mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
Merge pull request #105514 from openshift-cherrypick-robot/cherry-pick-104800-to-enterprise-4.21
[enterprise-4.21] Fixing typos on main
This commit is contained in:
Andrea Hoffer
@@ -8,7 +8,7 @@
|
||||
|
||||
To prevent ongoing charges, after you delete your cluster you must manually delete the {GCP} networking infrastructure you created as part of this tutorial. Deleting the cluster will not automatically remove these underlying resources. You can clean up these resources using a combination of gcloud CLI commands and actions within the {GCP} console.
|
||||
|
||||
Before you begin the process of cleaning up the the resources you created for this tutorial, run the following commands and complete any prompts.
|
||||
Before you begin the process of cleaning up the resources you created for this tutorial, run the following commands and complete any prompts.
|
||||
|
||||
. To authenticate your identity run the following command:
|
||||
+
|
||||
|
||||
@@ -21,7 +21,7 @@ The {external-secrets-operator} operands exposes metrics by default on port `808
|
||||
|
||||
.. Create the `clusterrolebinding-external-secrets.yaml` YAML file:
|
||||
+
|
||||
The following example shows a `cluserrolebinding-external-secrets.yaml` file.
|
||||
The following example shows a `clusterrolebinding-external-secrets.yaml` file.
|
||||
+
|
||||
[source,yaml]
|
||||
----
|
||||
|
||||
@@ -71,7 +71,7 @@ $ oc apply -f secret-external-secrets-operator.yaml
|
||||
|
||||
.. Create the `clusterrolebinding-external-secrets.yaml` YAML file:
|
||||
+
|
||||
The following example shows a `cluserrolebinding-external-secrets.yaml` file.
|
||||
The following example shows a `clusterrolebinding-external-secrets.yaml` file.
|
||||
+
|
||||
[source,yaml]
|
||||
----
|
||||
|
||||
@@ -15,7 +15,7 @@ When you create a pod service account or a namespace, wait until the service acc
|
||||
|
||||
.Procedure
|
||||
|
||||
. Allow pods in `project-a` to reference images in `project-b` by entering the follow command. In this example, the service account `default` in `project-a` is bound to the `system:image-puller` role in `project-b`:
|
||||
. Allow pods in `project-a` to reference images in `project-b` by entering the following command. In this example, the service account `default` in `project-a` is bound to the `system:image-puller` role in `project-b`:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
|
||||
@@ -76,7 +76,7 @@ endif::upi[]
|
||||
`VirtualMachine.Config.AddNewDisk`
|
||||
|
||||
|vSphere vCenter Resource Pool
|
||||
|For a provided existing resource pool
|
||||
|For a provided existing resource pool
|
||||
|
|
||||
[%hardbreaks]
|
||||
`Resource.AssignVMToPool`
|
||||
@@ -831,7 +831,7 @@ endif::upi[]
|
||||
** 3 control plane nodes
|
||||
** 3 compute machines
|
||||
|
||||
Although these resources use 856 GB of storage, the bootstrap node gets deleted during the cluster installation process. At a minimum , a standard cluster requires 800 GB of storage.
|
||||
Although these resources use 856 GB of storage, the bootstrap node gets deleted during the cluster installation process. At a minimum, a standard cluster requires 800 GB of storage.
|
||||
|
||||
If you deploy more compute machines, the {product-title} cluster will use more storage.
|
||||
|
||||
|
||||
@@ -8,9 +8,9 @@
|
||||
[role="_abstract"]
|
||||
Kubernetes `Secret` objects allow you to store and manage sensitive information, such as passwords, OAuth tokens, and SSH keys. Putting this information in a secret is safer and more flexible than putting it in plain text into a pod definition or a container image.
|
||||
|
||||
.Procedure
|
||||
.Procedure
|
||||
|
||||
* In the OSToy apppplication, in the left menu, click *Secrets*, displaying the contents of the secrets available to the OSToy application. The code snippet shows an example of a secret configuration:
|
||||
* In the OSToy application, in the left menu, click *Secrets*, displaying the contents of the secrets available to the OSToy application. The code snippet shows an example of a secret configuration:
|
||||
+
|
||||
*For example*:
|
||||
+
|
||||
@@ -20,4 +20,4 @@ USERNAME=my_user
|
||||
PASSWORD=VVNFUk5BTUU9bXlfdXNlcgpQQVNTV09SRD1AT3RCbCVYQXAhIzYzMlk1RndDQE1UUWsKU01UUD1sb2NhbGhvc3QKU01UUF9QT1JUPTI1
|
||||
SMTP=localhost
|
||||
SMTP_PORT=25
|
||||
----
|
||||
----
|
||||
|
||||
@@ -53,7 +53,7 @@ spec:
|
||||
----
|
||||
<1> To enable eBPF flow filtering, set `spec.agent.ebpf.flowFilter.enable` to `true`.
|
||||
<2> To define the action for the flow filter rule, set the required `action` parameter. Valid values are `Accept` or `Reject`.
|
||||
<3> To define the IP address and CIDR mask for the flow filter rule, set the required `cidr` parameter. This parameter supports both IPv4 and IPv6 address formats. To match any IP address, use `0.0.0.0/0` for IPv4 or ``::/0` for IPv6.
|
||||
<3> To define the IP address and CIDR mask for the flow filter rule, set the required `cidr` parameter. This parameter supports both IPv4 and IPv6 address formats. To match any IP address, use `0.0.0.0/0` for IPv4 or `::/0` for IPv6.
|
||||
<4> To define the sampling interval for matched flows and override the global sampling setting `spec.agent.ebpf.sampling`, set the `sampling` parameter.
|
||||
<5> To filter flows by Peer IP CIDR, set the `peerCIDR` parameter.
|
||||
|
||||
|
||||
@@ -13,6 +13,6 @@ To view the new alerts, in the {product-title} web console, click *Observe* →
|
||||
|
||||
[id="network-observability-operator-network-health-dashboard-technology-preview_{context}"]
|
||||
== Network Observability Operator Network Health dashboard (Technology Preview)
|
||||
When you enable the Technology Preview alerts functionality in the Network Observability Operator, you can view a a new *Network Health* dashboard in the {product-title} web console by clicking *Observe*.
|
||||
When you enable the Technology Preview alerts functionality in the Network Observability Operator, you can view a new *Network Health* dashboard in the {product-title} web console by clicking *Observe*.
|
||||
|
||||
The *Network Health* dashboard provides a summary of triggered alerts, distinguishing between critical, warning, and minor issues, and also shows pending alerts.
|
||||
|
||||
@@ -48,4 +48,4 @@ F0512 19:07:17.589141 108432 ovnkube.go:133] failed to get default gateway inte
|
||||
+
|
||||
The only resolution is to reconfigure the host networking so that both IP families contain the default gateway.
|
||||
|
||||
* If you set the `ipv6.disable` parameter to `1` in the `kernelArgument` section of the `MachineConfig` custom resource (CR) for your cluster, OVN-Kubernetes pods enter a `CrashLoopBackOff` state. Additionally, updating your cluster to a later version of {product-title} fails because the Network Operator remains on a `Degraded` state. Red{nbsp}Hat does not support disabling IPv6 adddresses for your cluster so do not set the `ipv6.disable` parameter to `1`.
|
||||
* If you set the `ipv6.disable` parameter to `1` in the `kernelArgument` section of the `MachineConfig` custom resource (CR) for your cluster, OVN-Kubernetes pods enter a `CrashLoopBackOff` state. Additionally, updating your cluster to a later version of {product-title} fails because the Network Operator remains on a `Degraded` state. Red{nbsp}Hat does not support disabling IPv6 addresses for your cluster so do not set the `ipv6.disable` parameter to `1`.
|
||||
|
||||
@@ -32,6 +32,6 @@ Namespace-scoped bundle resources:: You must define RBAC for any namespace-scope
|
||||
|
||||
Roles and role bindings:: You must define RBAC for any roles or role bindings defined in the CSV. The installation service account needs permission to create and manage those roles and role bindings.
|
||||
|
||||
// I am deleting the secrets section because I think it covered under the "extension permissions" term. Please let me know if I should put it back and if you have a suggestion for the defintion.
|
||||
// I am deleting the secrets section because I think it covered under the "extension permissions" term. Please let me know if I should put it back and if you have a suggestion for the definition.
|
||||
|
||||
Service accounts:: You must define RBAC so that the installation service account can create and manage the service accounts for the extension controllers.
|
||||
|
||||
@@ -16,7 +16,7 @@ With this method, the Operator is responsible for and requires RBAC permissions
|
||||
By default, pods related to the Operator deployment mount a `serviceAccountToken` volume so that the service account token can be referenced in the resulting `Secret` object.
|
||||
====
|
||||
|
||||
.Prerequisities
|
||||
.Prerequisites
|
||||
|
||||
* {product-title} 4.14 or later
|
||||
* Cluster in STS mode
|
||||
|
||||
@@ -15,7 +15,7 @@ With this method, the Operator is responsible for and requires RBAC permissions
|
||||
By default, pods related to the Operator deployment mount a `serviceAccountToken` volume so that the service account token can be referenced in the resulting `Secret` object.
|
||||
====
|
||||
|
||||
.Prerequisities
|
||||
.Prerequisites
|
||||
|
||||
* {product-title} 4.14 or later
|
||||
* Cluster in {entra-short} mode
|
||||
|
||||
@@ -15,7 +15,7 @@ With this method, the Operator is responsible for and requires RBAC permissions
|
||||
By default, pods related to the Operator deployment mount a `serviceAccountToken` volume so that the service account token can be referenced in the resulting `Secret` object.
|
||||
====
|
||||
|
||||
.Prerequisities
|
||||
.Prerequisites
|
||||
|
||||
* {product-title} 4.17 or later
|
||||
* Cluster in *{gcp-wid-short} / Federated Identity* mode
|
||||
|
||||
@@ -11,7 +11,7 @@ are attached to are not guaranteed to have these IQNs.
|
||||
|
||||
.Procedure
|
||||
|
||||
* To specify a custom initiator IQN, update the `initiatorName` field in the `PersistentVolume` defintion object .
|
||||
* To specify a custom initiator IQN, update the `initiatorName` field in the `PersistentVolume` definition object .
|
||||
|
||||
.Example PersistentVolume object with a value specified in the initiatorName field.
|
||||
[source,yaml]
|
||||
|
||||
@@ -11,7 +11,7 @@ access to the persistent volume when one or more of the components in a path fai
|
||||
|
||||
.Procedure
|
||||
|
||||
* To specify multi-paths in the pod specification, specify a value in the `portals` field of the `PersistentVolume` defintion object.
|
||||
* To specify multi-paths in the pod specification, specify a value in the `portals` field of the `PersistentVolume` definition object.
|
||||
|
||||
.Example PersistentVolume object with a value specified in the portals field.
|
||||
[source,yaml]
|
||||
|
||||
@@ -26,7 +26,7 @@ include::snippets/technology-preview.adoc[]
|
||||
|
||||
. Select *{support-log-gather}*.
|
||||
|
||||
. From *Version* list, select the {support-log-gather} version , and click *Install*.
|
||||
. From *Version* list, select the {support-log-gather} version, and click *Install*.
|
||||
|
||||
. On the *Install Operator* page, configure the installation settings:
|
||||
|
||||
|
||||
@@ -15,7 +15,7 @@ Component,Reference CR,Description,Optional
|
||||
{rh-rhacm},`acmMCH.yaml`,"Configures a `MultiClusterHub` CR with high availability, enabling various components and specifying installation settings.",No
|
||||
{rh-rhacm},`acmMirrorRegistryCM.yaml`,Defines the SSL certificates and mirror registry configuration for various Red Hat and {product-title} registries used by the `multicluster-engine` in the `multicluster-engine` namespace.,No
|
||||
{rh-rhacm},`acmNS.yaml`,Defines the `open-cluster-management` namespace with a label to enable cluster monitoring.,No
|
||||
{rh-rhacm},`acmOperGroup.yaml`,"Defines an OperatorGroup for the `open-cluster-management`` namespace, targeting the same namespace.",No
|
||||
{rh-rhacm},`acmOperGroup.yaml`,"Defines an OperatorGroup for the `open-cluster-management` namespace, targeting the same namespace.",No
|
||||
{rh-rhacm},`acmPerfSearch.yaml`,Configures search for Open Cluster Management by defining various parameters and API settings.,No
|
||||
{rh-rhacm},`acmProvisioning.yaml`,Configures a provisioning resource in the metal3.io/v1alpha1 API version to watch all namespaces.,No
|
||||
{rh-rhacm},`acmSubscription.yaml`,Subscribes to the {rh-rhacm} Operator using automatic install plan approval.,No
|
||||
|
||||
@@ -27,7 +27,7 @@ During cluster installation, {product-title} administrators can configure altern
|
||||
User-defined networks are only supported when OVN-Kubernetes is used as the CNI. UDNs are not supported for use with other CNIs.
|
||||
====
|
||||
|
||||
You can define an secondary network based on the available CNI plugins and attach one or more of these networks to your pods. You can define more than one secondary network for your cluster depending on your needs. This gives you flexibility when you configure pods that deliver network functionality, such as switching or routing. For more information, see the the links in the Additional resources:
|
||||
You can define an secondary network based on the available CNI plugins and attach one or more of these networks to your pods. You can define more than one secondary network for your cluster depending on your needs. This gives you flexibility when you configure pods that deliver network functionality, such as switching or routing. For more information, see the links in the Additional resources:
|
||||
|
||||
* For a complete list of supported CNI plugins, see "Secondary networks in {product-title}".
|
||||
* For information about user-defined networks, see "About user-defined networks (UDNs)".
|
||||
|
||||
@@ -12,7 +12,7 @@ To remove stale support permissions, run the following commands on a terminal wi
|
||||
|
||||
.Procedure
|
||||
|
||||
. Retrieve the existing role defintion, ensuring the `PROJECT_ID` environment variable points to your {gcp-full} project:
|
||||
. Retrieve the existing role definition, ensuring the `PROJECT_ID` environment variable points to your {gcp-full} project:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
= Resuming Operator reconciliation
|
||||
|
||||
[role="_abstract"]
|
||||
To pause Operator reconciliation for manual configuration or debugging, enable the `create-only`` mode. This prevents the controller from overwriting your changes. You can enable this mode by setting the environment variable in the subscription object.
|
||||
To pause Operator reconciliation for manual configuration or debugging, enable the `create-only` mode. This prevents the controller from overwriting your changes. You can enable this mode by setting the environment variable in the subscription object.
|
||||
|
||||
.Procedure
|
||||
|
||||
@@ -18,5 +18,3 @@ To pause Operator reconciliation for manual configuration or debugging, enable t
|
||||
----
|
||||
$ oc -n $OPERATOR_NAMESPACE patch subscription openshift-zero-trust-workload-identity-manager --type='merge' -p '{"spec":{"config":{"env":[{"name":"CREATE_ONLY_MODE","value":"false"}]}}}'
|
||||
----
|
||||
|
||||
|
||||
|
||||
@@ -12,7 +12,7 @@ After the {external-secrets-operator} is installed, you can customize its behavi
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
|
||||
* xref:../external_secrets_operator/external-secrets-operator-api.adoc#external-secrets-operator-api[External Secrets Operator for Red hat OpenShift APIs]
|
||||
* xref:../external_secrets_operator/external-secrets-operator-api.adoc#external-secrets-operator-api[External Secrets Operator for Red Hat OpenShift APIs]
|
||||
|
||||
//include::modules/cert-manager-enable-operand-log-level.adoc[leveloffset=+1]
|
||||
|
||||
@@ -33,6 +33,3 @@ include::modules/external-secrets-cert-manager-config.adoc[leveloffset=+1]
|
||||
|
||||
// configuring bitwarden
|
||||
include::modules/external-secrets-bit-warden-config.adoc[leveloffset=+1]
|
||||
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user