Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-05-02 14:26:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

cli: change generate-config flag to update-config flag (#1897)

Browse source
This commit is contained in:
miampf 2023-06-28 12:47:44 +00:00 committed by GitHub
parent 9bb91ca447
commit 77b28cb5e7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 285 additions and 380 deletions
Download patch file Download diff file Expand all files Collapse all files

52
docs/docs/getting-started/first-steps.md
View file

@ -13,19 +13,47 @@ If you encounter any problem with the following steps, make sure to use the [lat
## Create a cluster
1. Create the configuration file and IAM resources for your selected cloud provider
First, you need to create a [configuration file](../workflows/config.md) and an [IAM configuration](../workflows/config.md#creating-an-iam-configuration). The easiest way to do this is the following CLI command:
1. Create the [configuration file](../workflows/config.md) for your cloud provider.
<tabs groupId="csp">
<tabItem value="azure" label="Azure">
```bash
constellation iam create azure --region=westus --resourceGroup=constellTest --servicePrincipal=spTest --generate-config
constellation config generate azure
```
This command creates IAM configuration on the Azure region `westus` creating a new resource group `constellTest` and a new service principal `spTest`. It also creates the configuration file `constellation-conf.yaml` in your current directory with the IAM values filled in.
</tabItem>
<tabItem value="gcp" label="GCP">
```bash
constellation config generate gcp
```
</tabItem>
<tabItem value="aws" label="AWS">
```bash
constellation config generate aws
```
</tabItem>
</tabs>
2. Create your [IAM configuration](../workflows/config.md#creating-an-iam-configuration).
<tabs groupId="csp">
<tabItem value="azure" label="Azure">
```bash
constellation iam create azure --region=westus --resourceGroup=constellTest --servicePrincipal=spTest --update-config
```
This command creates IAM configuration on the Azure region `westus` creating a new resource group `constellTest` and a new service principal `spTest`. It also updates the configuration file `constellation-conf.yaml` in your current directory with the IAM values filled in.
Note that CVMs are currently only supported in a few regions, check [Azure's products available by region](https://azure.microsoft.com/en-us/global-infrastructure/services/?products=virtual-machines&regions=all). These are:
* `westus`
@ -38,10 +66,10 @@ If you encounter any problem with the following steps, make sure to use the [lat
<tabItem value="gcp" label="GCP">
```bash
constellation iam create gcp --projectID=yourproject-12345 --zone=europe-west2-a --serviceAccountID=constell-test --generate-config
constellation iam create gcp --projectID=yourproject-12345 --zone=europe-west2-a --serviceAccountID=constell-test --update-config
```
This command creates IAM configuration in the GCP project `yourproject-12345` on the GCP zone `europe-west2-a` creating a new service account `constell-test`. It also creates the configuration file `constellation-conf.yaml` in your current directory with the IAM values filled in.
This command creates IAM configuration in the GCP project `yourproject-12345` on the GCP zone `europe-west2-a` creating a new service account `constell-test`. It also updates the configuration file `constellation-conf.yaml` in your current directory with the IAM values filled in.
Note that only regions offering CVMs of the `C2D` or `N2D` series are supported. You can find a [list of all regions in Google's documentation](https://cloud.google.com/compute/docs/regions-zones#available), which you can filter by machine type `C2D` or `N2D`.
@ -50,10 +78,10 @@ If you encounter any problem with the following steps, make sure to use the [lat
<tabItem value="aws" label="AWS">
```bash
constellation iam create aws --zone=us-east-2a --prefix=constellTest --generate-config
constellation iam create aws --zone=us-east-2a --prefix=constellTest --update-config
```
This command creates IAM configuration for the AWS zone `us-east-2a` using the prefix `constellTest` for all named resources being created. It also creates the configuration file `constellation-conf.yaml` in your current directory with the IAM values filled in.
This command creates IAM configuration for the AWS zone `us-east-2a` using the prefix `constellTest` for all named resources being created. It also updates the configuration file `constellation-conf.yaml` in your current directory with the IAM values filled in.
Depending on the attestation variant selected on config generation, different regions are available.
AMD SEV-SNP machines (requires the default attestation variant `awsSEVSNP`) are currently available in the following regions:
@ -89,7 +117,7 @@ If you encounter any problem with the following steps, make sure to use the [lat
:::
-->
2. Create the cluster with one control-plane node and two worker nodes. `constellation create` uses options set in `constellation-conf.yaml`.
3. Create the cluster with one control-plane node and two worker nodes. `constellation create` uses options set in `constellation-conf.yaml`.
If you want to manually use [Terraform](../reference/terraform.md) for managing the cloud resources instead, follow the corresponding instructions in the [Create workflow](../workflows/create.md).
:::tip
@ -109,7 +137,7 @@ If you encounter any problem with the following steps, make sure to use the [lat
Your Constellation cluster was created successfully.
```
3. Initialize the cluster
4. Initialize the cluster.
```bash
constellation init
@ -140,7 +168,7 @@ If you encounter any problem with the following steps, make sure to use the [lat
:::
4. Configure kubectl
5. Configure kubectl.
```bash
export KUBECONFIG="$PWD/constellation-admin.conf"

48
docs/docs/reference/cli.md
View file

@ -416,7 +416,7 @@ constellation upgrade check [flags]
-h, --help help for check
--ref string the reference to use for querying new versions (default "-")
--stream string the stream to use for querying new versions (default "stable")
-w, --write-config update the specified config file with the suggested versions
-u, --update-config update the specified config file with the suggested versions
```
### Options inherited from parent commands
@ -580,10 +580,9 @@ Create IAM configuration on a cloud platform for your Constellation cluster.
### Options
```
--generate-config automatically generate a configuration file and fill in the required fields
-h, --help help for create
-k, --kubernetes string Kubernetes version to use in format MAJOR.MINOR - only usable in combination with --generate-config (default "v1.26")
-y, --yes create the IAM configuration without further confirmation
-h, --help help for create
--update-config automatically update the config file with the specific IAM information
-y, --yes create the IAM configuration without further confirmation
```
### Options inherited from parent commands
@ -619,13 +618,12 @@ constellation iam create aws [flags]
### Options inherited from parent commands
```
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
--force disable version compatibility checks - might result in corrupted clusters
--generate-config automatically generate a configuration file and fill in the required fields
-k, --kubernetes string Kubernetes version to use in format MAJOR.MINOR - only usable in combination with --generate-config (default "v1.26")
--tf-log string sets the Terraform log level (default "NONE" - no logs) (default "NONE")
-y, --yes create the IAM configuration without further confirmation
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
--force disable version compatibility checks - might result in corrupted clusters
--tf-log string sets the Terraform log level (default "NONE" - no logs) (default "NONE")
--update-config automatically update the config file with the specific IAM information
-y, --yes create the IAM configuration without further confirmation
```
## constellation iam create azure
@ -652,13 +650,12 @@ constellation iam create azure [flags]
### Options inherited from parent commands
```
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
--force disable version compatibility checks - might result in corrupted clusters
--generate-config automatically generate a configuration file and fill in the required fields
-k, --kubernetes string Kubernetes version to use in format MAJOR.MINOR - only usable in combination with --generate-config (default "v1.26")
--tf-log string sets the Terraform log level (default "NONE" - no logs) (default "NONE")
-y, --yes create the IAM configuration without further confirmation
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
--force disable version compatibility checks - might result in corrupted clusters
--tf-log string sets the Terraform log level (default "NONE" - no logs) (default "NONE")
--update-config automatically update the config file with the specific IAM information
-y, --yes create the IAM configuration without further confirmation
```
## constellation iam create gcp
@ -688,13 +685,12 @@ constellation iam create gcp [flags]
### Options inherited from parent commands
```
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
--force disable version compatibility checks - might result in corrupted clusters
--generate-config automatically generate a configuration file and fill in the required fields
-k, --kubernetes string Kubernetes version to use in format MAJOR.MINOR - only usable in combination with --generate-config (default "v1.26")
--tf-log string sets the Terraform log level (default "NONE" - no logs) (default "NONE")
-y, --yes create the IAM configuration without further confirmation
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
--force disable version compatibility checks - might result in corrupted clusters
--tf-log string sets the Terraform log level (default "NONE" - no logs) (default "NONE")
--update-config automatically update the config file with the specific IAM information
-y, --yes create the IAM configuration without further confirmation
```
## constellation iam destroy

6
docs/docs/workflows/config.md
View file

@ -40,10 +40,6 @@ constellation config generate aws
This creates the file `constellation-conf.yaml` in the current directory.
:::tip
You can also automatically generate a configuration file by adding the `--generate-config` flag to the `constellation iam create` command when [creating an IAM configuration](#creating-an-iam-configuration).
:::
## Choosing a VM type
Constellation supports the following VM types:
@ -92,7 +88,7 @@ See also Constellation's [Kubernetes support policy](../architecture/versions.md
## Creating an IAM configuration
You can create an IAM configuration for your cluster automatically using the `constellation iam create` command.
If you haven't generated a configuration file yet, you can do so by adding the `--generate-config` flag to the command. This creates a configuration file and populates it with the created IAM values.
If you already have a constellation configuration file, you can add the `--update-config` flag to the command. This writes the needed IAM fields into your configuration.
<tabs groupId="csp">
<tabItem value="azure" label="Azure">

4
docs/docs/workflows/upgrade.md
View file

@ -36,10 +36,10 @@ To learn which versions the current CLI can upgrade to and what's installed in y
constellation upgrade check
# Show possible upgrades and write them to config file
constellation upgrade check --write-config
constellation upgrade check --update-config
```
You can either enter the reported target versions into your config manually or run the above command with the `--write-config` flag.
You can either enter the reported target versions into your config manually or run the above command with the `--update-config` flag.
When using this flag, the `kubernetesVersion`, `image`, `microserviceVersion` and `attestation` fields are overwritten with the smallest available upgrade.
## Apply the upgrade

8
docs/screencasts/docker/configure-cluster.expect
View file

@ -23,9 +23,13 @@ spawn asciinema rec --overwrite /recordings/configure-cluster.cast
send "\r"
expect_prompt
run_command "# Step 1: Create IAM configuration and Constellation configuration file"
run_command "# Step 1: Create a configuration file for Constellation"
expect_prompt
run_command "constellation iam create gcp --generate-config --projectID constellation-331613 --serviceAccountID constellation-demo --zone europe-west3-b"
run_command "constellation config generate gcp"
expect_prompt
run_command "# Step 2: Create your cluster's IAM configuration"
expect_prompt
run_command "constellation iam create gcp --update-config --projectID constellation-331613 --serviceAccountID constellation-demo --zone europe-west3-b"
expect -re "y\/n"
send "y"
send "\r"

3
docs/screencasts/generate-readme-svg.sh
View file

@ -10,7 +10,8 @@
# Create IAM configuration
pushd constellation || exit
constellation iam create gcp --generate-config --projectID constellation-331613 --serviceAccountID constellation-demo --zone europe-west3-b --yes
constellation config generate gcp
constellation iam create gcp --update-config --projectID constellation-331613 --serviceAccountID constellation-demo --zone europe-west3-b --yes
popd || exit
docker build -t screenrecodings docker