified must support the following minimum requirements for the Admin Console: +* **KOTS Admin Console minimum requirements**: Clusters that have LimitRanges specified must support the following minimum requirements for the Admin Console: * **CPU resources and memory**: The Admin Console pod requests 100m CPU resources and 100Mi memory. @@ -65,8 +60,11 @@ To install the Admin Console on an existing cluster, the cluster must meet the f * **Kubernetes version compatibility**: The version of Kubernetes running on the cluster must be compatible with the version of KOTS that you use to install the application. This compatibility requirement does not include any specific and additional requirements defined by the software vendor for the application. For more information about the versions of Kubernetes that are compatible with each version of KOTS, see [Kubernetes Version Compatibility](#kubernetes-version-compatibility) above. + * **OpenShift version compatibility**: For Red Hat OpenShift clusters, the version of OpenShift must use a supported Kubernetes version. For more information about supported Kubernetes versions, see [Kubernetes Version Compatibility](#kubernetes-version-compatibility) above. + * **Storage class**: The cluster must have an existing storage class available. For more information, see [Storage Classes](https://kubernetes.io/docs/concepts/storage/storage-classes/) in the Kubernetes documentation. + * **Port forwarding**: To support port forwarding, Kubernetes clusters require that the SOcket CAT (socat) package is installed on each node. If the package is not installed on each node in the cluster, you see the following error message when the installation script attempts to connect to the Admin Console: `unable to do port forwarding: socat not found`. @@ -75,7 +73,7 @@ To install the Admin Console on an existing cluster, the cluster must meet the f If the output of the `which socat` command is `socat not found`, then you must install the package that provides the socat command. The name of this package can vary depending on the node's operating system. -### RBAC Requirements +## RBAC Requirements The user that runs the installation command must have at least the minimum role-based access control (RBAC) permissions that are required by KOTS. If the user does not have the required RBAC permissions, then an error message displays: `Current user has insufficient privileges to install Admin Console`. @@ -83,7 +81,7 @@ The required RBAC permissions vary depending on if the user attempts to install * [Cluster-scoped RBAC Requirements (Default)](#cluster-scoped) * [Namespace-scoped RBAC Requirements](#namespace-scoped) -#### Cluster-scoped RBAC Requirements (Default) {#cluster-scoped} +### Cluster-scoped RBAC Requirements (Default) {#cluster-scoped} By default, KOTS requires cluster-scoped access. With cluster-scoped access, a Kubernetes ClusterRole and ClusterRoleBinding are created that grant KOTS access to all resources across all namespaces in the cluster. @@ -91,7 +89,7 @@ To install KOTS with cluster-scoped access, the user must meet the following RBA * The user must be able to create workloads, ClusterRoles, and ClusterRoleBindings. * The user must have cluster-admin permissions to create namespaces and assign RBAC roles across the cluster. -#### Namespace-scoped RBAC Requirements {#namespace-scoped} +### Namespace-scoped RBAC Requirements {#namespace-scoped} KOTS can be installed with namespace-scoped access rather than the default cluster-scoped access. With namespace-scoped access, a Kubernetes Role and RoleBinding are automatically created that grant KOTS permissions only in the namespace where it is installed. @@ -100,8 +98,14 @@ Depending on the application, namespace-scoped access for KOTS is required, opti ::: To install or upgrade KOTS with namespace-scoped access, the user must have _one_ of the following permission levels in the target namespace: +* Wildcard Permissions (Default) +* Minimum KOTS RBAC Permissions -* **Wildcard permissions (Default)**: By default, when namespace-scoped access is enabled, KOTS attempts to automatically create the following Role to acquire wildcard (`* * *`) permissions in the target namespace: +See the sections below for more information. + +#### Wildcard Permissions (Default) + +By default, when namespace-scoped access is enabled, KOTS attempts to automatically create the following Role to acquire wildcard (`* * *`) permissions in the target namespace: ```yaml apiVersion: "rbac.authorization.k8s.io/v1" @@ -116,7 +120,9 @@ To install or upgrade KOTS with namespace-scoped access, the user must have _one To support this default behavior, the user must also have `* * *` permissions in the target namespace. -* **Minimum KOTS RBAC permissions**: In some cases, it is not possible to grant the user `* * *` permissions in the target namespace. For example, an organization might have security policies that prevent this level of permissions. +#### Minimum KOTS RBAC Permissions + +In some cases, it is not possible to grant the user `* * *` permissions in the target namespace. For example, an organization might have security policies that prevent this level of permissions. If the user installing or upgrading KOTS cannot be granted `* * *` permissions in the namespace, then they can instead request the minimum RBAC permissions required by KOTS. Using the minimum KOTS RBAC permissions also requires manually creating a ServiceAccount, Role, and RoleBinding for KOTS, rather than allowing KOTS to automatically create a Role with `* * *` permissions. @@ -247,92 +253,19 @@ To install or upgrade KOTS with namespace-scoped access, the user must have _one * `TARGET_NAMESPACE` with the namespace where the user will install KOTS. :::note -After manually creating these RBAC resources, the user must include both the `--ensure-rbac=false` and `--skip-rbac-check` flags when installing or upgrading. These flags prevent KOTS from checking for or attempting to create a Role with `* * *` permissions in the namespace. For more information, see [Prerequisites](installing-existing-cluster#prerequisites) in _Online Installation in Existing Clusters_. +After manually creating these RBAC resources, the user must include both the `--ensure-rbac=false` and `--skip-rbac-check` flags when installing or upgrading. These flags prevent KOTS from checking for or attempting to create a Role with `* * *` permissions in the namespace. For more information, see [Prerequisites](installing-existing-cluster#prerequisites) in _Online Installation in Existing Clusters with KOTS_. ::: -## Embedded Cluster Requirements - -To install with the Embedded Cluster installer, your environment must meet the following requirements. - -### System Requirements - - - -### Port Requirements - - - -## kURL Requirements {#kurl-requirements} - -To install with kURL, your environment must meet the following requirements. - -### Minimum System Requirements - -* 4 CPUs or equivalent per machine -* 8GB of RAM per machine -* 40GB of disk space per machine -* TCP ports 2379, 2380, 6443, 6783, and 10250 open between cluster nodes -* UDP port 8472 open between cluster nodes - - :::note - If the Kubernetes installer specification uses the deprecated kURL [Weave add-on](https://kurl.sh/docs/add-ons/weave), UDP ports 6783 and 6784 must be open between cluster nodes. Reach out to your software vendor for more information. - ::: - -* Root access is required -* (Rook Only) The Rook add-on version 1.4.3 and later requires block storage on each node in the cluster. For more information about how to enable block storage for Rook, see [Block Storage](https://kurl.sh/docs/add-ons/rook/#block-storage) in _Rook Add-On_ in the kURL documentation. +## Compatible Image Registries {#registries} -### Additional System Requirements - -You must meet the additional kURL system requirements when applicable: - -- **Supported Operating Systems**: For supported operating systems, see [Supported Operating Systems](https://kurl.sh/docs/install-with-kurl/system-requirements#supported-operating-systems) in the kURL documentation. - -- **kURL Dependencies Directory**: kURL installs additional dependencies in the directory /var/lib/kurl and the directory requirements must be met. See [kURL Dependencies Directory](https://kurl.sh/docs/install-with-kurl/system-requirements#kurl-dependencies-directory) in the kURL documentation. - -- **Networking Requirements**: Networking requirements include firewall openings, host firewalls rules, and port availability. See [Networking Requirements](https://kurl.sh/docs/install-with-kurl/system-requirements#networking-requirements) in the kURL documentation. - -- **High Availability Requirements**: If you are operating a cluster with high availability, see [High Availability Requirements](https://kurl.sh/docs/install-with-kurl/system-requirements#high-availability-requirements) in the kURL documentation. - -- **Cloud Disk Performance**: For a list of cloud VM instance and disk combinations that are known to provide sufficient performance for etcd and pass the write latency preflight, see [Cloud Disk Performance](https://kurl.sh/docs/install-with-kurl/system-requirements#cloud-disk-performance) in the kURL documentation. - - -## Private Registry Requirements - -This section describes the requirements for using a private image regsitry for KOTS installations. - -### About Using a Private Registry - -A private image registry is required for air gap installations. For air gap installations in existing clusters, you must provide credentials for a compatible private registry during installation. - -For air gap installations in kURL clusters, the kURL installer automatically uses the registry add-on to meet the private registry requirement. For more information, see [Registry Add-on](https://kurl.sh/docs/add-ons/registry) in the kURL documentation. +A private image registry is required for air gap installations with KOTS in existing clusters. You provide the credentials for a compatible private registry during installation. You can also optionally configure a local private image registry for use with KOTS installations in online (internet-connected) environments. Private registry settings can be changed at any time. For more information, see [Using Private Registries](image-registry-settings). -### Compatible Registries - KOTS has been tested for compatibility with the following registries: ## Firewall Openings for Online Installations -The domains for the services listed in the table below need to be accessible from servers performing online installations. No outbound internet access is required for air gapped installations. - -For services hosted at domains owned by Replicated, the table below includes a link to the list of IP addresses for the domain at [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json) in GitHub. Note that the IP addresses listed in the `replicatedhq/ips` repository also include IP addresses for some domains that are _not_ required for installation. - -For third-party services hosted at domains not owned by Replicated, the table below lists the required domains. Consult the third-party's documentation for the IP address range for each domain, as needed. - -| Host | Embedded Cluster | Existing Clusters | kURL Clusters | Description | -|--------|------------------|-------------------|-------------------|-------------| -| Docker Hub | Not Required | Required | Required | Some dependencies of KOTS are hosted as public images in Docker Hub. The required domains for this service are `index.docker.io`, `cdn.auth0.com`, `*.docker.io`, and `*.docker.com.` | -| `replicated.app` | Required | Required | Required |

Upstream application YAML and metadata is pulled from `replicated.app`. The current running version of the application (if any), as well as a license ID and application ID to authenticate, are all sent to `replicated.app`. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.

For the range of IP addresses for `replicated.app`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L60-L65) in GitHub.

| -| `proxy.replicated.com` | Required | Required*| Required*|

Private Docker images are proxied through `proxy.replicated.com`. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.

For the range of IP addresses for `proxy.replicated.com`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L52-L57) in GitHub.

| -| `registry.replicated.com` | Required** | Required** | Required** |

Some applications host private images in the Replicated registry at this domain. The on-prem docker client uses a license ID to authenticate to `registry.replicated.com`. This domain is owned by Replicated, Inc which is headquartered in Los Angeles, CA.

For the range of IP addresses for `registry.replicated.com`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L20-L25) in GitHub.

-| `kots.io` | Not Required | Required | Not Required | Requests are made to this domain when installing the Replicated KOTS CLI. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.| -| `github.com ` | Not Required | Required | Not Required | Requests are made to this domain when installing the Replicated KOTS CLI. For information about retrieving GitHub IP addresses, see [About GitHub's IP addresses](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses) in the GitHub documentation. | -| `k8s.kurl.sh`
`s3.kurl.sh` | Not Required | Not Required | Required |

kURL installation scripts and artifacts are served from [kurl.sh](https://kurl.sh). An application identifier is sent in a URL path, and bash scripts and binary executables are served from kurl.sh. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.

For the range of IP addresses for `k8s.kurl.sh`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L34-L39) in GitHub.

The range of IP addresses for `s3.kurl.sh` are the same as IP addresses for the `kurl.sh` domain. For the range of IP address for `kurl.sh`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L28-L31) in GitHub.

| -| `amazonaws.com` | Not Required | Not Required | Required | `tar.gz` packages are downloaded from Amazon S3 during installations with kURL. For information about dynamically scraping the IP ranges to allowlist for accessing these packages, see [AWS IP address ranges](https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html#aws-ip-download) in the AWS documentation.| - -* Required only if the application uses the Replicated proxy registry. Contact your software vendor for more information. - -** Required only if the application uses the Replicated registry. Contact your software vendor for more information. + diff --git a/docs/enterprise/installing-kurl-automation.mdx b/docs/enterprise/installing-kurl-automation.mdx new file mode 100644 index 0000000000..cfba950a23 --- /dev/null +++ b/docs/enterprise/installing-kurl-automation.mdx @@ -0,0 +1,93 @@ +import ConfigValuesExample from "../partials/configValues/_configValuesExample.mdx" +import ConfigValuesProcedure from "../partials/configValues/_config-values-procedure.mdx" +import PlaceholdersGlobal from "../partials/install/_placeholders-global.mdx" +import PlaceholderAirgapBundle from "../partials/install/_placeholder-airgap-bundle.mdx" +import PlaceholderNamespaceKurl from "../partials/install/_placeholder-namespace-embedded.mdx" +import IntroKurl from "../partials/install/_automation-intro-embedded.mdx" +import DownloadkURLBundle from "../partials/install/_download-kurl-bundle.mdx" +import ExtractKurlBundle from "../partials/install/_extract-kurl-bundle.mdx" + +# Installing with kURL from the Command Line + +This topic describes how to install an application with Replicated kURL from the command line. + +## Overview + +You can use the command line to install an application with Replicated kURL. A common use case for installing from the command line is to automate installation, such as performing headless installations as part of CI/CD pipelines. + +To install from the command line, you provide all the necessary installation assets, such as the license file and the application config values, with the installation command rather than through the Admin Console UI. Any preflight checks defined for the application run automatically during headless installations from the command line rather than being displayed in the Admin Console. + +## Prerequisite + +Create a ConfigValues YAML file to define the configuration values for the application release. The ConfigValues file allows you to pass the configuration values for an application from the command line with the install command, rather than through the Admin Console UI. For air-gapped environments, ensure that the ConfigValues file can be accessed from the installation environment. + +The KOTS ConfigValues file includes the fields that are defined in the KOTS Config custom resource for an application release, along with the user-supplied and default values for each field, as shown in the example below: + + + + + +## Online (Internet-Connected) Installation + + + +To install with kURL on a VM or bare metal server: + +1. Create the kURL cluster: + + ```bash + curl -sSL https://k8s.kurl.sh/APP_NAME | sudo bash + ``` + +1. Install the application in the cluster: + + ```bash + kubectl kots install APP_NAME \ + --shared-password PASSWORD \ + --license-file PATH_TO_LICENSE \ + --config-values PATH_TO_CONFIGVALUES \ + --namespace default \ + --no-port-forward + ``` + + Replace: + + + + + +## Air Gap Installation + +To install in an air-gapped kURL cluster: + +1. Download the kURL `.tar.gz` air gap bundle: + + + +1. + +1. Create the kURL cluster: + + ``` + cat install.sh | sudo bash -s airgap + ``` + +1. Install the application: + + ```bash + kubectl kots install APP_NAME \ + --shared-password PASSWORD \ + --license-file PATH_TO_LICENSE \ + --config-values PATH_TO_CONFIGVALUES \ + --airgap-bundle PATH_TO_AIRGAP_BUNDLE \ + --namespace default \ + --no-port-forward + ``` + + Replace: + + + + + + \ No newline at end of file diff --git a/docs/enterprise/installing-kurl-requirements.mdx b/docs/enterprise/installing-kurl-requirements.mdx new file mode 100644 index 0000000000..2c75ecca41 --- /dev/null +++ b/docs/enterprise/installing-kurl-requirements.mdx @@ -0,0 +1,38 @@ +import FirewallOpenings from "../partials/install/_firewall-openings.mdx" + +# kURL Installation Requirements + +This topic lists the installation requirements for Replicated kURL. Ensure that the installation environment meets these requirements before attempting to install. + +## Minimum System Requirements + +* 4 CPUs or equivalent per machine +* 8GB of RAM per machine +* 40GB of disk space per machine +* TCP ports 2379, 2380, 6443, 6783, and 10250 open between cluster nodes +* UDP port 8472 open between cluster nodes + + :::note + If the Kubernetes installer specification uses the deprecated kURL [Weave add-on](https://kurl.sh/docs/add-ons/weave), UDP ports 6783 and 6784 must be open between cluster nodes. Reach out to your software vendor for more information. + ::: + +* Root access is required +* (Rook Only) The Rook add-on version 1.4.3 and later requires block storage on each node in the cluster. For more information about how to enable block storage for Rook, see [Block Storage](https://kurl.sh/docs/add-ons/rook/#block-storage) in _Rook Add-On_ in the kURL documentation. + +## Additional System Requirements + +You must meet the additional kURL system requirements when applicable: + +- **Supported Operating Systems**: For supported operating systems, see [Supported Operating Systems](https://kurl.sh/docs/install-with-kurl/system-requirements#supported-operating-systems) in the kURL documentation. + +- **kURL Dependencies Directory**: kURL installs additional dependencies in the directory /var/lib/kurl and the directory requirements must be met. See [kURL Dependencies Directory](https://kurl.sh/docs/install-with-kurl/system-requirements#kurl-dependencies-directory) in the kURL documentation. + +- **Networking Requirements**: Networking requirements include firewall openings, host firewalls rules, and port availability. See [Networking Requirements](https://kurl.sh/docs/install-with-kurl/system-requirements#networking-requirements) in the kURL documentation. + +- **High Availability Requirements**: If you are operating a cluster with high availability, see [High Availability Requirements](https://kurl.sh/docs/install-with-kurl/system-requirements#high-availability-requirements) in the kURL documentation. + +- **Cloud Disk Performance**: For a list of cloud VM instance and disk combinations that are known to provide sufficient performance for etcd and pass the write latency preflight, see [Cloud Disk Performance](https://kurl.sh/docs/install-with-kurl/system-requirements#cloud-disk-performance) in the kURL documentation. + +## Firewall Openings for Online Installations + + \ No newline at end of file diff --git a/docs/enterprise/installing-overview.md b/docs/enterprise/installing-overview.md index 8ac20f909a..17d5947268 100644 --- a/docs/enterprise/installing-overview.md +++ b/docs/enterprise/installing-overview.md @@ -1,59 +1,41 @@ -# About Installing an Application +# Considerations Before Installing -This topic provides an introduction to installing with Replicated KOTS, including options to consider before installing. +Before you install an application with KOTS in an existing cluster, consider the following installation options. -## Overview - -You can use Replicated KOTS to install applications into various environments, with or without existing Kubernetes clusters. The installation options include online and air gapped clusters, and support managed offerings such as EKS, GKE, AKS, and more. - -## Considerations Before Installing - -Before you install an application, consider the following installation options. - -### Installations With or Without an Existing Cluster - -With KOTS, you can install an application in one of two ways: -* **With an existing cluster**: You can install an application in an existing Kubernetes cluster that meets the system requirements. For more information, see [Existing Cluster Requirements](installing-general-requirements#existing-cluster-requirements) in _Installation Requirements_. -* **Without an existing cluster**: If you do not have an existing Kubernetes cluster, you can install in a virtual machine or a bare metal server. For more information, see [kURL Requirements](installing-general-requirements#kurl-requirements) in _Installation Requirements_. - -Most software vendors support both options and require the customer to determine their preferred method of deployment. - -### Internet-Connected or Air Gap Installations +## Online (Internet-Connected) or Air Gap Installations Most Kubernetes clusters are able to make outbound internet requests. Inbound access is never recommended or required. As such, most cluster operators are able to perform an online installation. If the target cluster does not have outbound internet access, the application can also be delivered through an air gap installation. -To install an application in an air gapped environment, the cluster must have access to an image registry. In this case, KOTS re-tags and pushes all images to the target registry. KOTS supports installations in air gapped environments on both existing clusters and on clusters created by the kURL installer. +To install an application in an air-gapped environment, the cluster must have access to an image registry. In this case, KOTS re-tags and pushes all images to the target registry. -For information about installing in air gapped environments: -* **Existing clusters**: See [Air Gap Installation in Existing Clusters](installing-existing-cluster-airgapped) -* **Embedded clusters with kURL**: See [Air Gap Installation with kURL](installing-kurl-airgap) +For information about installing with KOTS in air-gapped environments, see [Air Gap Installation in Existing Clusters with KOTS](installing-existing-cluster-airgapped). -### Existing Cluster Installations into Hardened Environments +## Hardened Environments -By default, KOTS Pods and containers are not deployed with a specific security context. For existing cluster installations into a hardened environment, you can use the `--strict-security-context` flag with the installation command so that KOTS runs with a strict security context for Pods and containers. +By default, KOTS Pods and containers are not deployed with a specific security context. For installations into a hardened environment, you can use the `--strict-security-context` flag with the installation command so that KOTS runs with a strict security context for Pods and containers. For more information about the security context enabled by the `--strict-security-context` flag, see [kots install](/reference/kots-cli-install). -### Local Image Registries +## Configuring Local Image Registries During install, KOTS can re-tag and push images to a local image registry. This is useful to enable CVE scans, image policy validation, and other pre-deployment rules. A private image registry is required for air gapped environments, and is optional for online environments. -For information about image registry requirements, see [Private Registry Requirements](installing-general-requirements#private-registry-requirements). +For information about image registry requirements, see [Compatible Image Registries](installing-general-requirements#registries). -### Automated Installation +## Automated (Headless) Installation -You can automate application installation in online, air gap, existing cluster, and embedded cluster environments using the KOTS CLI. In an automated installation, you provide all the information required to install and deploy the application with the `kots install` command, rather than providing this information in the Replicated Admin Console. +You can automate application installation in online and air-gapped environments using the KOTS CLI. In an automated installation, you provide all the information required to install and deploy the application with the `kots install` command, rather than providing this information in the Replicated Admin Console. -For more information, see [Installing from the Command Line](/enterprise/installing-existing-cluster-automation). +For more information, see [Installing with the KOTS CLI](/enterprise/installing-existing-cluster-automation). -### KOTS Installations Without Object Storage +## KOTS Installations Without Object Storage -The Replicated Admin Console requires persistent storage for state. For existing cluster installations, KOTS deploys MinIO for object storage by default. For embedded cluster installations with Replicated kURL, the object storage provider is either MinIO or Rook, depending on which add-on your software vendor included in the kURL installer specification. +The KOTS Admin Console requires persistent storage for state. KOTS deploys MinIO for object storage by default. -You can optionally install KOTS without object storage. When installed without object storage, KOTS deploys the Admin Console as a Statefulset with an attached PersistentVolume (PV) instead of as a deployment. +You can optionally install KOTS without object storage. When installed without object storage, KOTS deploys the Admin Console as a StatefulSet with an attached PersistentVolume (PV) instead of as a deployment. For more information about how to install KOTS without object storage, see [Installing Without Object Storage](/enterprise/installing-stateful-component-requirements). \ No newline at end of file diff --git a/docs/enterprise/installing-stateful-component-requirements.md b/docs/enterprise/installing-stateful-component-requirements.md index 665138c480..254737c925 100644 --- a/docs/enterprise/installing-stateful-component-requirements.md +++ b/docs/enterprise/installing-stateful-component-requirements.md @@ -11,13 +11,13 @@ The Replicated KOTS Admin Console requires persistent storage for state. By defa For more information about the Admin Console's persistent storage requirements, see [Minimum System Requirements](/enterprise/installing-general-requirements#minimum-system-requirements) in _Installation Requirements_. -For existing cluster installations, KOTS deploys MinIO for object storage by default. For embedded cluster installations with Replicated kURL, the object storage provider is either MinIO or Rook, depending on which add-on your software vendor included in the kURL installer specification. +For existing cluster installations, KOTS deploys MinIO for object storage by default. For installations with Replicated kURL, the object storage provider is either MinIO or Rook, depending on which add-on your software vendor included in the kURL installer specification. You can optionally install KOTS without object storage. When installed without object storage, KOTS deploys the Admin Console as a Statefulset with an attached PersistentVolume (PV) instead of as a deployment. In this case, support bundles and application archives are stored in the attached PV instead of in object storage. Additionally, for local snapshots storage, KOTS uses the `local-volume-provider` Velero plugin to store backups on local PVs instead of using object storage. The `local-volume-provider` plugin uses the existing Velero service account credentials to mount volumes directly to the Velero node-agent pods. For more information, see [`local-volume-provider`](https://github.com/replicatedhq/local-volume-provider) in GitHub. ## Install Without Object Storage -This section describes how to install KOTS without object storage in existing clusters or embedded kURL clusters. +This section describes how to install KOTS without object storage in existing clusters or kURL clusters. ### Existing Clusters @@ -25,8 +25,8 @@ To install KOTS without object storage in an existing cluster, you can use the ` * When `--with-minio=false` is used with the `kots install` command, KOTS does _not_ deploy MinIO. KOTS deploys the Admin Console as a Statefulset with an attached PV instead of as a deployment. For command usage, see [install](/reference/kots-cli-install/). * When `--with-minio=false` is used with the `kots admin-console upgrade` command, KOTS upgrades the existing Admin Console instance to the latest version, replaces the running deployment with a StatefulSet, and removes MinIO after a data migration. This results in temporary downtime for the Admin Console, but deployed applications are unaffected. For command usage, see [admin-console upgrade](/reference/kots-cli-admin-console-upgrade/). -### Embedded kURL Clusters +### kURL Clusters -To enable KOTS installations without object storage in embedded kURL clusters, your software vendor must remove the MinIO or Rook object storage add-on from the kURL installer spec and set the `disableS3` flag to `true` in the KOTS add-on. +To enable KOTS installations without object storage in kURL clusters, your software vendor must remove the MinIO or Rook object storage add-on from the kURL installer spec and set the `disableS3` flag to `true` in the KOTS add-on. -For more information about the behavior of the `disableS3` flag, see [KOTS Add-on](https://kurl.sh/docs/add-ons/kotsadm) in the open source kURL documentation. For information about migrating an embedded kURL cluster away from object storage, see [Removing Object Storage](https://kurl.sh/docs/install-with-kurl/removing-object-storage) in the kURL documentation. +For more information about the behavior of the `disableS3` flag, see [KOTS Add-on](https://kurl.sh/docs/add-ons/kotsadm) in the open source kURL documentation. For information about migrating a kURL cluster away from object storage, see [Removing Object Storage](https://kurl.sh/docs/install-with-kurl/removing-object-storage) in the kURL documentation. diff --git a/docs/enterprise/snapshots-understanding.mdx b/docs/enterprise/snapshots-understanding.mdx index ef0e34f45b..9fa133c5a0 100644 --- a/docs/enterprise/snapshots-understanding.mdx +++ b/docs/enterprise/snapshots-understanding.mdx @@ -85,7 +85,7 @@ You initially configure backups on a supported storage provider backend using th - Network File System (NFS) - Host Path -kURL installers that include the Velero add-on also include a locally-provisioned object store. By default, embedded kURL clusters are preconfigured in the Admin Console to store backups in the locally-provisioned object store. This object store is sufficient for only rollbacks and downgrades and is not a suitable configuration for disaster recovery. Replicated recommends that you configure a snapshots storage destination that is external to the cluster in the Admin Console for embedded kURL clusters. +kURL installers that include the Velero add-on also include a locally-provisioned object store. By default, kURL clusters are preconfigured in the Admin Console to store backups in the locally-provisioned object store. This object store is sufficient for only rollbacks and downgrades and is not a suitable configuration for disaster recovery. Replicated recommends that you configure a snapshots storage destination that is external to the cluster in the Admin Console for kURL clusters. For information about how to configure backup storage destinations for snapshots, see the [Configuring Backup Storage](/enterprise/snapshots-velero-cli-installing) section. diff --git a/docs/enterprise/status-viewing-details.md b/docs/enterprise/status-viewing-details.md index c4ef72e8d5..8185646bdc 100644 --- a/docs/enterprise/status-viewing-details.md +++ b/docs/enterprise/status-viewing-details.md @@ -2,7 +2,7 @@ import StatusesTable from "../partials/status-informers/_statusesTable.mdx" import AggregateStatus from "../partials/status-informers/_aggregateStatus.mdx" import AggregateStatusIntro from "../partials/status-informers/_aggregate-status-intro.mdx" -# Viewing Status Details +# Understanding Application Status Details in the Admin Console This topic describes how to view the status of an application on the Replicated KOTS Admin Console dashboard. It also describes how Replicated KOTS collects and aggregates the application status. ## View Status Details diff --git a/docs/enterprise/troubleshooting-an-app.mdx b/docs/enterprise/troubleshooting-an-app.mdx index 1b7057f737..94cab5c846 100644 --- a/docs/enterprise/troubleshooting-an-app.mdx +++ b/docs/enterprise/troubleshooting-an-app.mdx @@ -1,30 +1,9 @@ -import InstallPlugin from "../partials/support-bundles/_install-plugin.mdx" -import GenerateBundle from "../partials/support-bundles/_generate-bundle.mdx" import GenerateBundleAdminConsole from "../partials/support-bundles/_generate-bundle-admin-console.mdx" +# Generating Support Bundles from the Admin Console -# Generating Support Bundles for KOTS Installations - -This topic describes how to generate support bundles for applications installed with Replicated KOTS. +This topic describes how to generate support bundles from the KOTS Admin Console. ## Generate a Bundle from the Admin Console - - -## Generate a Bundle Using the CLI - -You can generate a support bundle using the support-bundle CLI instead of the Admin Console. For example, you might need to generate a bundle from the CLI if the Admin Console is not available. Or perhaps you need to use a more recent version of the support-bundle plugin than what is embedded in the Admin Console. - -### Prerequisite: Install the Plugin {#plugin} - - - -### Generate a Bundle - - - -## Related Topics - -* [Generating Host Bundles for Embedded Cluster](/vendor/support-bundle-embedded) -* [Generating Host Bundles for kURL](/vendor/support-host-support-bundles) -* [Generating Support Bundles](/vendor/support-bundle-generating) \ No newline at end of file + \ No newline at end of file diff --git a/docs/enterprise/updating-licenses.md b/docs/enterprise/updating-licenses.md index 06557cdc96..48380c7c66 100644 --- a/docs/enterprise/updating-licenses.md +++ b/docs/enterprise/updating-licenses.md @@ -1,4 +1,4 @@ -# Updating Licenses +# Updating Licenses in the Admin Console This topic describes how to update a license from the KOTS Admin Console. diff --git a/docs/enterprise/updating-tls-cert.md b/docs/enterprise/updating-tls-cert.md index 3dfd9f8b2d..be5c797a38 100644 --- a/docs/enterprise/updating-tls-cert.md +++ b/docs/enterprise/updating-tls-cert.md @@ -1,10 +1,10 @@ -# Updating TLS Certificates in Embedded kURL Clusters +# Updating TLS Certificates in kURL Clusters -This topic describes how to upload custom TLS certificates for embedded clusters created with Replicated kURL. +This topic describes how to upload custom TLS certificates for Replicated kURL clusters. ## Overview -For embedded clusters created with kURL, the default Replicated KOTS self-signed certificate automatically renews 30 days before the expiration date. +For kURL clusters, the default Replicated KOTS self-signed certificate automatically renews 30 days before the expiration date. If you have uploaded a custom TLS certificate instead, then no renewal is attempted, even if the certificate is expired. In this case, you must manually upload a new custom certificate. @@ -12,7 +12,7 @@ For information about TLS renewal for registry and Kubernetes control plane with ## Update Custom TLS Certificates -If you are using a custom TLS certificate in an embedded kURL cluster, you manually upload a new certificate when the previous one expires. +If you are using a custom TLS certificate in a kURL cluster, you manually upload a new certificate when the previous one expires. :::important Adding the `acceptAnonymousUploads` annotation temporarily creates a vulnerability for an attacker to maliciously upload TLS certificates. After TLS certificates have been uploaded, the vulnerability is closed again. diff --git a/docs/intro-kots.md b/docs/intro-kots.md index 7610087b03..c34267c9dd 100644 --- a/docs/intro-kots.md +++ b/docs/intro-kots.md @@ -14,7 +14,7 @@ The Replicated KOTS entitlement is required to install applications with KOTS. F KOTS communicates securely with the Replicated vendor platform to synchronize customer licenses, check for available application updates, send instance data, share customer-generated support bundles, and more. -Installing an application with KOTS provides access to feautures such as: +Installing an application with KOTS provides access to features such as: * Support for air gap installations * Support for installations on VMs or bare metal servers @@ -70,4 +70,4 @@ The kots command-line interface (CLI) is a kubectl plugin. Customers can run com For information about getting started with the KOTS CLI, see [Installing the KOTS CLI](/reference/kots-cli-getting-started). -The KOTS CLI can also be used to install an application without needing to access the Admin Console. This can be useful for automating installations and upgrades, such as in CI/CD pipelines. For information about how to perform headless installations from the command line, see [Installing from the Command Line](/enterprise/installing-existing-cluster-automation). \ No newline at end of file +The KOTS CLI can also be used to install an application without needing to access the Admin Console. This can be useful for automating installations and upgrades, such as in CI/CD pipelines. For information about how to perform headless installations from the command line, see [Installing with the KOTS CLI](/enterprise/installing-existing-cluster-automation). \ No newline at end of file diff --git a/docs/intro.md b/docs/intro.md index ae6c567580..aaf6fd65be 100644 --- a/docs/intro.md +++ b/docs/intro.md @@ -110,13 +110,7 @@ pagination_next: null

Distribute Helm charts with Replicated.

  • - About Packaging Applications with Helm -
    • -
  • - Installing with Helm -
    • -
  • - About Distributing Helm Charts with KOTS + Helm Installations with Replicated
  • Packaging a Helm Chart for a Release diff --git a/docs/partials/configValues/_config-values-procedure.mdx b/docs/partials/configValues/_config-values-procedure.mdx new file mode 100644 index 0000000000..339a5ba4da --- /dev/null +++ b/docs/partials/configValues/_config-values-procedure.mdx @@ -0,0 +1,24 @@ +During installation, KOTS automatically generates a ConfigValues file and saves the file in a directory called `upstream`. After installation, you can view the generated ConfigValues file in the Admin Console **View files** tab or from the command line by running the `kubectl kots get config` command. + +To get the ConfigValues file from an installed application instance: + +1. Install the target release in a development environment. You can either install the release with Replicated Embedded Cluster or install in an existing cluster with KOTS. For more information, see [Online Installation with Embedded Cluster](/enterprise/installing-embedded) or [Online Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster). + +1. Depending on the installer that you used, do one of the following to get the ConfigValues for the installed instance: + + * **For Embedded Cluster installations**: In the Admin Console, go to the **View files** tab. In the filetree, go to **upstream > userdata** and open **config.yaml**, as shown in the image below: + + ![ConfigValues file in the Admin Console View Files tab](/images/admin-console-view-files-configvalues.png) + + [View a larger version of this image](/images/admin-console-view-files-configvalues.png) + + * **For KOTS installations in an existing cluster**: Run the `kubectl kots get config` command to view the generated ConfigValues file: + + ```bash + kubectl kots get config --namespace APP_NAMESPACE --decrypt + ``` + Where: + * `APP_NAMESPACE` is the cluster namespace where KOTS is running. + * The `--decrypt` flag decrypts all configuration fields with `type: password`. In the downloaded ConfigValues file, the decrypted value is stored in a `valuePlaintext` field. + + The output of the `kots get config` command shows the contents of the ConfigValues file. For more information about the `kots get config` command, including additional flags, see [kots get config](/reference/kots-cli-get-config). \ No newline at end of file diff --git a/docs/partials/getting-started/_related-topics.mdx b/docs/partials/getting-started/_related-topics.mdx index fbd0aafb85..3149abdd75 100644 --- a/docs/partials/getting-started/_related-topics.mdx +++ b/docs/partials/getting-started/_related-topics.mdx @@ -2,5 +2,5 @@ For more information about the subjects in the getting started tutorials, see th * [Installing the Replicated CLI](/reference/replicated-cli-installing) * [Linter Rules](/reference/linter) -* [About Installing an Application](/enterprise/installing-overview) +* [Online Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster) * [Performing Updates in Existing Clusters](/enterprise/updating-app-manager) diff --git a/docs/partials/install/_access-admin-console.mdx b/docs/partials/install/_access-admin-console.mdx new file mode 100644 index 0000000000..f87a2f77f8 --- /dev/null +++ b/docs/partials/install/_access-admin-console.mdx @@ -0,0 +1,36 @@ +By default, during installation, KOTS automatically opens localhost port 8800 to provide access to the Admin Console. Using the `--no-port-forward` flag with the `kots install` command prevents KOTS from creating a port forward to the Admin Console. + +After you install with the `--no-port-forward` flag, you can optionally create a port forward so that you can log in to the Admin Console in a browser window. + +To access the Admin Console: + +1. If you installed in a VM where you cannot open a browser window, forward a port on your local machine to `localhost:8800` on the remote VM using the SSH client: + + ```bash + ssh -L LOCAL_PORT:localhost:8800 USERNAME@IP_ADDRESS + ``` + Replace: + * `LOCAL_PORT` with the port on your local machine to forward. For example, `9900` or `8800`. + * `USERNAME` with your username for the VM. + * `IP_ADDRESS` with the IP address for the VM. + + **Example**: + + The following example shows using the SSH client to forward port 8800 on your local machine to `localhost:8800` on the remote VM. + + ```bash + ssh -L 8800:localhost:8800 user@ip-addr + ``` + +1. Run the following KOTS CLI command to open localhost port 8800, which forwards to the Admin Console service: + + ```bash + kubectl kots admin-console --namespace NAMESPACE + ``` + Replace `NAMESPACE` with the namespace where the Admin Console was installed. + + For more information about the `kots admin-console` command, see [admin-console](/reference/kots-cli-admin-console-index) in the _KOTS CLI_ documentation. + +1. Open a browser window and go to `https://localhost:8800`. + +1. Log in to the Admin Console using the password that you created as part of the `kots install` command. \ No newline at end of file diff --git a/docs/partials/install/_config-values-procedure.mdx b/docs/partials/install/_config-values-procedure.mdx new file mode 100644 index 0000000000..d9ba7a2026 --- /dev/null +++ b/docs/partials/install/_config-values-procedure.mdx @@ -0,0 +1,22 @@ +To get the ConfigValues file from an installed application instance: + +1. Install the target release in a development environment. You can either install the release with Replicated Embedded Cluster or install in an existing cluster with KOTS. For more information, see [Online Installation with Embedded Cluster](/enterprise/installing-embedded) or [Online Installation in Existing Clusters](/enterprise/installing-existing-cluster). + +1. Depending on the installer that you used, do one of the following to get the ConfigValues for the installed instance: + + * **For Embedded Cluster installations**: In the Admin Console, go to the **View files** tab. In the filetree, go to **upstream > userdata** and open **config.yaml**, as shown in the image below: + + ![ConfigValues file in the Admin Console View Files tab](/images/admin-console-view-files-configvalues.png) + + [View a larger version of this image](/images/admin-console-view-files-configvalues.png) + + * **For KOTS installations in an existing cluster**: Run the `kubectl kots get config` command to view the generated ConfigValues file: + + ```bash + kubectl kots get config --namespace APP_NAMESPACE --decrypt + ``` + Where: + * `APP_NAMESPACE` is the cluster namespace where KOTS is running. + * The `--decrypt` flag decrypts all configuration fields with `type: password`. In the downloaded ConfigValues file, the decrypted value is stored in a `valuePlaintext` field. + + The output of the `kots get config` command shows the contents of the ConfigValues file. For more information about the `kots get config` command, including additional flags, see [kots get config](/reference/kots-cli-get-config). \ No newline at end of file diff --git a/docs/partials/install/_ec-prereqs.mdx b/docs/partials/install/_ec-prereqs.mdx index c590836885..8fd58e9bda 100644 --- a/docs/partials/install/_ec-prereqs.mdx +++ b/docs/partials/install/_ec-prereqs.mdx @@ -1,4 +1,4 @@ -* Ensure that your installation environment meets the Embedded Cluster requirements. See [Embedded Cluster Requirements](/enterprise/installing-general-requirements#embedded-cluster-requirements) in _Installation Requirements_. +* Ensure that your installation environment meets the Embedded Cluster requirements. See [Embedded Cluster Requirements](/enterprise/installing-embedded-requirements). * The application release that you want to install must include an [Embedded Cluster Config](/reference/embedded-config). diff --git a/docs/partials/install/_firewall-openings.mdx b/docs/partials/install/_firewall-openings.mdx new file mode 100644 index 0000000000..dfa0dda490 --- /dev/null +++ b/docs/partials/install/_firewall-openings.mdx @@ -0,0 +1,20 @@ +The domains for the services listed in the table below need to be accessible from servers performing online installations. No outbound internet access is required for air gap installations. + +For services hosted at domains owned by Replicated, the table below includes a link to the list of IP addresses for the domain at [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json) in GitHub. Note that the IP addresses listed in the `replicatedhq/ips` repository also include IP addresses for some domains that are _not_ required for installation. + +For third-party services hosted at domains not owned by Replicated, the table below lists the required domains. Consult the third-party's documentation for the IP address range for each domain, as needed. + +| Host | Embedded Cluster | KOTS Existing Cluster | kURL Clusters | Description | +|--------|------------------|-------------------|-------------------|-------------| +| Docker Hub | Not Required | Required | Required | Some dependencies of KOTS are hosted as public images in Docker Hub. The required domains for this service are `index.docker.io`, `cdn.auth0.com`, `*.docker.io`, and `*.docker.com.` | +| `replicated.app` | Required | Required | Required |

    Upstream application YAML and metadata is pulled from `replicated.app`. The current running version of the application (if any), as well as a license ID and application ID to authenticate, are all sent to `replicated.app`. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.

    For the range of IP addresses for `replicated.app`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L60-L65) in GitHub.

    | +| `proxy.replicated.com` | Required | Required*| Required*|

    Private Docker images are proxied through `proxy.replicated.com`. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.

    For the range of IP addresses for `proxy.replicated.com`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L52-L57) in GitHub.

    | +| `registry.replicated.com` | Required** | Required** | Required** |

    Some applications host private images in the Replicated registry at this domain. The on-prem docker client uses a license ID to authenticate to `registry.replicated.com`. This domain is owned by Replicated, Inc which is headquartered in Los Angeles, CA.

    For the range of IP addresses for `registry.replicated.com`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L20-L25) in GitHub.

    +| `kots.io` | Not Required | Required | Not Required | Requests are made to this domain when installing the Replicated KOTS CLI. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.| +| `github.com ` | Not Required | Required | Not Required | Requests are made to this domain when installing the Replicated KOTS CLI. For information about retrieving GitHub IP addresses, see [About GitHub's IP addresses](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses) in the GitHub documentation. | +| `k8s.kurl.sh`
    `s3.kurl.sh` | Not Required | Not Required | Required |

    kURL installation scripts and artifacts are served from [kurl.sh](https://kurl.sh). An application identifier is sent in a URL path, and bash scripts and binary executables are served from kurl.sh. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.

    For the range of IP addresses for `k8s.kurl.sh`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L34-L39) in GitHub.

    The range of IP addresses for `s3.kurl.sh` are the same as IP addresses for the `kurl.sh` domain. For the range of IP address for `kurl.sh`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L28-L31) in GitHub.

    | +| `amazonaws.com` | Not Required | Not Required | Required | `tar.gz` packages are downloaded from Amazon S3 during installations with kURL. For information about dynamically scraping the IP ranges to allowlist for accessing these packages, see [AWS IP address ranges](https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html#aws-ip-download) in the AWS documentation.| + +* Required only if the application uses the Replicated proxy registry. Contact your software vendor for more information. + +** Required only if the application uses the Replicated registry. Contact your software vendor for more information. \ No newline at end of file diff --git a/docs/partials/install/_placeholders-global.mdx b/docs/partials/install/_placeholders-global.mdx index 8f69fd029c..158dd4ac49 100644 --- a/docs/partials/install/_placeholders-global.mdx +++ b/docs/partials/install/_placeholders-global.mdx @@ -4,4 +4,4 @@ * `PATH_TO_LICENSE` with the path to your license file. See [Downloading Customer Licenses](/vendor/licenses-download). For information about how to download licenses with the Vendor API v3, see [Download a customer license file as YAML](https://replicated-vendor-api.readme.io/reference/downloadlicense) in the Vendor API v3 documentation. -* `PATH_TO_CONFIGVALUES` with the path to the ConfigValues file. See [Generating a ConfigValues File](/vendor/releases-configvalues). \ No newline at end of file +* `PATH_TO_CONFIGVALUES` with the path to the ConfigValues file. \ No newline at end of file diff --git a/docs/partials/install/_prereqs-embedded-cluster.mdx b/docs/partials/install/_prereqs-embedded-cluster.mdx index 6c3cced39b..b3936f67e5 100644 --- a/docs/partials/install/_prereqs-embedded-cluster.mdx +++ b/docs/partials/install/_prereqs-embedded-cluster.mdx @@ -1,3 +1,3 @@ -* Ensure that your environment meets the minimum system requirements. See [Minimum System Requirements](/enterprise/installing-general-requirements#minimum-system-requirements-1) in _Installation Requirements_. +* Ensure that your environment meets the minimum system requirements. See [kURL Installation Requirements](/enterprise/installing-kurl-requirements). * Review the advanced installation options available for the kURL installer. See [Advanced Options](https://kurl.sh/docs/install-with-kurl/advanced-options) in the kURL documentation. \ No newline at end of file diff --git a/docs/partials/kots-cli/_kotsadm-namespace.mdx b/docs/partials/kots-cli/_kotsadm-namespace.mdx index d4a9dcc0c5..f6718c9fb2 100644 --- a/docs/partials/kots-cli/_kotsadm-namespace.mdx +++ b/docs/partials/kots-cli/_kotsadm-namespace.mdx @@ -1,5 +1,5 @@ --kotsadm-namespace string -

    Set to override the registry namespace of KOTS Admin Console images. Used for air gap installations. For more information, see [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped).

    Note: Replicated recommends that you use --kotsadm-registry instead of --kotsadm-namespace to override both the registry hostname and, optionally, the registry namespace with a single flag.

    +

    Set to override the registry namespace of KOTS Admin Console images. Used for air gap installations. For more information, see [Air Gap Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster-airgapped).

    Note: Replicated recommends that you use --kotsadm-registry instead of --kotsadm-namespace to override both the registry hostname and, optionally, the registry namespace with a single flag.

    \ No newline at end of file diff --git a/docs/partials/kots-cli/_kotsadm-registry.mdx b/docs/partials/kots-cli/_kotsadm-registry.mdx index 18e0d2805f..7ed62094ce 100644 --- a/docs/partials/kots-cli/_kotsadm-registry.mdx +++ b/docs/partials/kots-cli/_kotsadm-registry.mdx @@ -1,5 +1,5 @@ --kotsadm-registry string - Set to override the registry hostname and namespace of KOTS Admin Console images. Used for air gap installations. For more information, see [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped). + Set to override the registry hostname and namespace of KOTS Admin Console images. Used for air gap installations. For more information, see [Air Gap Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster-airgapped). \ No newline at end of file diff --git a/docs/reference/embedded-cluster-install.mdx b/docs/reference/embedded-cluster-install.mdx index f1cb7702c7..09b04bee93 100644 --- a/docs/reference/embedded-cluster-install.mdx +++ b/docs/reference/embedded-cluster-install.mdx @@ -48,7 +48,7 @@ sudo ./APP_SLUG install --license LICENSE_FILE [flags] `--config-values` -

    Path to the ConfigValues file for the application. The ConfigValues file can be used to pass the application configuration values from the command line during installation, such as when performing automated installations as part of CI/CD pipelines. For more information about generating the ConfigValues file for a release, see [Generating a ConfigValues File](/vendor/releases-configvalues).

    +

    Path to the ConfigValues file for the application. The ConfigValues file can be used to pass the application configuration values from the command line during installation, such as when performing automated installations as part of CI/CD pipelines. For more information, see [Installing with Embedded Cluster from the Command Line](/enterprise/installing-embedded-automation).

    Requirement: Embedded Cluster 1.18.0 and later.

    diff --git a/docs/reference/kots-cli-install.mdx b/docs/reference/kots-cli-install.mdx index 0ccec55b6b..a5674ce807 100644 --- a/docs/reference/kots-cli-install.mdx +++ b/docs/reference/kots-cli-install.mdx @@ -42,12 +42,12 @@ This command supports all [global flags](kots-cli-global-flags) and also: --airgap bool - Set to true to run install in air gapped mode. Setting --airgap-bundle implies --airgap=true. Default: false. For more information, see Air Gap Installation in Existing Clusters. + Set to true to run install in air gapped mode. Setting --airgap-bundle implies --airgap=true. Default: false. For more information, see Air Gap Installation in Existing Clusters with KOTS. --airgap-bundle string - Path to the application air gap bundle where application metadata will be loaded from. Setting --airgap-bundle implies --airgap=true. For more information, see Air Gap Installation in Existing Clusters. + Path to the application air gap bundle where application metadata will be loaded from. Setting --airgap-bundle implies --airgap=true. For more information, see Air Gap Installation in Existing Clusters with KOTS. --app-version-label @@ -57,7 +57,7 @@ This command supports all [global flags](kots-cli-global-flags) and also: --config-values string - Path to a manifest file containing configuration values. This manifest must be apiVersion: kots.io/v1beta1 and kind: ConfigValues. For more information, see Installing from the Command Line. + Path to a manifest file containing configuration values. This manifest must be apiVersion: kots.io/v1beta1 and kind: ConfigValues. For more information, see Installing with the KOTS CLI. --copy-proxy-env diff --git a/docs/vendor/admin-console-port-forward.mdx b/docs/vendor/admin-console-port-forward.mdx index 92894323dc..2245c9ae82 100644 --- a/docs/vendor/admin-console-port-forward.mdx +++ b/docs/vendor/admin-console-port-forward.mdx @@ -189,7 +189,7 @@ To test this example: -1. Install the release to confirm that the service was port-forwarded successfully. To test the port forward, click **Open App** on the Admin Console dashboard after the application reaches a Ready state. For more information, see [Online Installation in Existing Clusters](/enterprise/installing-existing-cluster). +1. Install the release to confirm that the service was port-forwarded successfully. To test the port forward, click **Open App** on the Admin Console dashboard after the application reaches a Ready state. For more information, see [Online Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster). ### Example: NGINX Application with ClusterIP and NodePort Services @@ -204,7 +204,7 @@ To test this example:
    Description
    -

    The YAML below contains ClusterIP and NodePort specifications for a service named nginx. Each specification uses the kots.io/when annotation with the Replicated IsKurl template function to conditionally include the service based on the installation type (existing cluster or embedded kURL cluster). For more information, see Conditionally Including or Excluding Resources and IsKurl.

    +

    The YAML below contains ClusterIP and NodePort specifications for a service named nginx. Each specification uses the kots.io/when annotation with the Replicated IsKurl template function to conditionally include the service based on the installation type (existing cluster or kURL cluster). For more information, see Conditionally Including or Excluding Resources and IsKurl.

    As shown below, both the ClusterIP and NodePort nginx services are exposed on port 80.

    YAML
    @@ -229,7 +229,7 @@ To test this example:     -1. Install the release into an existing cluster and confirm that the service was port-forwarded successfully by clicking **Open App** on the Admin Console dashboard. For more information, see [Online Installation in Existing Clusters](/enterprise/installing-existing-cluster). +1. Install the release into an existing cluster and confirm that the service was port-forwarded successfully by clicking **Open App** on the Admin Console dashboard. For more information, see [Online Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster). 1. If there is not already a kURL installer promoted to the channel, add a kURL installer to the release to support kURL installs. For more information, see [Creating a kURL Installer](/vendor/packaging-embedded-kubernetes). diff --git a/docs/vendor/ci-workflows.mdx b/docs/vendor/ci-workflows.mdx index 3feb94121e..7ffc249c85 100644 --- a/docs/vendor/ci-workflows.mdx +++ b/docs/vendor/ci-workflows.mdx @@ -275,7 +275,9 @@ Add a job with the following steps to provision clusters with Compatibility Matr 1. For each cluster created, use the cluster's kubeconfig to update Kubernetes context and then install the target application in the cluster. For more information about accessing the kubeconfig for clusters created with Compatibility Matrix, see [cluster kubeconfig](/reference/replicated-cli-cluster-kubeconfig). - For more information about installing with the Helm CLI or Replicated KOTS, see [Installing with Helm](/vendor/install-with-helm) or [About Installing an Application](/enterprise/installing-overview). + For more information about installing in an existing cluster, see: + * [Installing with Helm](/vendor/install-with-helm) + * [Online Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster) 1. Run tests, such as integration, smoke, and canary tests. For more information about recommended types of tests to run, see [Best Practices and Recommendations](/vendor/ci-overview#best-practices-and-recommendations) in _About Integrating with CI/CD_. diff --git a/docs/vendor/distributing-overview.mdx b/docs/vendor/distributing-overview.mdx deleted file mode 100644 index 0e44d267a3..0000000000 --- a/docs/vendor/distributing-overview.mdx +++ /dev/null @@ -1,98 +0,0 @@ ---- -pagination_prev: null ---- - -import Replicated from "../partials/getting-started/_replicated-definition.mdx" -import Helm from "../partials/helm/_helm-definition.mdx" -import Kots from "../partials/kots/_kots-definition.mdx" -import KotsEntitlement from "../partials/kots/_kots-entitlement-note.mdx" -import SDKOverview from "../partials/replicated-sdk/_overview.mdx" - -# About Distributing Applications - -This topic provides an overview of distributing applications with the Replicated Platform. It includes information about the Replicated Platform features used to distribute applications, as well as the options for packaging applications. - -## About Distributing with Replicated - - - -_Distributing_ software with the Replicated Platform refers to using Replicated features to enhance and support each phase of the commercial software distribution life cycle: -* Develop -* Test -* Release -* License -* Install -* Report -* Support - -For more information about how Replicated defines the commercial software distribution life cycle, see [Introduction to Replicated](../intro-replicated). - -The following diagram demonstrates the process of distributing an application with the Replicated Platform and then installing the application in an enterprise customer environment: - -![replicated platform features workflow](/images/replicated-platform.png) - -[View a larger version of this image](/images/replicated-platform.png) - -As shown in the diagram above: -* The Replicated SDK can be distributed alongside an application to get access to an in-cluster API to more easily integrate key features. -* Replicated Compatibility Matrix can be used to quickly generate Kubernetes clusters for running application tests as part of continuous integration and continuous delivery (CI/CD) workflows. -* After testing, application releases can be promoted to a channel in the Replicated Vendor Portal to be shared with customers or internal teams. -* Customers can be assigned to channels in order to control which application releases they are able to access and install. -* Customers' unique licenses grant proxy access to private application images through the Replicated proxy registry. -* Before installation, customers can run preflight checks to verify that their environment meets installation requirements. -* Customers can install using any method, including the Helm CLI, Replicated KOTS, or any proprietary installation method already used by the ISV. -* Instance data is automatically sent to the Vendor Portal by the Replicated SDK. If the application was installed using KOTS, then KOTS also sends instance data. -* If any issues occur during installation or at runtime, customers can generate and send a support bundle. Support bundles can be uploaded in the Vendor Portal for analysis. - -For more information about the Replicated features depicted in this diagram, see: -* [About the Replicated SDK](replicated-sdk-overview) -* [About Compatibility Matrix](testing-about) -* [About Channels and Releases](releases-about) -* [About Customers](licenses-about) -* [About Installing an Application](/enterprise/installing-overview) in the KOTS documentation -* [Installing with Helm](install-with-helm) -* [About Preflight Checks and Support Bundles](preflight-support-bundle-about) -* [About Instance and Event Data](instance-insights-event-data) - -## About Packaging Applications - -This section describes the options for packaging an application that is distributed with the Replicated platform. -### Packaging with Helm (Recommended) - - - -Replicated strongly recommends that all applications are packaged using Helm because many enterprise users expect to be able to install an application with the Helm CLI. - -Helm-based applications distributed with Replicated can be installed with the Helm CLI or with the Replicated KOTS installer. - -#### Helm CLI Installations - -Helm-based applications distributed with the Replicated platform can be installed with the Helm CLI. This allows you to continue to support Helm CLI installations for your customers, while also having access to Replicated features such as tools for licensing, releasing, and supporting applications. - -For more information about installing applications distributed with Replicated using the Helm CLI, see [Installing with Helm](install-with-helm). - -#### KOTS Installations - - - -Deploying Helm-based applications with KOTS provides additional functionality not directly available with the Helm CLI, such as the KOTS Admin Console and support for air gap installations. Additionally, when you package your application using Helm, you can support Helm CLI and KOTS installations from the same release without having to maintain separate sets of Helm charts and application manifests. - -For more information about how to distribute and install Helm charts with KOTS, see [About Distributing Helm Charts with KOTS](/vendor/helm-native-about). - - - -### Packaging with Kubernetes - -For ISVs that do not want to use Helm, applications distributed with Replicated can be packaged as standard Kubernetes manifest files. Applications packaged as Kubernetes manifests can be installed using Replicated KOTS or any proprietary installer already used by the ISV. - - - -For more information about how to distribute and install Kubernetes manifest-based applications with KOTS, see the [KOTS documentation](../intro-kots). - - - -## About Distributing the Replicated SDK with an Application {#sdk} - - - -For information about the Replicated SDK API endpoints, see [Replicated SDK API](/reference/replicated-sdk-apis). For information about developing against the SDK API locally, see [Developing Against the SDK API](replicated-sdk-development). \ No newline at end of file diff --git a/docs/vendor/embedded-kubernetes-overview.mdx b/docs/vendor/embedded-kubernetes-overview.mdx deleted file mode 100644 index 0b70357ad5..0000000000 --- a/docs/vendor/embedded-kubernetes-overview.mdx +++ /dev/null @@ -1,35 +0,0 @@ -import KurlDefinition from "../partials/kurl/_kurl-definition.mdx" -import EmbeddedCluster from "../partials/embedded-cluster/_definition.mdx" -import KurlComparison from "../partials/embedded-cluster/_kurl-comparison.mdx" -import EmbeddedKubernetes from "../partials/kots/_embedded-kubernetes-definition.mdx" -import KurlAvailability from "../partials/kurl/_kurl-availability.mdx" - -# About Embedded Kubernetes - -This topic describes Replicated's embedded Kubernetes solutions, which allow software vendors to deliver Kubernetes alongside their application for the purpose of supporting installations on virtual machines (VMs) or bare metal servers. - -## Overview - - - -Providing an embedded Kubernetes option for installation is also beneficial to enterprise users because it allows users to install the application without needing to also manage and interact directly with Kubernetes. This is especially important for users that lack experience with Kubernetes, or for users that can more easily provision virtual or physical harware in their environment compared to managing Kubernetes. - -## Embedded Kubernetes with Replicated - -This section describes Replicated's embedded Kubernetes solutions: Replicated Embedded Cluster and Replicated kURL. - -### Embedded Cluster - - - - - -For more information about configuring and installing with Embedded Cluster, see [Using Embedded Cluster](/vendor/embedded-overview). - -### kURL - - - - - -For more information about how to get started with kURL, see [Introduction to kURL](kurl-about). \ No newline at end of file diff --git a/docs/vendor/helm-native-about.mdx b/docs/vendor/helm-native-about.mdx index e46a14e9cd..0f467ad734 100644 --- a/docs/vendor/helm-native-about.mdx +++ b/docs/vendor/helm-native-about.mdx @@ -202,7 +202,7 @@ To deploy Helm charts with version `kots.io/v1beta1` of the HelmChart custom res kind: Kustomization ``` - End users can edit the downstream Kustomization files to make changes before deploying the application. Any instructions that users add to the Kustomization files in the downstream directory take priority over midstream and base Kustomization files. For more information about how users can make changes before deploying, see [Patching with Kustomize](/enterprise/updating-patching-with-kustomize) in _Enterprise User Documentation_. + End users can edit the downstream Kustomization files to make changes before deploying the application. Any instructions that users add to the Kustomization files in the downstream directory take priority over midstream and base Kustomization files. For more information about how users can make changes before deploying, see [Patching with Kustomize](/enterprise/updating-patching-with-kustomize). 1. **Deploys the Helm chart**: KOTS runs `kustomize build` for any Kustomization files in the `overlays/downstream/charts` directory. KOTS then packages the resulting manifests into a new chart for Helm to consume. diff --git a/docs/vendor/helm-optional-charts.md b/docs/vendor/helm-optional-charts.md index a477f5a78b..d987bdf580 100644 --- a/docs/vendor/helm-optional-charts.md +++ b/docs/vendor/helm-optional-charts.md @@ -142,4 +142,4 @@ Finally, edit the HelmChart custom resource: database: mydatabase ``` -1. Save and promote the release. Then, install the release in a development environment to test the embedded and external Postgres options. For more information, see [Installing in an Existing Cluster](/enterprise/installing-existing-cluster). +1. Save and promote the release. Then, install the release in a development environment to test the embedded and external Postgres options. For more information, see [Online Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster). diff --git a/docs/vendor/helm-packaging-airgap-bundles.mdx b/docs/vendor/helm-packaging-airgap-bundles.mdx index 778d456169..2fbf10d1bc 100644 --- a/docs/vendor/helm-packaging-airgap-bundles.mdx +++ b/docs/vendor/helm-packaging-airgap-bundles.mdx @@ -72,4 +72,5 @@ Many applications have images that are included or excluded based on a given con ## Related Topics * [builder](/reference/custom-resource-helmchart-v2#builder) -* [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped) \ No newline at end of file +* [Air Gap Installation with Embedded Cluster](/enterprise/installing-embedded-air-gap) +* [Air Gap Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster-airgapped) \ No newline at end of file diff --git a/docs/vendor/kots-faq.mdx b/docs/vendor/kots-faq.mdx index d5a78da264..f370d7148e 100644 --- a/docs/vendor/kots-faq.mdx +++ b/docs/vendor/kots-faq.mdx @@ -124,7 +124,7 @@ Yes. The Embedded Cluster and KOTS installers support installation in _air gap_ To support air gap installations, vendors can build air gap bundles for their application in the Vendor Portal that contain all the required assets for a specific release of the application. Additionally, Replicated provides bundles that contain the assets for the Replicated installers. -For more information about how to install with Embedded Cluster and KOTS in air gap environments, see [Air Gap Installation with Embedded Cluster](/enterprise/installing-embedded-air-gap) and [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped). +For more information about how to install with Embedded Cluster and KOTS in air gap environments, see [Air Gap Installation with Embedded Cluster](/enterprise/installing-embedded-air-gap) and [Air Gap Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster-airgapped). ### Can I deploy Helm charts with KOTS? diff --git a/docs/vendor/kurl-reset.mdx b/docs/vendor/kurl-reset.mdx new file mode 100644 index 0000000000..8add84fd9f --- /dev/null +++ b/docs/vendor/kurl-reset.mdx @@ -0,0 +1,25 @@ +# Resetting a kURL Cluster + +This topic describes how to use the kURL `reset` command to reset a kURL cluster. + +## Overview + +If you need to reset a kURL installation, such as when you are testing releases with kURL, You can use the kURL `tasks.sh` `reset` command to remove Kubernetes from the system. + +Alterntaively, you can discard your current VM (if you are using one) and recreate the VM with a new OS to reinstall with kURL. + +For more information about the `reset` command, see [Resetting a Node](https://kurl.sh/docs/install-with-kurl/managing-nodes#reset-a-node) in the kURL documentation. + +To reset a kURL installation: + +1. Access the machine where you installed with kURL. + +1. Run the following command to remove Kubernetes from the system: + + ``` + curl -sSL https://k8s.kurl.sh/latest/tasks.sh | sudo bash -s reset + ``` + +1. Follow the instructions in the output of the command to manually remove any files that the `reset` command does not remove. + +If the `reset` command is unsuccessful, discard your current VM, and recreate the VM with a new OS to reinstall the Admin Console and an application. \ No newline at end of file diff --git a/docs/vendor/licenses-about-types.md b/docs/vendor/licenses-about-types.md index bf71170e13..cea6250d6c 100644 --- a/docs/vendor/licenses-about-types.md +++ b/docs/vendor/licenses-about-types.md @@ -10,7 +10,7 @@ After installing an application with a community license, users can replace thei Community licenses are supported for applications that are installed with Replicated KOTS or with the Helm CLI. -For applications installed with KOTS, community license users can upload a new license file of a different type in the Replicated admin console. For more information, see [Upgrade from a Community License](/enterprise/updating-licenses#upgrade-from-a-community-license) in _Updating Licenses_. +For applications installed with KOTS, community license users can upload a new license file of a different type in the Replicated admin console. For more information, see [Upgrade from a Community License](/enterprise/updating-licenses#upgrade-from-a-community-license) in _Updating Licenses in the Admin Console_. ## Limitations diff --git a/docs/vendor/licenses-about.mdx b/docs/vendor/licenses-about.mdx index ba2291c4ab..50c8bcb353 100644 --- a/docs/vendor/licenses-about.mdx +++ b/docs/vendor/licenses-about.mdx @@ -64,7 +64,7 @@ For online instances, KOTS pulls license details from the Vendor Portal when: * An update is performed with Replicated Embedded Cluster. See [Performing Updates with Embedded Cluster](/enterprise/updating-embedded). * An application status changes. See [Current State](instance-insights-details#current-state) in _Instance Details_. -For more information, see [Updating Licenses](/enterprise/updating-licenses). +For more information, see [Updating Licenses in the Admin Console](/enterprise/updating-licenses). ### Air Gap License Updates with KOTS @@ -72,7 +72,7 @@ To update licenses in air gap installations, customers need to upload the update After you update the license fields in the Vendor Portal, you can notify customers by either sending them a new license file or instructing them to log into their Download Portal to downlaod the new license. -For more information, see [Updating Licenses](/enterprise/updating-licenses). +For more information, see [Updating Licenses in the Admin Console](/enterprise/updating-licenses). ### Retrieving License Details with the SDK API @@ -109,7 +109,7 @@ This section provides information about managing the channel a customer is assig For example, if the latest release promoted to the Beta channel is version 1.25.0 and version 1.10.0 is marked as required, when you edit an existing customer to assign them to the Beta channel, then the KOTS Admin Console always fetches 1.25.0, even though 1.10.0 is marked as required. The required release 1.10.0 is ignored and is not available to the customer for upgrade. -For more information about how to mark a release as required, see [Properties](releases-about#properties) in _About Channels and Releases_. For more information about how to synchronize licenses in the Admin Console, see [Updating Licenses](/enterprise/updating-licenses). +For more information about how to mark a release as required, see [Properties](releases-about#properties) in _About Channels and Releases_. For more information about how to synchronize licenses in the Admin Console, see [Updating Licenses in the Admin Console](/enterprise/updating-licenses). ## About the Customers Page diff --git a/docs/vendor/packaging-ingress.md b/docs/vendor/packaging-ingress.md index 16afaf1b16..c67fc2d77b 100644 --- a/docs/vendor/packaging-ingress.md +++ b/docs/vendor/packaging-ingress.md @@ -6,7 +6,7 @@ Below is an example of a flexible `ingress.yaml` file designed to work in most K ## Example The following example includes an Ingress resource with a single host based routing rule. -The resource works in both existing clusters and embedded kURL clusters. +The resource works in both existing clusters and kURL clusters. ### Config diff --git a/docs/vendor/packaging-installer-storage.mdx b/docs/vendor/packaging-installer-storage.mdx index 0064bb51b2..bce38a99df 100644 --- a/docs/vendor/packaging-installer-storage.mdx +++ b/docs/vendor/packaging-installer-storage.mdx @@ -4,7 +4,7 @@ import KurlAvailability from "../partials/kurl/_kurl-availability.mdx" -This topic provides guidance for selecting Replicated kURL add-ons to provide highly available data storage in embedded kURL clusters. For additional guidance, see [Choosing a PV Provisioner](https://kurl.sh/docs/create-installer/choosing-a-pv-provisioner) in the open source kURL documentation. +This topic provides guidance for selecting Replicated kURL add-ons to provide highly available data storage in kURL clusters. For additional guidance, see [Choosing a PV Provisioner](https://kurl.sh/docs/create-installer/choosing-a-pv-provisioner) in the open source kURL documentation. ## Overview diff --git a/docs/vendor/packaging-rbac.md b/docs/vendor/packaging-rbac.md index 0a1bc23962..49c016e6eb 100644 --- a/docs/vendor/packaging-rbac.md +++ b/docs/vendor/packaging-rbac.md @@ -108,7 +108,7 @@ The following limitations apply when using the `requireMinimalRBACPrivileges` or In non-headless installations in air gap environments, KOTS does not have access to the application's `.airgap` package during installation. This means that KOTS does not have the information required to determine whether namespace-scoped access is needed, so it defaults to the more permissive, default cluster-scoped RBAC policy. - For more information about how to do headless installations in air gap environments, see [Air Gap Install](/enterprise/installing-existing-cluster-automation#air-gap-install) in _Installing from the Command Line_. + For more information about how to do headless installations in air gap environments, see [Air Gap Installation](/enterprise/installing-existing-cluster-automation#air-gap) in _Installing with the KOTS CLI_. * **Changing RBAC permissions for installed instances**: The RBAC permissions for KOTS are set during its initial installation. KOTS runs using the assumed identity and cannot change its own authorization. When you update your application to add or remove the `requireMinimalRBACPrivileges` and `supportMinimalRBACPrivileges` flags in the Application custom resource, the RBAC permissions for KOTS are affected only for new installations. Existing KOTS installations continue to run with their current RBAC permissions. diff --git a/docs/vendor/packaging-using-tls-certs.mdx b/docs/vendor/packaging-using-tls-certs.mdx index 70db50cfcc..556be7397d 100644 --- a/docs/vendor/packaging-using-tls-certs.mdx +++ b/docs/vendor/packaging-using-tls-certs.mdx @@ -16,7 +16,7 @@ For example, if your application does TLS termination, your deployment would nee ### Get the TLS Secret -kURL sets up a Kubernetes secret called `kotsadm-tls`. The secret stores the TLS certificate, key, and hostname. Initially, the secret has an annotation set called `acceptAnonymousUploads`. This indicates that a new TLS certificate can be uploaded by the end customer during the deployment process. For more information about deployment, see [About Installing an Application](/enterprise/installing-overview) in the _Enterprise User_ documentation. +kURL sets up a Kubernetes secret called `kotsadm-tls`. The secret stores the TLS certificate, key, and hostname. Initially, the secret has an annotation set called `acceptAnonymousUploads`. This indicates that a new TLS certificate can be uploaded by the end customer during the installation process. For more information about installing with kURL, see [Online Installation with kURL](/enterprise/installing-kurl). Before you can reference the TLS certificate in other resources, you must get the `kotsadm-tls` secret output. diff --git a/docs/vendor/policies-data-transmission.md b/docs/vendor/policies-data-transmission.md index 8d04ef50f0..ccfd45773f 100644 --- a/docs/vendor/policies-data-transmission.md +++ b/docs/vendor/policies-data-transmission.md @@ -4,9 +4,9 @@ A Replicated installation connects to a Replicated-hosted endpoint periodically - The IP address of the primary Replicated instance. - The ID of the installation. -- [Resource statuses](https://docs.replicated.com/enterprise/status-viewing-details#resource-statuses) -- Information about the installation including data needed for [instance details](https://docs.replicated.com/vendor/instance-insights-details). -- [Custom metrics](https://docs.replicated.com/vendor/custom-metrics) which the vendor may configure as part of the installation. +- [Resource statuses](/enterprise/status-viewing-details#resource-statuses) +- Information about the installation including data needed for [instance details](/vendor/instance-insights-details). +- [Custom metrics](/vendor/custom-metrics) which the vendor may configure as part of the installation. - Date and timestamps of the data transmission. This data is required to provide the expected update and license services. The data is also used to provide telemetry and other reporting features. diff --git a/docs/vendor/preflight-support-bundle-about.md b/docs/vendor/preflight-support-bundle-about.md index cc9e7f615b..74327fac96 100644 --- a/docs/vendor/preflight-support-bundle-about.md +++ b/docs/vendor/preflight-support-bundle-about.md @@ -85,9 +85,9 @@ You can add required preflight checks for an application by including `strict: t This section describes how users can run preflight checks for KOTS and Helm installations. -#### KOTS Installations +#### Replicated Installations -For installations with KOTS, preflight checks run automatically as part of the installation process. The results of the preflight checks are displayed either in the KOTS Admin Console or in the KOTS CLI, depending on the installation method. +For Replicated installations with Embedded Cluster, KOTS, or kURL, preflight checks run automatically as part of the installation process. The results of the preflight checks are displayed either in the KOTS Admin Console or in the KOTS CLI, depending on the installation method. Additionally, users can access preflight checks from the Admin Console after installation to view their results and optionally re-run the checks. @@ -97,8 +97,6 @@ The following shows an example of the results of preflight checks displayed in t [View a larger version of this image](/images/preflight-warning.png) -For more information about the KOTS installation process, see [About Installing an Application](/enterprise/installing-overview). - #### Helm Installations For installations with Helm, the preflight kubectl plugin is required to run preflight checks. The preflight plugin is a client-side utility that adds a single binary to the path. For more information, see [Getting Started](https://troubleshoot.sh/docs/) in the Troubleshoot documentation. diff --git a/docs/vendor/releases-about.mdx b/docs/vendor/releases-about.mdx index d11016724b..8ff0ad3063 100644 --- a/docs/vendor/releases-about.mdx +++ b/docs/vendor/releases-about.mdx @@ -66,7 +66,7 @@ This section provides additional information about releases, including details a A release contains your application files as well as the manifests required to install the application with the Replicated installers ([Replicated Embedded Cluster](/vendor/embedded-overview) and [Replicated KOTS](../intro-kots)). -The application files in releases can be Helm charts and/or Kubernetes manifests. Replicated strongly recommends that all applications are packaged with Helm. For more information, see [About Packaging Applications](/vendor/distributing-overview#about-packaging-applications). +The application files in releases can be Helm charts and/or Kubernetes manifests. Replicated strongly recommends that all applications are packaged as Helm charts because many enterprise customers will expect to be able to install with Helm. ### Promotion @@ -207,7 +207,7 @@ As shown in the image above, you can do the following from the **Channels** page Click **Release history** to access the history of all releases promoted to the channel. From the **Release History** page, you can view the version labels and files in each release that has been promoted to the selected channel. - For applications that support installation with Replicated KOTS, you can also build and download air gap bundles, and edit the release properties for each release promoted to the channel from the **Release History** page. + You can also build and download air gap bundles to be used in air gap installations with Replicated installers (Embedded Cluster, KOTS, kURL), and edit the release properties for each release promoted to the channel from the **Release History** page. The following shows an example of the **Release History** page: @@ -217,9 +217,9 @@ As shown in the image above, you can do the following from the **Channels** page * For applications that support KOTS, you can also do the following from the **Channel** page: - * In the **kURL installer** section, view the current kURL installer promoted to the channel. Click **Installer history** to view the history of kURL installers promoted to the channel. For more information about creating kURL installers within a release or separate from a release, see [Creating a kURL installer](packaging-embedded-kubernetes). + * In the **kURL installer** section, view the current kURL installer promoted to the channel. Click **Installer history** to view the history of kURL installers promoted to the channel. For more information about creating kURL installers, see [Creating a kURL Installer](packaging-embedded-kubernetes). - * In the **Install** section, view and copy the installation commands for the latest release on the channel. For more information, see the [Installing an Application](/enterprise/installing-overview) section. + * In the **Install** section, view and copy the installation commands for the latest release on the channel. ### Draft Release Page diff --git a/docs/vendor/releases-configvalues.md b/docs/vendor/releases-configvalues.md deleted file mode 100644 index 9a081f540a..0000000000 --- a/docs/vendor/releases-configvalues.md +++ /dev/null @@ -1,93 +0,0 @@ -import ConfigValuesExample from "../partials/configValues/_configValuesExample.mdx" -import BoolExample from "../partials/configValues/_boolExample.mdx" -import FileExample from "../partials/configValues/_fileExample.mdx" -import PasswordExample from "../partials/configValues/_passwordExample.mdx" -import SelectOneExample from "../partials/configValues/_selectOneExample.mdx" -import TextExample from "../partials/configValues/_textExample.mdx" -import TextAreaExample from "../partials/configValues/_textareaExample.mdx" - -# Generating a ConfigValues File - -This topic describes how to generate the Replicated KOTS ConfigValues file for an application release. It also includes recommendations for how to prepare a sample ConfigValues file to be shared with your users. - -## Overview - -The KOTS ConfigValues file includes the fields that are defined in the KOTS Config custom resource for an application release, along with the user-supplied and default values for each field. The following is an example of a ConfigValues file: - - - -The ConfigValues file allows you to pass the configuration values for an application from the command line with the install command, rather than through the Admin Console UI. This supports automated or _headless_ installations, such as when installing an application as part of CI/CD pipelines. - -For more information about installing from the command line, see [Installing from the Command Line](/enterprise/installing-existing-cluster-automation). - -## Get the ConfigValues File - -During installation, KOTS automatically generates a ConfigValues file and saves the file in a directory called `upstream`. After installation, you can view the generated ConfigValues file in the Admin Console **View files** tab or from the command line by running the `kubectl kots get config` command. - -To get the ConfigValues file from an installed application instance: - -1. Install the target release in a development environment. You can either install the release with Replicated Embedded Cluster or install in an existing cluster with KOTS. For more information, see [Online Installation with Embedded Cluster](/enterprise/installing-embedded) or [Online Installation in Existing Clusters](/enterprise/installing-existing-cluster). - -1. Depending on the installer that you used, do one of the following to get the ConfigValues for the installed instance: - - * **For Embedded Cluster installations**: In the Admin Console, go to the **View files** tab. In the filetree, go to **upstream > userdata** and open **config.yaml**, as shown in the image below: - - ![ConfigValues file in the Admin Console View Files tab](/images/admin-console-view-files-configvalues.png) - - [View a larger version of this image](/images/admin-console-view-files-configvalues.png) - - * **For KOTS installations in an existing cluster**: Run the `kubectl kots get config` command to view the generated ConfigValues file: - - ``` - kubectl kots get config --namespace APP_NAMESPACE --decrypt - ``` - Where: - * `APP_NAMESPACE` is the cluster namespace where KOTS is running. - * The `--decrypt` flag decrypts all configuration fields with `type: password`. In the downloaded ConfigValues file, the decrypted value is stored in a `valuePlaintext` field. - - The output of the `kots get config` command shows the contents of the ConfigValues file. For more information about the `kots get config` command, including additional flags, see [kots get config](/reference/kots-cli-get-config). - - **Example**: - - ```bash - kubectl kots get config --namespace namespace --decrypt - ``` - ```bash - apiVersion: kots.io/v1beta1 - kind: ConfigValues - metadata: - creationTimestamp: null - spec: - values: - example_item: - value: hello world - ``` - -## Share a Sample ConfigValues File - -If your users will perform automated or headless installations from the command line, you can share an example of an accurate ConfigValues file that they can edit. - -Before sharing a sample ConfigValues with users, Replicated recommends that you edit the sample file in the following ways: - - * Remove any configuration fields that have `readonly` set to `true`. Users cannot edit read only fields. For more information, see [readonly](/reference/custom-resource-config#readonly) in _Config_. - - * Remove the `metadata` and `status` fields. These fields are automatically generated because the file is a Kubernetes custom resource. KOTS does not use the `metadata` or `status` fields. - - * (Optional) Remove any fields that have `hidden` set to `true`. Fields with `hidden` set to `true` can be edited by users, but are hidden from the Admin Console Config page. For more information, see [hidden](/reference/custom-resource-config#hidden) in _Config_. - - * Write comments in the file or provide supplementary documentation to describe the following: - * The fields that are required and optional. For any required configuration fields that do not have a default value, users must provide a value in the ConfigValues file to install the application. - * The supported values for each configuration field. For example, for `radio` or `dropdown` fields, document each of the possible values that users can provide. - * The supported YAML format for each value. The following table describes the supported value format for each configuration field type: - - - - - - - - - -
    Field TypeSupported Value Format
    bool

    "1" specifies true and "0" specifies false.

    file

    A filename field and a Base64 encoded string of the contents of the file in the value field.

    password

    A valuePlaintext field that contains the password in plain text. KOTS encrypts any values in valuePlaintext fields during installation.

    radio and dropdown

    The value must match the name of one of the nested items for the select_one field as defined in the Config custom resource manifest.

    text

    Plain text in the value field.

    textarea

    Plain text in the value field.

    - - For more information about each configuration field type in the Config custom resource, see [Config](/reference/custom-resource-config). diff --git a/docs/vendor/releases-creating-customer.mdx b/docs/vendor/releases-creating-customer.mdx index 91521b6aa5..51b6f23a3b 100644 --- a/docs/vendor/releases-creating-customer.mdx +++ b/docs/vendor/releases-creating-customer.mdx @@ -76,7 +76,7 @@ To edit license fields: 1. Test the changes by installing or updating in a development environment. Do one of the following, depending on the installation method for your application: * For applications installed with Helm that use the Replicated SDK, you can add logic to your application to enforce entitlements before installation or during runtime using the Replicated SDK API license endpoints. See [Checking Entitlements in Helm Charts Before Deployment](licenses-reference-helm). - * For applications installed with Replicated KOTS, update the license in the admin console. See [Update Online Licenses](/enterprise/updating-licenses#update-online-licenses) and [Update Air Gap Licenses](/enterprise/updating-licenses#update-air-gap-licenses) in _Updating Licenses_. + * For applications installed with Replicated KOTS, update the license in the admin console. See [Update Online Licenses](/enterprise/updating-licenses#update-online-licenses) and [Update Air Gap Licenses](/enterprise/updating-licenses#update-air-gap-licenses) in _Updating Licenses in the Admin Console_. ## Archive a Customer diff --git a/docs/vendor/replicated-onboarding.mdx b/docs/vendor/replicated-onboarding.mdx index 362b420b70..9a94322c04 100644 --- a/docs/vendor/replicated-onboarding.mdx +++ b/docs/vendor/replicated-onboarding.mdx @@ -174,7 +174,7 @@ To create the first release for your application: 1. Install with Embedded Cluster on a VM. See [Online Installation with Embedded Cluster](/enterprise/installing-embedded). - 1. (Optional) Install in an existing cluster with KOTS. See [Online Installation in Existing Clusters](/enterprise/installing-existing-cluster). + 1. (Optional) Install in an existing cluster with KOTS. See [Online Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster). After successfully installing the initial release on a VM with Embedded Cluster (and optionally in an existing cluster with KOTS), go to the next task. You will continue to iterate throughout the rest of the onboarding process by creating and promoting new releases, then upgrading to the new version in your development environment. @@ -478,7 +478,7 @@ To add support for air gap installations: 1. Download the Embedded Cluster air gap installation assets, then install with Embedded Cluster on an air gap VM to test. See [Installing in Air Gap Environments with Embedded Cluster](/enterprise/installing-embedded-air-gap). -1. (Optional) Download the `.airgap` bundle for the release and the air gap bundle for the KOTS Admin Console. You can also download both bundles from the Download Portal for the target customer. Then, install in an air gap existing cluster to test. See [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped). +1. (Optional) Download the `.airgap` bundle for the release and the air gap bundle for the KOTS Admin Console. You can also download both bundles from the Download Portal for the target customer. Then, install in an air gap existing cluster to test. See [Air Gap Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster-airgapped). 1. (Optional) Follow the steps in [Installing and Updating with Helm in Air Gap Environments (Alpha)](/vendor/helm-install-airgap) to test air gap installation with Helm. diff --git a/docs/vendor/replicated-sdk-installing.mdx b/docs/vendor/replicated-sdk-installing.mdx index a056336b53..f5a885afb7 100644 --- a/docs/vendor/replicated-sdk-installing.mdx +++ b/docs/vendor/replicated-sdk-installing.mdx @@ -40,11 +40,15 @@ To install the SDK as a subchart: 1. Add the chart archive to a new release. For more information, see [Managing Releases with the CLI](/vendor/releases-creating-cli) or [Managing Releases with the Vendor Portal](/vendor/releases-creating-releases). -1. (Optional) Add a HelmChart custom resource to the release to support installation with KOTS. For more information, see [About Distributing Helm Charts with KOTS](/vendor/helm-native-about) and [HelmChart v2](/reference/custom-resource-helmchart-v2). +1. (Optional) Add a KOTS HelmChart custom resource to the release to support installation with Embedded Cluster, KOTS, or kURL. For more information, see [Configuring the HelmChart Custom Resource v2](/vendor/helm-native-v2-using). 1. Save and promote the release to an internal-only channel used for testing, such as the default Unstable channel. -1. Install the release using the Helm CLI or KOTS. For information about installing releases with the Helm CLI, see [Installing with Helm](/vendor/install-with-helm). For information about installing with KOTS, see [About Installing an Application](/enterprise/installing-overview). +1. Install the release using Helm or a Replicated installer. For more information, see: + * [Online Installation with Embedded Cluster](/enterprise/installing-embedded) + * [Installing with Helm](/vendor/install-with-helm) + * [Online Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster) + * [Online Installation with kURL](/enterprise/installing-kurl) 1. Confirm that the SDK was installed by seeing that the `replicated` Deployment was created: @@ -122,7 +126,10 @@ To add the SDK Helm chart to a release for a standard manifest-based application 1. Save and promote the release to an internal-only channel used for testing, such as the default Unstable channel. -1. Install the release using KOTS. For more information, see [About Installing an Application](/enterprise/installing-overview). +1. Install the release using a Replicated installer (Emebdded Cluster, KOTS, kURL). For more information, see: + * [Online Installation with Embedded Cluster](/enterprise/installing-embedded) + * [Online Installation in Existing Clusters with KOTS](/enterprise/installing-existing-cluster) + * [Online Installation with kURL](/enterprise/installing-kurl) 1. Confirm that the SDK was installed by seeing that the `replicated` Deployment was created: diff --git a/docs/vendor/snapshots-overview.md b/docs/vendor/snapshots-overview.md index 08ea1d4f0e..4c9c2ee388 100644 --- a/docs/vendor/snapshots-overview.md +++ b/docs/vendor/snapshots-overview.md @@ -25,7 +25,7 @@ Full backups include the Admin Console and all application data, including KOTS- ### Other Object-Stored Data -For embedded kURL clusters, you might be using object-stored data that is not specific to the kURL KOTS add-on. +For kURL clusters, you might be using object-stored data that is not specific to the kURL KOTS add-on. For object-stored data that is not KOTS-specific and does not use persistentVolumeClaims (PVCs), you must write custom backup and restore hooks to enable back ups for that object-stored data. For example, Rook and Ceph do not use PVCs and so require custom backup and restore hooks. For more information about writing custom hooks, see [Configuring Backup and Restore Hooks](snapshots-hooks). diff --git a/docs/vendor/support-bundle-generating.mdx b/docs/vendor/support-bundle-generating.mdx index 2123153b30..beb0d023c6 100644 --- a/docs/vendor/support-bundle-generating.mdx +++ b/docs/vendor/support-bundle-generating.mdx @@ -23,10 +23,4 @@ Run the following command: ```bash kubectl support-bundle https://raw.githubusercontent.com/replicatedhq/troubleshoot-specs/main/in-cluster/default.yaml -``` - -## Related Topics - -* [Generating Support Bundles for Embedded Cluster](/vendor/support-bundle-embedded) -* [Generating Host Bundles for kURL](/vendor/support-host-support-bundles) -* [Generating Support Bundles for KOTS Installations](/enterprise/troubleshooting-an-app) \ No newline at end of file +``` \ No newline at end of file diff --git a/docs/vendor/support-enabling-direct-bundle-uploads.md b/docs/vendor/support-enabling-direct-bundle-uploads.md index 201ee39f95..c9b96a436b 100644 --- a/docs/vendor/support-enabling-direct-bundle-uploads.md +++ b/docs/vendor/support-enabling-direct-bundle-uploads.md @@ -12,7 +12,7 @@ When enabled, your customers can use the **Send bundle to vendor button** in the After clicking this button, the bundle will be immediately available under the Troubleshoot tab in the Vendor Portal team account associated with this customer. -For more information on how your customer can use this feature, see [Generating Support Bundles](https://docs.replicated.com/enterprise/troubleshooting-an-app) in the KOTS documentation. +For more information on how your customer can use this feature, see [Generating Support Bundles from the Admin Console](/enterprise/troubleshooting-an-app). ### How to Enable Direct Bundle Uploads diff --git a/docs/vendor/support-submit-request.md b/docs/vendor/support-submit-request.md index 6dc62dfc13..6097b903ac 100644 --- a/docs/vendor/support-submit-request.md +++ b/docs/vendor/support-submit-request.md @@ -2,11 +2,6 @@ You can submit a support request and a support bundle using the Replicated Vendor Portal. Uploading a support bundle is secure and helps the Replicated support team troubleshoot your application faster. Severity 1 issues are resolved three times faster when you submit a support bundle with your support request. -:::note - -For KOTS, if your customer cannot generate a support bundle using the KOTS Admin Console and needs an alternative method, see [Generating Support Bundles](/enterprise/troubleshooting-an-app) in the KOTS documentation. -::: - ### Prerequisites The following prerequisites must be met to submit support requests: diff --git a/docs/vendor/telemetry-air-gap.mdx b/docs/vendor/telemetry-air-gap.mdx index 1744073a89..9c0e224ed6 100644 --- a/docs/vendor/telemetry-air-gap.mdx +++ b/docs/vendor/telemetry-air-gap.mdx @@ -48,17 +48,7 @@ When a limit is reached, the oldest events are purged until the payload is withi To collect telemetry from air gap instances: -1. Ask your customer to collect a support bundle using one of the following methods: - * Run the following command with the support-bundle CLI: - - ``` - kubectl support-bundle --load-cluster-specs - ``` - Where `--load-cluster-specs` is a required flag that ensures telemetry and custom metrics are included in the support bundle that is generated. - - For more information, see [Generating Support Bundles](/vendor/support-bundle-generating). - - * Users can also generate and download a support bundle from the KOTS Admin Console **Troubleshoot** tab to ensure that telemetry and custom metrics are included. See [Generating a Support Bundle Using the Admin Console](/enterprise/troubleshooting-an-app#generate-a-bundle-from-the-admin-console). +1. Ask your customer to collect a support bundle. See [Generating Support Bundles](/vendor/support-bundle-generating). 1. After receiving the support bundle from your customer, go to the Vendor Portal **Customers**, **Customer Reporting**, or **Instance Details** page and upload the support bundle: diff --git a/docs/vendor/tutorial-adding-db-config.md b/docs/vendor/tutorial-adding-db-config.md index 847c69ff70..d24fa19f53 100644 --- a/docs/vendor/tutorial-adding-db-config.md +++ b/docs/vendor/tutorial-adding-db-config.md @@ -16,7 +16,7 @@ It is split into 5 sections: This guide assumes you have: -* A running instance of the Replicated Admin Console (`kotsadm`) to iterate against in either an existing cluster or an embedded cluster created with Replicated kURL. If you do not have a running instance of the Admin Console in an existing or embedded kURL cluster, complete the [Install with KOTS in an Existing Cluster](tutorial-cli-setup) tutorial to package and install a sample application. +* A running instance of the Replicated Admin Console (`kotsadm`) to iterate against in either an existing cluster or an embedded cluster created with Replicated kURL. If you do not have a running instance of the Admin Console in an existing or kURL cluster, complete the [Install with KOTS in an Existing Cluster](tutorial-cli-setup) tutorial to package and install a sample application. * A local git checkout of your application manifests. ### Accompanying Code Examples diff --git a/docs/vendor/tutorial-cli-setup.mdx b/docs/vendor/tutorial-cli-setup.mdx index ac42bab465..a96155a59b 100644 --- a/docs/vendor/tutorial-cli-setup.mdx +++ b/docs/vendor/tutorial-cli-setup.mdx @@ -16,7 +16,7 @@ The steps in this KOTS CLI-based tutorial show you how to use the Replicated CLI As part of this tutorial, you will install a sample application into a Kubernetes cluster. Before you begin, do the following to set up your environment: -* Create a Kubernetes cluster that meets the minimum system requirements described in [Existing Cluster Requirements](/enterprise/installing-general-requirements#existing-cluster-requirements) in _Installation Requirements_. You can use any cloud provider or tool that you prefer to create a cluster, such as Google Kubernetes Engine (GKE), Amazon Web Services (AWS), or minikube. +* Create a Kubernetes cluster that meets the minimum system requirements described in [KOTS Installation Requirements](/enterprise/installing-general-requirements). You can use any cloud provider or tool that you prefer to create a cluster, such as Google Kubernetes Engine (GKE), Amazon Web Services (AWS), or minikube. **Example:** diff --git a/netlify.toml b/netlify.toml index ec321d9dc0..371eba3349 100644 --- a/netlify.toml +++ b/netlify.toml @@ -99,11 +99,11 @@ [[redirects]] from="https://docs.replicated.com/vendor/helm-installing-native-helm" - to="https://docs.replicated.com/vendor/distributing-overview" + to="https://docs.replicated.com/vendor/helm-native-about" [[redirects]] from="https://docs.replicated.com/vendor/helm-processing" - to="https://docs.replicated.com/vendor/distributing-overview" + to="https://docs.replicated.com/vendor/helm-native-about" [[redirects]] from="https://docs.replicated.com/vendor/team-management-rbac-about" @@ -128,11 +128,11 @@ [[redirects]] from="https://docs.replicated.com/vendor/helm-overview" - to="https://docs.replicated.com/vendor/distributing-overview" + to="https://docs.replicated.com/vendor/helm-install-overview" [[redirects]] from="https://docs.replicated.com/vendor/helm-install" - to="https://docs.replicated.com/vendor/distributing-overview" + to="https://docs.replicated.com/vendor/helm-install-overview" [[redirects]] from="https://docs.replicated.com/vendor/testing-replicated-instance-types" @@ -178,11 +178,19 @@ [[redirects]] from="https://docs.replicated.com/vendor/distributing-workflow" - to="https://docs.replicated.com/vendor/replicated-onboarding" + to="https://docs.replicated.com/vendor/replicated-onboarding" [[redirects]] from = "https://docs.replicated.com/vendor/tutorial-ci-cd-integration" - to = "https://docs.replicated.com/vendor/ci-overview" + to = "https://docs.replicated.com/vendor/ci-overview" + +[[redirects]] + from = "https://docs.replicated.com/vendor/embedded-kubernetes-overview" + to = "https://docs.replicated.com/vendor/embedded-overview" + +[[redirects]] + from = "https://docs.replicated.com/vendor/distributing-overview" + to = "https://docs.replicated.com/intro-replicated" ################################################### # Redirects To the Enterprise Section @@ -228,6 +236,10 @@ from="https://docs.replicated.com/enterprise/image-registry-embedded-cluster" to="https://docs.replicated.com/enterprise/image-registry-kurl" +[[redirects]] + from="https://docs.replicated.com/vendor/releases-configvalues" + to="https://docs.replicated.com/enterprise/installing-embedded-automation" + ################################################### # Redirects To the References Section ################################################### diff --git a/sidebars.js b/sidebars.js index 01d86af5eb..d94c94feb6 100644 --- a/sidebars.js +++ b/sidebars.js @@ -111,91 +111,151 @@ const sidebars = { {type: 'html', value: '
    product docs
    ', defaultStyle: true}, { type: 'category', - label: 'Vendor Portal Teams and Accounts', + label: 'Vendor Portal', items: [ - 'vendor/vendor-portal-creating-account', - 'vendor/team-management', - 'vendor/team-management-github-username', { - type: 'category', - label: 'Configuring Role-based Access Control', - items: [ - 'vendor/team-management-rbac-configuring', - 'vendor/team-management-rbac-resource-names', + type: 'category', + label: 'Vendor Portal Teams and Accounts', + items: [ + 'vendor/vendor-portal-creating-account', + 'vendor/team-management', + 'vendor/team-management-github-username', + { + type: 'category', + label: 'Configuring Role-based Access Control', + items: [ + 'vendor/team-management-rbac-configuring', + 'vendor/team-management-rbac-resource-names', + ], + }, + { + type: 'category', + label: 'Configuring Authentication', + items: [ + 'vendor/team-management-two-factor-auth', + 'vendor/team-management-google-auth', + 'vendor/team-management-saml-auth', + ], + }, + 'vendor/team-management-slack-config', + 'vendor/replicated-api-tokens', ], }, { type: 'category', - label: 'Configuring Authentication', + label: 'Applications', items: [ - 'vendor/team-management-two-factor-auth', - 'vendor/team-management-google-auth', - 'vendor/team-management-saml-auth', + 'vendor/vendor-portal-manage-app', + 'vendor/vendor-portal-application-settings', ], }, - 'vendor/team-management-slack-config', - 'vendor/replicated-api-tokens', - - ], - }, - { - type: 'category', - label: 'Applications', - items: [ - 'vendor/vendor-portal-manage-app', - 'vendor/vendor-portal-application-settings', + { + type: 'category', + label: 'Channels and Releases', + items: [ + 'vendor/releases-about', + 'vendor/releases-creating-channels', + 'vendor/releases-creating-releases', + 'vendor/releases-creating-cli', + 'vendor/helm-install-release', + 'vendor/releases-sharing-license-install-script', + 'vendor/releases-share-download-portal', + 'reference/linter', + ], + }, + { + type: 'category', + label: 'Customer Licenses', + items: [ + 'vendor/licenses-about', + 'vendor/releases-creating-customer', + 'vendor/licenses-adding-custom-fields', + 'vendor/licenses-using-builtin-fields', + 'vendor/licenses-install-types', + 'vendor/licenses-about-types', + 'vendor/licenses-download', + { + type: 'category', + label: 'Querying License Entitlements', + items: [ + 'vendor/licenses-reference-sdk', + 'vendor/licenses-reference-helm', + 'vendor/licenses-referencing-fields', + 'vendor/licenses-reference-kots-runtime', + 'vendor/licenses-verify-fields-sdk-api', + ] + }, + ], + }, + { + type: 'category', + label: 'Custom Domains', + items: [ + 'vendor/custom-domains', + 'vendor/custom-domains-using', + ], + }, + { + type: 'category', + label: 'Insights and Telemetry', + items: [ + 'vendor/instance-insights-event-data', + 'vendor/insights-app-status', + 'vendor/telemetry-air-gap', + 'vendor/customer-adoption', + 'vendor/customer-reporting', + 'vendor/instance-insights-details', + 'vendor/instance-notifications-config', + 'vendor/custom-metrics', + 'vendor/instance-data-export', + ], + }, ], }, { type: 'category', - label: 'Channels and Releases', + label: 'Compatibility Matrix', items: [ - 'vendor/releases-about', - 'vendor/releases-creating-channels', - 'vendor/releases-creating-releases', - 'vendor/releases-creating-cli', - 'vendor/helm-install-release', - 'vendor/releases-sharing-license-install-script', - 'vendor/releases-share-download-portal', - 'reference/linter', + 'vendor/testing-about', + 'vendor/testing-supported-clusters', + 'vendor/testing-cluster-addons', + 'vendor/testing-how-to', + 'vendor/testing-ingress', ], }, { type: 'category', - label: 'Customer Licenses', + label: 'Embedded Cluster', items: [ - 'vendor/licenses-about', - 'vendor/releases-creating-customer', - 'vendor/licenses-adding-custom-fields', - 'vendor/licenses-using-builtin-fields', - 'vendor/licenses-install-types', - 'vendor/licenses-about-types', - 'vendor/licenses-download', + 'vendor/embedded-overview', + 'reference/embedded-config', { type: 'category', - label: 'Querying License Entitlements', + label: 'Installing with Embedded Cluster', items: [ - 'vendor/licenses-reference-sdk', - 'vendor/licenses-reference-helm', - 'vendor/licenses-referencing-fields', - 'vendor/licenses-reference-kots-runtime', - 'vendor/licenses-verify-fields-sdk-api', - ] + 'enterprise/installing-embedded-requirements', + 'enterprise/installing-embedded', + 'enterprise/installing-embedded-air-gap', + 'enterprise/installing-embedded-automation', + 'reference/embedded-cluster-install', + ], }, + 'enterprise/updating-embedded', + 'vendor/embedded-disaster-recovery', ], }, { type: 'category', - label: 'Distributing and Installing with KOTS', + label: 'KOTS', items: [ 'intro-kots', { type: 'category', - label: 'Packaging KOTS Releases', + label: 'Configuring KOTS', items: [ { type: 'category', - label: 'Distributing Helm Charts with KOTS', + label: 'Configuring the HelmChart Custom Resource', items: [ 'vendor/helm-native-about', 'vendor/helm-native-v2-using', @@ -206,43 +266,17 @@ const sidebars = { }, { type: 'category', - label: 'Distributing Embedded Kubernetes', - items: [ - 'vendor/embedded-kubernetes-overview', - { - type: 'category', - label: 'Embedded Cluster', - items: [ - 'vendor/embedded-overview', - 'reference/embedded-config', - 'vendor/embedded-disaster-recovery', - ], - }, - { - type: 'category', - label: 'kURL', - items: [ - 'vendor/kurl-about', - 'vendor/packaging-embedded-kubernetes', - 'vendor/packaging-installer-storage', - 'vendor/installer-history', - 'vendor/packaging-using-tls-certs', - ], - }, - ], - }, - { - type: 'category', - label: 'Admin Console and Download Portal Customization', + label: 'Customizing the Admin Console and Download Portal', items: [ 'vendor/admin-console-customize-app-icon', 'vendor/admin-console-adding-buttons-links', + 'vendor/admin-console-port-forward', 'vendor/admin-console-prometheus-monitoring', ], }, { type: 'category', - label: 'Admin Console Config Screen', + label: 'Configuring the Admin Console Config Screen', items: [ 'vendor/config-screen-about', 'vendor/admin-console-customize-config-screen', @@ -263,33 +297,6 @@ const sidebars = { }, ], }, - { - type: 'category', - label: 'Configuring Backup and Restore', - items: [ - 'vendor/snapshots-overview', - 'vendor/snapshots-configuring-backups', - 'vendor/snapshots-hooks', - 'reference/custom-resource-backup', - ], - }, - { - type: 'category', - label: 'Exposing Services', - items: [ - 'vendor/admin-console-port-forward', - 'vendor/kurl-nodeport-services', - ], - }, - { - type: 'category', - label: 'Managing KOTS', - items: [ - 'vendor/packaging-kots-versions', - 'vendor/packaging-rbac', - 'vendor/packaging-air-gap-excluding-minio', - ], - }, { type: 'category', label: 'Managing Resources and Objects', @@ -313,7 +320,26 @@ const sidebars = { }, { type: 'category', - label: 'Packaging Kubernetes Operators', + label: 'Managing KOTS', + items: [ + 'vendor/packaging-kots-versions', + 'vendor/packaging-rbac', + 'vendor/packaging-air-gap-excluding-minio', + ], + }, + { + type: 'category', + label: 'Configuring Backup and Restore with Snapshots', + items: [ + 'vendor/snapshots-overview', + 'vendor/snapshots-configuring-backups', + 'vendor/snapshots-hooks', + 'reference/custom-resource-backup', + ], + }, + { + type: 'category', + label: 'Distributing Kubernetes Operators with KOTS', items: [ 'vendor/operator-packaging-about', 'vendor/operator-defining-additional-images', @@ -321,176 +347,152 @@ const sidebars = { 'vendor/operator-defining-additional-namespaces', ], }, + { + type: 'category', + label: 'KOTS Custom Resources', + items: [ + 'reference/custom-resource-about', + 'reference/custom-resource-application', + 'reference/custom-resource-config', + 'reference/custom-resource-helmchart-v2', + 'reference/custom-resource-helmchart', + 'reference/custom-resource-lintconfig', + ], + }, + { + type: 'category', + label: 'KOTS Template Functions', + items: [ + 'reference/template-functions-about', + 'reference/template-functions-examples', + 'reference/template-functions-config-context', + 'reference/template-functions-identity-context', + 'reference/template-functions-kurl-context', + 'reference/template-functions-license-context', + 'reference/template-functions-static-context', + ], + }, + 'reference/cron-expressions', ], - }, - // KOTS ENTERPRISE USER DOCS + }, { type: 'category', - label: 'Installing and Managing Applications', + label: 'Installing in Existing Clusters with KOTS', items: [ - { - type: 'category', - label: 'Installing', - items: [ - { - type: 'category', - label: 'Preparing to Install', - items: [ - 'enterprise/installing-overview', - 'enterprise/installing-general-requirements', - 'enterprise/sbom-validating', - ], - }, - { - type: 'category', - label: 'Installing with Embedded Cluster', - items: [ - 'enterprise/installing-embedded', - 'enterprise/installing-embedded-air-gap', - 'reference/embedded-cluster-install', - ], - }, - { - type: 'category', - label: 'Installing in Existing Clusters with KOTS', - items: [ - 'enterprise/installing-existing-cluster', - 'enterprise/installing-existing-cluster-airgapped', - ], - }, - { - type: 'category', - label: 'Installing with kURL', - items: [ - 'enterprise/installing-kurl', - 'enterprise/installing-kurl-airgap', - 'enterprise/cluster-management-add-nodes', - ], - }, - { - type: 'category', - label: 'Installing from the Command Line', - items: [ - 'enterprise/installing-existing-cluster-automation', - 'vendor/releases-configvalues', - ], - }, - - 'enterprise/installing-stateful-component-requirements', - ], - }, - { - type: 'category', - label: 'Image Registries', - items: [ - 'enterprise/image-registry-settings', - 'enterprise/image-registry-kurl', - 'enterprise/image-registry-rate-limits', - ], - }, - 'enterprise/updating-patching-with-kustomize', - { - type: 'category', - label: 'Updating', - items: [ - 'enterprise/updating-app-manager', - 'enterprise/updating-embedded', - 'enterprise/updating-kurl-about', - 'enterprise/updating-kurl', - 'enterprise/updating-apps', - 'enterprise/updating-licenses', - 'enterprise/updating-tls-cert', - ], - }, - { - type: 'category', - label: 'Using a GitOps Workflow', - items: [ - 'enterprise/gitops-workflow', - 'enterprise/gitops-managing-secrets', - ], - }, - { - type: 'category', - label: 'Managing Admin Console User Access', - items: [ - 'enterprise/auth-changing-passwords', - 'enterprise/auth-identity-provider', - 'enterprise/auth-configuring-rbac', - ], - }, - { - type: 'category', - label: 'Monitoring Applications', - items: [ - 'enterprise/monitoring-applications', - 'enterprise/monitoring-external-prometheus', - ], - }, - { - type: 'category', - label: 'Backup and Restore', - items: [ - 'enterprise/snapshots-understanding', - { - type: 'category', - label: 'Configuring Backup Storage', - items: [ - 'enterprise/snapshots-velero-cli-installing', - 'enterprise/snapshots-configuring-hostpath', - 'enterprise/snapshots-configuring-nfs', - 'enterprise/snapshots-storage-destinations', - 'enterprise/snapshots-velero-installing-config', - ], - }, - 'enterprise/snapshots-creating', - 'enterprise/snapshots-restoring-full', - 'enterprise/snapshots-updating-with-admin-console', - 'enterprise/snapshots-troubleshooting-backup-restore', - ], - }, - { - type: 'category', - label: 'Troubleshooting', - items: [ - 'enterprise/status-viewing-details', - 'enterprise/troubleshooting-an-app', - 'enterprise/delete-admin-console', - ], - }, - ], - }, - { - type: 'category', - label: 'KOTS Custom Resources', - items: [ - 'reference/custom-resource-about', - 'reference/custom-resource-application', - 'reference/custom-resource-config', - 'reference/custom-resource-helmchart-v2', - 'reference/custom-resource-helmchart', - 'reference/custom-resource-lintconfig', - ], - }, - { - type: 'category', - label: 'KOTS Template Functions', - items: [ - 'reference/template-functions-about', - 'reference/template-functions-examples', - 'reference/template-functions-config-context', - 'reference/template-functions-identity-context', - 'reference/template-functions-kurl-context', - 'reference/template-functions-license-context', - 'reference/template-functions-static-context', - ], - }, - 'reference/cron-expressions', - ], - }, + 'enterprise/installing-overview', + 'enterprise/installing-general-requirements', + 'enterprise/installing-existing-cluster', + 'enterprise/installing-existing-cluster-airgapped', + 'enterprise/installing-existing-cluster-automation', + 'enterprise/installing-stateful-component-requirements', + ], + }, + { + type: 'category', + label: 'Performing Updates in Existing Cluster KOTS Installations', + items: [ + 'enterprise/updating-app-manager', + 'enterprise/updating-apps', + 'enterprise/updating-patching-with-kustomize', + ], + }, + { + type: 'category', + label: 'Configuring Local Image Registries for KOTS Installations', + items: [ + 'enterprise/image-registry-settings', + 'enterprise/image-registry-rate-limits', + ], + }, + 'enterprise/updating-licenses', + { + type: 'category', + label: 'Performing Backup and Restore with Snapshots', + items: [ + 'enterprise/snapshots-understanding', + { + type: 'category', + label: 'Configuring Backup Storage', + items: [ + 'enterprise/snapshots-velero-cli-installing', + 'enterprise/snapshots-configuring-hostpath', + 'enterprise/snapshots-configuring-nfs', + 'enterprise/snapshots-storage-destinations', + 'enterprise/snapshots-velero-installing-config', + ], + }, + 'enterprise/snapshots-creating', + 'enterprise/snapshots-restoring-full', + 'enterprise/snapshots-updating-with-admin-console', + 'enterprise/snapshots-troubleshooting-backup-restore', + ], + }, + { + type: 'category', + label: 'Managing Admin Console User Access', + items: [ + 'enterprise/auth-changing-passwords', + 'enterprise/auth-identity-provider', + 'enterprise/auth-configuring-rbac', + ], + }, + 'enterprise/monitoring-applications', + 'enterprise/status-viewing-details', + 'enterprise/delete-admin-console', + { + type: 'category', + label: 'Using a GitOps Workflow', + items: [ + 'enterprise/gitops-workflow', + 'enterprise/gitops-managing-secrets', + ], + }, + ], + }, + { + type: 'category', + label: 'kURL', + items: [ + 'vendor/kurl-about', + { + type: 'category', + label: 'Configuring kURL Installers', + items: [ + 'vendor/packaging-embedded-kubernetes', + 'vendor/packaging-installer-storage', + 'vendor/installer-history', + 'vendor/kurl-nodeport-services', + ], + }, + { + type: 'category', + label: 'Installing with kURL', + items: [ + 'enterprise/installing-kurl-requirements', + 'enterprise/installing-kurl', + 'enterprise/installing-kurl-airgap', + 'enterprise/installing-kurl-automation', + ], + }, + 'enterprise/cluster-management-add-nodes', + { + type: 'category', + label: 'Performing Updates with kURL', + items: [ + 'enterprise/updating-kurl-about', + 'enterprise/updating-kurl', + ], + }, + 'vendor/packaging-using-tls-certs', + 'enterprise/updating-tls-cert', + 'enterprise/image-registry-kurl', + 'enterprise/monitoring-external-prometheus', + 'vendor/kurl-reset', + ], + }, { type: 'category', - label: 'Installing with Helm', + label: 'Helm Installations with Replicated', items: [ 'vendor/helm-install-overview', 'vendor/install-with-helm', @@ -506,35 +508,6 @@ const sidebars = { 'vendor/replicated-sdk-installing', 'vendor/replicated-sdk-airgap', 'vendor/replicated-sdk-customizing', - 'vendor/replicated-sdk-slsa-validating', - ], - }, - { - type: 'category', - label: 'Proxying Private Images', - items: [ - 'vendor/private-images-about', - 'vendor/packaging-private-images', - 'vendor/helm-image-registry', - 'vendor/private-images-kots', - 'vendor/private-images-tags-digests', - { - type: 'category', - label: 'Replicated Private Registry', - items: [ - 'vendor/private-images-replicated', - 'vendor/packaging-private-registry-security', - ], - }, - 'vendor/tutorial-ecr-private-images', - ], - }, - { - type: 'category', - label: 'Using Custom Domains', - items: [ - 'vendor/custom-domains', - 'vendor/custom-domains-using', ], }, { @@ -571,14 +544,21 @@ const sidebars = { items: [ 'vendor/support-bundle-customizing', 'vendor/support-bundle-examples', - 'vendor/support-bundle-generating', - 'vendor/support-bundle-embedded', - 'vendor/support-host-support-bundles', + 'vendor/support-online-support-bundle-specs', + 'vendor/support-modular-support-bundle-specs', + { + type: 'category', + label: 'Generating Support Bundles', + items: [ + 'vendor/support-bundle-generating', + 'vendor/support-bundle-embedded', + 'enterprise/troubleshooting-an-app', + 'vendor/support-host-support-bundles', + ], + }, 'vendor/support-inspecting-support-bundles', 'vendor/support-enabling-direct-bundle-uploads', 'vendor/support-submit-request', - 'vendor/support-online-support-bundle-specs', - 'vendor/support-modular-support-bundle-specs', ], }, 'vendor/preflight-sb-helm-templates-about', @@ -591,42 +571,36 @@ const sidebars = { ], }, ], - }, + }, { type: 'category', - label: 'Testing with Compatibility Matrix', + label: 'Replicated Proxy Registry', items: [ - 'vendor/testing-about', - 'vendor/testing-supported-clusters', - 'vendor/testing-cluster-addons', - 'vendor/testing-how-to', - 'vendor/testing-ingress', + 'vendor/private-images-about', + 'vendor/packaging-private-images', + 'vendor/helm-image-registry', + 'vendor/private-images-kots', + 'vendor/private-images-tags-digests', + { + type: 'category', + label: 'Replicated Private Registry', + items: [ + 'vendor/private-images-replicated', + 'vendor/packaging-private-registry-security', + ], + }, + 'vendor/tutorial-ecr-private-images', ], }, { type: 'category', - label: 'Integrating with CI/CD', + label: 'Integrating Replicated in CI/CD Workflows', items: [ 'vendor/ci-overview', 'vendor/ci-workflows', 'vendor/ci-workflows-github-actions', ], }, - { - type: 'category', - label: 'Insights and Telemetry', - items: [ - 'vendor/instance-insights-event-data', - 'vendor/insights-app-status', - 'vendor/telemetry-air-gap', - 'vendor/customer-adoption', - 'vendor/customer-reporting', - 'vendor/instance-insights-details', - 'vendor/instance-notifications-config', - 'vendor/custom-metrics', - 'vendor/instance-data-export', - ], - }, // DEVELOPER TOOLS {type: 'html', value: '
    Developer tools
    ', defaultStyle: true}, @@ -832,8 +806,9 @@ const sidebars = { {type: 'html', value: '
    open source docs
    ', defaultStyle: true}, {type: 'link', href: 'https://kurl.sh/docs/introduction/', label: 'kURL.sh'}, {type: 'link', href: 'https://troubleshoot.sh/docs/collect/', label: 'Troubleshoot.sh'}, + // POLICIES - {type: 'html', value: '
    policies
    ', defaultStyle: true}, + {type: 'html', value: '
    platform overview
    ', defaultStyle: true}, { type: 'category', label: 'Replicated Policies', @@ -853,10 +828,19 @@ const sidebars = { ], }, { - type: 'link', + type: 'category', label: 'Security at Replicated', - href: 'https://www.replicated.com/security/' + items: [ + { + type: 'link', + label: 'Security at Replicated', + href: 'https://www.replicated.com/security/' + }, + 'enterprise/sbom-validating', + 'vendor/replicated-sdk-slsa-validating', + ], }, + ], };