Skip to content

Commit

Permalink
Merge pull request #92 from littsummer/feature-summer1
Browse files Browse the repository at this point in the history 
modify the jump address in some pages
  • Loading branch information
@bjwswang
bjwswang authored Nov 27, 2023
2 parents 26327c1 + 4fac6a4 commit b6beb0a
Show file tree
Hide file tree
Showing 8 changed files with 25 additions and 20 deletions.
4 changes: 2 additions & 2 deletions docs/develop-guid/building-base/add-cluster.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,11 @@ export TOKENNAME=$(kubectl get serviceaccount/host-cluster-reader -n u4a-system
kubectl get secret $TOKENNAME -n u4a-system -o jsonpath='{.data.token}' | base64 -d
```

3. 登录管理平台,进入 “集群管理”,参考 [安装底座](docs/quick-start/buildingbase_quickstart.md),点击“添加集群”。
3. 登录管理平台,进入 “集群管理”,参考 [安装底座](../../quick-start/quick-install.md#安装底座),点击“添加集群”。

4. 输入集群名称,按需修改集群后缀,这里使用“API Token”方式接入集群。

* API Host,使用支持 OIDC 协议的 K8s API 地址,可以通过 **kubectl get ingress -nu4a-system** 查看kube-oidc-proxy-server-ingress 对应的 Host 信息,比如 https://k8s.172.22.96.136.nip.io(注意结尾不要有 /)
* API Host,使用支持 OIDC 协议的 K8s API 地址,可以通过 **kubectl get ingress -nu4a-system** 查看 kube-oidc-proxy-server-ingress 对应的 Host 信息,比如 `https://k8s.172.22.96.136.nip.io`(注意结尾不要有 /)
* API Token,输入第 2 步获取的 token 信息

5. 添加成功后,可以在列表上看到集群信息及其状态;选择“租户管理”,会看到名称为 "system-tenant" 的一个系统租户
Expand Down
2 changes: 1 addition & 1 deletion docs/develop-guid/building-base/configuration/audit-config.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ sidebar_position: 3
# 配置审计能力

:::tip
注意,审计功能依赖对审计日志的采集功能,需要在集群设置中配置日志服务 ElasticSearch 的地址,日志服务的配置参考[日志组件](docs/component-market/logging.md)
注意,审计功能依赖对审计日志的采集功能,需要在集群设置中配置日志服务 ElasticSearch 的地址,日志服务的配置参考[日志组件](../../component-market/logging.md)
:::

1、编辑 audit-policy.yaml 文件对审计进行配置,```kubectl edit cm audit-policy-conf -n u4a-system```
Expand Down
17 changes: 11 additions & 6 deletions docs/develop-guid/component-market/logging.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,17 @@ sidebar_position: 2
* [ingress-without-auth](#2-ingress-下不开启-rbac-认证)

### 功能描述

1. helm package包含了安装elasticsearch和对外暴露elasticsearch服务的ingress资源文件;
2. 支持配置的组件包括以下几个:
> - rbacSidecar(.Values.rbacSidecar.enabled): 在elasticsearch client节点上安装kube-rbac-proxy sidecar 用来认证用户token
> - ingress(.Values.ingress.enabled): 通过ingress暴露elasticsearch服务,按需开启,默认为 true
2. 支持配置的组件包括以下几个:

> - rbacSidecar(.Values.rbacSidecar.enabled):在elasticsearch client 节点上安装 kube-rbac-proxy sidecar 用来认证用户 token
> - ingress(.Values.ingress.enabled):通过 ingress 暴露 elasticsearch 服务,按需开启,默认为 true
3. rbacSidecar 和 elasticsearch.secure 仅能使用其中一种,比如:

rbacSidecar 和 elasticsearch.secure 仅能使用其中一种,比如:
> - .Values.rbacSidecar.enabled: true, .Values.elasticsearch.secure: false
> - .Values.rbacSidecar.enabled: false, .Values.elasticsearch.secure: true
> - .Values.rbacSidecar.enabled: true, .Values.elasticsearch.secure: false
> - .Values.rbacSidecar.enabled: false, .Values.elasticsearch.secure: true
### values 字段解释

Expand Down Expand Up @@ -129,11 +132,13 @@ ingress:
## 安装测试

### <a name="test-with-ingress-and-rbac">1. 使用 ingress 与 RBAC 认证方式</a>

> - .Values.rbacSidecar.enabled: true
> - .Values.elasticsearch.secure: false
> - .Values.ingress.enabled false
#### 依赖镜像

> hub.tenxcloud.com/system_containers/elasticsearch-operator v5.4.1 89aeaffad933 2 hours ago 30.8MB
> hub.tenxcloud.com/system_containers/elasticsearch 7.10.1-ik 3bf941c09b95 8 months ago 963MB
> hub.tenxcloud.com/system_containers/kubectl v1.20.8 403754878e80 3 months ago 112MB
Expand Down
8 changes: 4 additions & 4 deletions docs/develop-guid/core/intro.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ sidebar_position: 1

# 介绍

[内核](https://github.com/kubebb/core)基于[kubernetes operator](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/)模式进行开发,提供完整的组件生命周期管理、组件订阅和自动化部署能力,并通过[tekton](https://tekton.dev/)扩展实现组件自动化评级和安装前校验等能力
[内核](https://github.com/kubebb/core)基于[kubernetes operator](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/)模式进行开发,提供完整的组件生命周期管理、组件订阅和自动化部署能力,并通过[tekton](https://tekton.dev/)扩展实现组件自动化评测和安装前校验等能力

## 整体架构

Expand Down Expand Up @@ -49,11 +49,11 @@ sidebar_position: 1
- **可扩展性:**更易于扩展组件,因为它们通常是基于组件和模块的,可以简单地组合起来创建更复杂的系统。
- **可靠性:**更可靠,因为它们通常是基于静态配置的,而不是基于运行时状态的。这意味着它们更少出现运行时错误和意外行为。

### 多维度组件评级
### 多维度组件评测

通过集成[Tekton](https://github.com/kubebb/components/tree/main/examples/tekton-operator)流水线组件,实现自动化的组件评级,并通过`CRD Rating`完成评测数据总结和分析。
通过集成[Tekton](https://github.com/kubebb/components/tree/main/examples/tekton-operator)流水线组件,实现自动化的组件评测,并通过`CRD Rating`完成评测数据总结和分析。

目前组件评级围绕三个维度展开:
目前组件评测围绕三个维度展开:

- [**安全性:**](./rating#安全性任务) 评估组件的安全性和软件供应链的安全性。
- [**可靠性:**](./rating#可靠性任务) 评估组件本身是否已经过良好的功能测试、性能测试
Expand Down
4 changes: 2 additions & 2 deletions docs/develop-guid/core/rating/enablerating.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ sidebar_position: 1
默认情况下,Rating组件评级功能是关闭的,需要手动启用。我们建议按照以下步骤启用Rating:

:::tip
详细了解更多Rating有关内容,请参考[组件评测设计](../rating)[Rating CRD定义](../concepts/rating)
详细了解更多Rating有关内容,请参考[组件评测设计](../rating/rating.md)[Rating CRD定义](../concepts/rating.md)
:::

**Rating**依赖两个组件,分别是:
Expand Down Expand Up @@ -109,7 +109,7 @@ arcadia-5cb86f8787-jvd7j 0/1 Running
arcadia-5cb86f8787-jvd7j 1/1 Running 0 30s
```

### 5. 更新内核
## 5. 更新内核

通过设置参数`deployment.rating_enable=true`来启用Rating

Expand Down
4 changes: 2 additions & 2 deletions docs/develop-guid/core/rating/rating.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,8 @@ sidebar_position: 2

:::tip

- 参考[启用组件评测](./userguide/enablerating)快速使用Rating
- 参考[组件评测概念](./concepts/rating)了解Rating的实现原理
- 参考[启用组件评测](./enablerating.md)快速部署Rating
- 参考[组件评测概念](../concepts/rating.md)了解Rating的实现原理

:::

Expand Down
4 changes: 2 additions & 2 deletions docs/develop-guid/intro.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,5 +106,5 @@ Kubebb提供三个**套件**:
## 获取更多组件

浏览 [组件市场](/docs/category/组件市场),安装更多需要的服务组件到门户中,比如:
* [kubedashboard](/docs/component-market/kubedashboard)
* [kubelogin](/docs/component-market/kubelogin)
* [kubedashboard](/docs/develop-guid/component-market/kubedashboard.md)
* [kubelogin](/docs/develop-guid/component-market/kubelogin.md)
2 changes: 1 addition & 1 deletion docs/quick-start/quick-install.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -189,7 +189,7 @@ spec:
- `override.set.ingress-nginx.controller.nodeSelector.kubernetes\.io/hostname` 将作为[ingress-nginx](https://github.com/kubebb/components/tree/main/charts/cluster-component/charts/ingress-nginx)服务节点

> 此处基于[kind开发集群](./prerequisite#kind开发集群)的`kubebb-core-control-plane`节点。
> 此处基于[kind开发集群](#准备环境)的`kubebb-core-control-plane`节点。

通过一下命令部署:

Expand Down

0 comments on commit b6beb0a

Please sign in to comment.