stevsmit
diff --git a/‎deploy_red_hat_quay_operator/master.adoc‎
Lines changed: 30 additions & 43 deletions b/‎deploy_red_hat_quay_operator/master.adoc‎
Lines changed: 30 additions & 43 deletions
diff --git a/‎modules/about-hpa.adoc‎
Lines changed: 16 additions & 0 deletions b/‎modules/about-hpa.adoc‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎modules/advanced-configuration.adoc‎
Lines changed: 5 additions & 0 deletions b/‎modules/advanced-configuration.adoc‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎modules/configuring-resources-managed-components.adoc‎
Lines changed: 3 additions & 116 deletions b/‎modules/configuring-resources-managed-components.adoc‎
Lines changed: 3 additions & 116 deletions
diff --git a/‎modules/configuring-resources-ocp-ui.adoc‎
Lines changed: 69 additions & 0 deletions b/‎modules/configuring-resources-ocp-ui.adoc‎
Lines changed: 69 additions & 0 deletions
diff --git a/‎modules/configuring-resources-ocp-yaml.adoc‎
Lines changed: 30 additions & 0 deletions b/‎modules/configuring-resources-ocp-yaml.adoc‎
Lines changed: 30 additions & 0 deletions
diff --git a/‎modules/configuring-ssl-tls-routes.adoc‎
Lines changed: 24 additions & 0 deletions b/‎modules/configuring-ssl-tls-routes.adoc‎
Lines changed: 24 additions & 0 deletions
@@ -41,6 +41,11 @@ include::modules/first-user-ui.adoc[leveloffset=+2]
 include::modules/first-user-api.adoc[leveloffset=+2]
 
 //post installation configuration
+//quayregistry cr
+include::modules/modifying-quayregistry-cr-after-deployment.adoc[leveloffset=+1]
+include::modules/modifying-quayregistry-cr-ui.adoc[leveloffset=+2]
+include::modules/modifying-quayregistry-cr-cli.adoc[leveloffset=+2]
+//enabling features after deployment
 include::modules/enabling-features-after-deployment.adoc[leveloffset=+1]
 include::modules/operator-config-cli.adoc[leveloffset=+2]
 include::modules/operator-config-cli-download.adoc[leveloffset=+2]
@@ -53,58 +58,40 @@ include::modules/installing-quay-operator-namespace.adoc[leveloffset=+2]
 include::modules/creating-registry-infra-node.adoc[leveloffset=+2]
 
 //Advanced configuration
+include::modules/advanced-configuration.adoc[leveloffset=+1]
 
-
-//Troubleshooting
-include::modules/operator-quayregistry-troubleshooting.adoc[leveloffset=+1]
-include::modules/operator-quayregistry-status.adoc[leveloffset=+2]
-include::modules/operator-monitor-deploy-cli.adoc[leveloffset=+2]
-
-
-
-
-include::modules/operator-deploy-hpa.adoc[leveloffset=+1]
-
-
-//traffic ingress
-[id="configuring-traffic-ingress"]
-== Configuring traffic ingress
-include::modules/operator-preconfig-tls-routes.adoc[leveloffset=+2]
-
-//configuring resources
-include::modules/configuring-resources-managed-components.adoc[leveloffset=+1]
-
-//Database
-[id="configuring-the-database-poc"]
-== Configuring the database
+//advanced configuration - database
 include::modules/operator-unmanaged-postgres.adoc[leveloffset=+2]
-include::modules/config-fields-db.adoc[leveloffset=+3]
-include::modules/operator-managed-postgres.adoc[leveloffset=+3]
-//* The Operator will deploy an OpenShift `Route` as the default entrypoint to the registry.  If you prefer a different entrypoint (e.g. `Ingress` or direct `Service` access that configuration will need to be done manually).
-include::modules/operator-components-unmanaged-other.adoc[leveloffset=+2]
-include::modules/operator-unmanaged-redis.adoc[leveloffset=+3]
+include::modules/integrating-external-postgresql-db.adoc[leveloffset=+3]
 
-[role="_additional-resources"]
-.Additional resources
-link:https://access.redhat.com/documentation/en-us/red_hat_quay/{producty}/html-single/configure_red_hat_quay/index#config-fields-redis[Redis configuration fields]
+//advanced configuration - redis 
+include::modules/operator-components-unmanaged-redis.adoc[leveloffset=+2]
+include::modules/operator-unmanaged-redis.adoc[leveloffset=+3]
 
+//advanced configuration - hpa
+include::modules/about-hpa.adoc[leveloffset=+2]
 include::modules/operator-unmanaged-hpa.adoc[leveloffset=+3]
-include::modules/operator-unmanaged-route.adoc[leveloffset=+3]
-include::modules/operator-unmanaged-monitoring.adoc[leveloffset=+3]
-include::modules/operator-unmanaged-mirroring.adoc[leveloffset=+3]
 
+//advanced configuration - route/ssl
+include::modules/operator-custom-ingress.adoc[leveloffset=+2]
+include::modules/disabling-route-component.adoc[leveloffset=+3]
+include::modules/configuring-ssl-tls-routes.adoc[leveloffset=+3]
 
-//SSL/TLS
-include::modules/operator-custom-ssl-certs-config-bundle.adoc[leveloffset=+1]
-//include::modules/ssl-create-certs.adoc[leveloffset=+2]
-//include::modules/creating-custom-ssl-certs-config-bundle.adoc[leveloffset=+2]
+//advanced configuration - monitoring
+include::modules/operator-unmanaged-monitoring.adoc[leveloffset=+2]
 
-//Deploying configuration tool
-//include::modules/operator-config-ui.adoc[leveloffset=+1]
+//advanced configuration - mirroring
+include::modules/operator-unmanaged-mirroring.adoc[leveloffset=+2]
 
-//upgrading 38-39
-//removed for 3.10+
-//include::modules/upgrading-postgresql.adoc[leveloffset=+1]
+//configuring resources
+include::modules/configuring-resources-managed-components.adoc[leveloffset=+2]
+include::modules/configuring-resources-ocp-ui.adoc[leveloffset=+3]
+include::modules/configuring-resources-ocp-yaml.adoc[leveloffset=+3]
+
+//Troubleshooting
+include::modules/operator-quayregistry-troubleshooting.adoc[leveloffset=+1]
+include::modules/operator-quayregistry-status.adoc[leveloffset=+2]
+include::modules/operator-monitor-deploy-cli.adoc[leveloffset=+2]
 
 [role="quay-next-steps"]
 .Next steps
 
@@ -0,0 +1,16 @@
+:_mod-docs-content-type: CONCEPT
+[id="about-hpa"]
+= About Horizontal Pod Autoscaling (HPA)
+
+By default, {productname} deployments include managed *Horizontal Pod Autoscalers (HPAs)* for key components to ensure availability and performance during load spikes or maintenance events. HPAs automatically adjust the number of running pods based on observed CPU and memory utilization.
+
+A typical {productname} deployment includes the following pods:
+
+* Two pods for the {productname} application (`example-registry-quay-app-*`)
+* One Redis pod for {productname} logging (`example-registry-quay-redis-*`)
+* One PostgreSQL pod for metadata storage (`example-registry-quay-database-*`)
+* Two `Quay` mirroring pods (`example-registry-quay-mirror-*`)
+* Two pods for Clair (`example-registry-clair-app-*`)
+* One PostgreSQL pod for Clair (`example-registry-clair-postgres-*`)
+
+HPAs are managed by default for the `Quay`, `Clair`, and `Mirror` components, each starting with two replicas to prevent downtime during upgrades, reconfigurations, or pod rescheduling ev
@@ -0,0 +1,5 @@
+:_mod-docs-content-type: PROCEDURE
+[id="advanced-configuration"]
+= Advanced configuration
+
+The following sections cover advanced configuration options for when the default deployment settings do not meet your organization's needs for performance, security, or existing infrastructure integration. 
@@ -1,4 +1,4 @@
-:_mod-docs-content-type: PROCEDURE
+:_mod-docs-content-type: CONCEPT
 [id="configuring-resources-managed-components"]
 = Configuring resources for managed components on {ocp}
 
@@ -18,122 +18,9 @@ The following components should not be set lower than their minimum requirements
 * `clair`: Recommended of 2 GB memory, 2 vCPUs
 * `clairpostgres`: Minimum of 200 MB
 
-You can configure resource requests on the {ocp} UI, or by directly by updating the `QuayRegistry` YAML.
+You can configure resource requests on the {ocp} UI or directly by updating the `QuayRegistry` CR via the CLI.
 
 [IMPORTANT]
 ====
 The default values set for these components are the suggested values. Setting resource requests too high or too low might lead to inefficient resource utilization, or performance degradation, respectively. 
-====
-
-[id="configuring-resources-ocp-ui"]
-== Configuring resource requests by using the {ocp} UI
-
-Use the following procedure to configure resources by using the {ocp} UI.
-
-.Procedure
-
-. On the {ocp} developer console, click *Operators* -> *Installed Operators* -> *Red Hat Quay*. 
-
-. Click *QuayRegistry*. 
-
-. Click the name of your registry, for example, *example-registry*.
-
-. Click *YAML*. 
-
-. In the `spec.components` field, you can override the resource of the `quay`, `clair`, `mirroring` `clairpostgres`, and `postgres` resources  by setting values for the `.overrides.resources.limits` and the `overrides.resources.requests` fields. For example:
-+
-[source,yaml]
-----
-spec:
-  components:
-    - kind: clair
-      managed: true
-      overrides:
-        resources:
-          limits:
-            cpu: "5"     # Limiting to 5 CPU (equivalent to 5000m or 5000 millicpu)
-            memory: "18Gi"  # Limiting to 18 Gibibytes of memory
-          requests: 
-            cpu: "4"     # Requesting 4 CPU
-            memory: "4Gi"   # Requesting 4 Gibibytes of memory
-    - kind: postgres
-      managed: true
-      overrides:
-        resources:
-          limits: {} <1>
-          requests:
-            cpu: "700m"   # Requesting 700 millicpu or 0.7 CPU
-            memory: "4Gi"   # Requesting 4 Gibibytes of memory
-    - kind: mirror
-      managed: true
-      overrides:
-        resources:
-          limits: <2>
-          requests:
-            cpu: "800m"   # Requesting 800 millicpu or 0.8 CPU
-            memory: "1Gi"   # Requesting 1 Gibibyte of memory
-    - kind: quay
-      managed: true
-      overrides:
-        resources:
-          limits:
-            cpu: "4"    # Limiting to 4 CPU
-            memory: "10Gi"   # Limiting to 10 Gibibytes of memory
-          requests:
-            cpu: "4"   # Requesting 4 CPU
-            memory: "10Gi"   # Requesting 10 Gibi of memory
-    - kind: clairpostgres
-      managed: true
-      overrides:
-        resources:
-          limits:
-            cpu: "800m"   # Limiting to 800 millicpu or 0.8 CPU
-            memory: "3Gi"   # Limiting to 3 Gibibytes of memory
-          requests: {}
-----
-<1> Setting the `limits` or `requests` fields to `{}` uses the default values for these resources.
-<2> Leaving the `limits` or `requests` field empty puts no limitations on these resources.
-
-[id="configuring-resources-ocp-yaml"]
-== Configuring resource requests by editing the QuayRegistry YAML
-
-You can re-configure {productname} to configure resource requests after you have already deployed a registry. This can be done by editing the `QuayRegistry` YAML file directly and then re-deploying the registry. 
-
-.Procedure
-
-. Optional: If you do not have a local copy of the `QuayRegistry` YAML file, enter the following command to obtain it:
-+
-[source,terminal]
-----
-$ oc get quayregistry <registry_name> -n <namespace> -o yaml > quayregistry.yaml
-----
-
-. Open the `quayregistry.yaml` created from Step 1 of this procedure and make the desired changes. For example:
-+
-[source,yaml]
-----
-    - kind: quay
-      managed: true
-      overrides:
-        resources:
-          limits: {}
-          requests:
-            cpu: "0.7"   # Requesting 0.7 CPU (equivalent to 500m or 500 millicpu)
-            memory: "512Mi"   # Requesting 512 Mebibytes of memory
-----
-
-. Save the changes. 
-
-. Apply the {productname} registry using the updated configurations by running the following command:
-+
-[source,terminal]
-----
-$ oc replace -f quayregistry.yaml
-----
-+
-.Example output
-+
-[source,terminal]
-----
-quayregistry.quay.redhat.com/example-registry replaced
-----
+====
@@ -0,0 +1,69 @@
+:_mod-docs-content-type: PROCEDURE
+[id="configuring-resources-ocp-ui"]
+= Configuring resource requests by using the {ocp} UI
+
+Use the following procedure to configure resources by using the {ocp} UI.
+
+.Procedure
+
+. On the {ocp} developer console, click *Operators* -> *Installed Operators* -> *Red Hat Quay*. 
+
+. Click *QuayRegistry*. 
+
+. Click the name of your registry, for example, *example-registry*.
+
+. Click *YAML*. 
+
+. In the `spec.components` field, you can override the resource of the `quay`, `clair`, `mirroring` `clairpostgres`, and `postgres` resources  by setting values for the `.overrides.resources.limits` and the `overrides.resources.requests` fields. For example:
++
+[source,yaml]
+----
+spec:
+  components:
+    - kind: clair
+      managed: true
+      overrides:
+        resources:
+          limits:
+            cpu: "5"     # Limiting to 5 CPU (equivalent to 5000m or 5000 millicpu)
+            memory: "18Gi"  # Limiting to 18 Gibibytes of memory
+          requests: 
+            cpu: "4"     # Requesting 4 CPU
+            memory: "4Gi"   # Requesting 4 Gibibytes of memory
+    - kind: postgres
+      managed: true
+      overrides:
+        resources:
+          limits: {} <1>
+          requests:
+            cpu: "700m"   # Requesting 700 millicpu or 0.7 CPU
+            memory: "4Gi"   # Requesting 4 Gibibytes of memory
+    - kind: mirror
+      managed: true
+      overrides:
+        resources:
+          limits: <2>
+          requests:
+            cpu: "800m"   # Requesting 800 millicpu or 0.8 CPU
+            memory: "1Gi"   # Requesting 1 Gibibyte of memory
+    - kind: quay
+      managed: true
+      overrides:
+        resources:
+          limits:
+            cpu: "4"    # Limiting to 4 CPU
+            memory: "10Gi"   # Limiting to 10 Gibibytes of memory
+          requests:
+            cpu: "4"   # Requesting 4 CPU
+            memory: "10Gi"   # Requesting 10 Gibi of memory
+    - kind: clairpostgres
+      managed: true
+      overrides:
+        resources:
+          limits:
+            cpu: "800m"   # Limiting to 800 millicpu or 0.8 CPU
+            memory: "3Gi"   # Limiting to 3 Gibibytes of memory
+          requests: {}
+----
+<1> Setting the `limits` or `requests` fields to `{}` uses the default values for these resources.
+<2> Leaving the `limits` or `requests` field empty puts no limitations on these resources.
@@ -0,0 +1,30 @@
+:_mod-docs-content-type: PROCEDURE
+[id="configuring-resources-ocp-yaml"]
+= Configuring resource requests by using the CLI
+
+You can re-configure {productname} to configure resource requests after you have already deployed a registry. This can be done by editing the `QuayRegistry` YAML file directly and then re-deploying the registry. 
+
+.Procedure
+
+. Edit the `QuayRegistry` CR by entering the following command:
++
+[source,terminal]
+----
+$ oc edit quayregistry <registry_name> -n <namespace>
+----
+
+. Make any desired changes. For example:
++
+[source,yaml]
+----
+    - kind: quay
+      managed: true
+      overrides:
+        resources:
+          limits: {}
+          requests:
+            cpu: "0.7"   # Requesting 0.7 CPU (equivalent to 500m or 500 millicpu)
+            memory: "512Mi"   # Requesting 512 Mebibytes of memory
+----
+
+. Save the changes.
@@ -0,0 +1,24 @@
+:_mod-docs-content-type: CONCEPT
+[id="configuring-ssl-tls-routes"]
+= Configuring SSL/TLS and routes
+
+Support for {ocp} _edge termination_ routes is provided through the `tls` component. This separation allows independent control of route management and TLS certificate handling.
+
+`EXTERNAL_TLS_TERMINATION: true` is the default, opinionated setting, which assumes the cluster manages TLS termination.
+
+[NOTE]
+====
+* When `tls` is *managed*, the cluster's default wildcard certificate is used.
+* When `tls` is *unmanaged*, you must supply your own SSL/TLS certificate and key pair.
+====
+
+Multiple valid configurations are possible, as shown in the following table:
+
+.Valid configuration options for TLS and routes
+[width="100%",cols="2,2,2,2,3",options="header"]
+|===
+|Option | Route | TLS | Certs provided | Result
+| My own load balancer handles TLS | Managed | Managed | No | Edge route using default cluster wildcard certificate
+| {productname} handles TLS | Managed | Unmanaged | Yes | Passthrough route with certificates mounted in the {productname} pod
+| {productname} handles TLS | Unmanaged | Unmanaged | Yes | Certificates set inside the {productname} pod; user must manually create a route
+|===