Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-08-07 06:22:17 -04:00
Code Issues Projects Releases Packages Wiki Activity

docs: update Tab tags

Browse source
This commit is contained in:
Thomas Tendyck 2024-08-23 13:04:15 +02:00 committed by Thomas Tendyck
parent e90b0e5109
commit e2ee775483
197 changed files with 3640 additions and 3581 deletions
Download patch file Download diff file Expand all files Collapse all files

24
docs/versioned_docs/version-2.16/getting-started/first-steps-local.md
View file

@ -45,8 +45,8 @@ sudo iptables -P FORWARD ACCEPT
## Create a cluster
<tabs groupId="csp">
<tabItem value="mini" label="MiniConstellation">
<Tabs groupId="csp">
<TabItem value="mini" label="MiniConstellation">
<!-- vale off -->
With the `constellation mini` command, you can deploy and test Constellation locally. This mode is called MiniConstellation. Conceptually, MiniConstellation is similar to [MicroK8s](https://microk8s.io/), [K3s](https://k3s.io/), and [minikube](https://minikube.sigs.k8s.io/docs/).
@ -74,8 +74,8 @@ constellation mini up
This will configure your current directory as the [workspace](../architecture/orchestration.md#workspaces) for this cluster.
All `constellation` commands concerning this cluster need to be issued from this directory.
</tabItem>
<tabItem value="qemu" label="QEMU">
</TabItem>
<TabItem value="qemu" label="QEMU">
With the QEMU provider, you can create a local Constellation cluster as if it were in the cloud. The provider uses [QEMU](https://www.qemu.org/) to create multiple VMs for the cluster nodes, which interact with each other.
@ -145,8 +145,8 @@ attaching persistent storage, or autoscaling aren't available.
export KUBECONFIG="$PWD/constellation-admin.conf"
```
</tabItem>
</tabs>
</TabItem>
</Tabs>
## Connect to the cluster
@ -199,8 +199,8 @@ worker-0 Ready <none> 32s v1.24.6
## Terminate your cluster
<tabs groupId="csp">
<tabItem value="mini" label="MiniConstellation">
<Tabs groupId="csp">
<TabItem value="mini" label="MiniConstellation">
Once you are done, you can clean up the created resources using the following command:
@ -211,8 +211,8 @@ constellation mini down
This will destroy your cluster and clean up your workspace.
The VM image and cluster configuration file (`constellation-conf.yaml`) will be kept and may be reused to create new clusters.
</tabItem>
<tabItem value="qemu" label="QEMU">
</TabItem>
<TabItem value="qemu" label="QEMU">
Once you are done, you can clean up the created resources using the following command:
@ -240,8 +240,8 @@ Your Constellation cluster was terminated successfully.
This will destroy your cluster and clean up your workspace.
The VM image and cluster configuration file (`constellation-conf.yaml`) will be kept and may be reused to create new clusters.
</tabItem>
</tabs>
</TabItem>
</Tabs>
## Troubleshooting

40
docs/versioned_docs/version-2.16/getting-started/first-steps.md
View file

@ -15,41 +15,41 @@ If you encounter any problem with the following steps, make sure to use the [lat
1. Create the [configuration file](../workflows/config.md) and state file for your cloud provider.
<tabs groupId="csp">
<tabItem value="aws" label="AWS">
<Tabs groupId="csp">
<TabItem value="aws" label="AWS">
```bash
constellation config generate aws
```
</tabItem>
<tabItem value="azure" label="Azure">
</TabItem>
<TabItem value="azure" label="Azure">
```bash
constellation config generate azure
```
</tabItem>
<tabItem value="gcp" label="GCP">
</TabItem>
<TabItem value="gcp" label="GCP">
```bash
constellation config generate gcp
```
</tabItem>
<tabItem value="stackit" label="STACKIT">
</TabItem>
<TabItem value="stackit" label="STACKIT">
```bash
constellation config generate stackit
```
</tabItem>
</tabs>
</TabItem>
</Tabs>
2. Create your [IAM configuration](../workflows/config.md#creating-an-iam-configuration).
<tabs groupId="csp">
<tabItem value="aws" label="AWS">
<Tabs groupId="csp">
<TabItem value="aws" label="AWS">
```bash
constellation iam create aws --zone=us-east-2a --prefix=constellTest --update-config
@ -76,8 +76,8 @@ If you encounter any problem with the following steps, make sure to use the [lat
You can find a list of all [regions in AWS's documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions).
</tabItem>
<tabItem value="azure" label="Azure">
</TabItem>
<TabItem value="azure" label="Azure">
```bash
constellation iam create azure --region=westus --resourceGroup=constellTest --servicePrincipal=spTest --update-config
@ -98,8 +98,8 @@ If you encounter any problem with the following steps, make sure to use the [lat
You can find a list of all [regions in Azure's documentation](https://azure.microsoft.com/en-us/global-infrastructure/services/?products=virtual-machines&regions=all).
</tabItem>
<tabItem value="gcp" label="GCP">
</TabItem>
<TabItem value="gcp" label="GCP">
```bash
constellation iam create gcp --projectID=yourproject-12345 --zone=europe-west2-a --serviceAccountID=constell-test --update-config
@ -109,16 +109,16 @@ If you encounter any problem with the following steps, make sure to use the [lat
Note that only regions offering CVMs of the `C2D` or `N2D` series are supported. You can find a [list of all regions in Google's documentation](https://cloud.google.com/compute/docs/regions-zones#available), which you can filter by machine type `C2D` or `N2D`.
</tabItem>
<tabItem value="stackit" label="STACKIT">
</TabItem>
<TabItem value="stackit" label="STACKIT">
To use Constellation on STACKIT, the cluster will use the User Access Token (UAT) that's generated [during the install step](./install.md).
After creating the accounts, fill in the STACKIT details in `constellation-conf.yaml` under `provider.openstack`:
* `stackitProjectID`: STACKIT project id (can be found after login on the [STACKIT portal](https://portal.stackit.cloud))
</tabItem>
</tabs>
</TabItem>
</Tabs>
:::tip
To learn about all options you have for managing IAM resources and Constellation configuration, see the [Configuration workflow](../workflows/config.md).

64
docs/versioned_docs/version-2.16/getting-started/install.md
View file

@ -22,8 +22,8 @@ If you prefer to use Terraform, you can alternatively use the [Terraform provide
The CLI executable is available at [GitHub](https://github.com/edgelesssys/constellation/releases).
Install it with the following commands:
<tabs>
<tabItem value="linux-amd64" label="Linux (amd64)">
<Tabs>
<TabItem value="linux-amd64" label="Linux (amd64)">
1. Download the CLI:
@ -39,8 +39,8 @@ curl -LO https://github.com/edgelesssys/constellation/releases/latest/download/c
sudo install constellation-linux-amd64 /usr/local/bin/constellation
```
</tabItem>
<tabItem value="linux-arm64" label="Linux (arm64)">
</TabItem>
<TabItem value="linux-arm64" label="Linux (arm64)">
1. Download the CLI:
@ -56,9 +56,9 @@ curl -LO https://github.com/edgelesssys/constellation/releases/latest/download/c
sudo install constellation-linux-arm64 /usr/local/bin/constellation
```
</tabItem>
</TabItem>
<tabItem value="darwin-arm64" label="macOS (Apple Silicon)">
<TabItem value="darwin-arm64" label="macOS (Apple Silicon)">
1. Download the CLI:
@ -74,9 +74,9 @@ curl -LO https://github.com/edgelesssys/constellation/releases/latest/download/c
sudo install constellation-darwin-arm64 /usr/local/bin/constellation
```
</tabItem>
</TabItem>
<tabItem value="darwin-amd64" label="macOS (Intel)">
<TabItem value="darwin-amd64" label="macOS (Intel)">
1. Download the CLI:
@ -92,9 +92,9 @@ curl -LO https://github.com/edgelesssys/constellation/releases/latest/download/c
sudo install constellation-darwin-amd64 /usr/local/bin/constellation
```
</tabItem>
</TabItem>
<tabItem value="windows-amd64" label="Windows (amd64)">
<TabItem value="windows-amd64" label="Windows (amd64)">
1. Download the CLI:
@ -115,8 +115,8 @@ Invoke-WebRequest -OutFile ./constellation.exe -Uri 'https://github.com/edgeless
5. Click `New`
6. Enter the path to the folder containing the binary you want on your PATH: `C:\Program Files\Constellation\bin`
</tabItem>
</tabs>
</TabItem>
</Tabs>
:::tip
The CLI supports autocompletion for various shells. To set it up, run `constellation completion` and follow the given steps.
@ -132,8 +132,8 @@ If you don't have a cloud subscription, you can also set up a [local Constellati
### Required permissions
<tabs groupId="csp">
<tabItem value="aws" label="AWS">
<Tabs groupId="csp">
<TabItem value="aws" label="AWS">
To set up a Constellation cluster, you need to perform two tasks that require permissions: create the infrastructure and create roles for cluster nodes. Both of these actions can be performed by different users, e.g., an administrator to create roles and a DevOps engineer to create the infrastructure.
@ -183,8 +183,8 @@ The built-in `PowerUserAccess` policy is a superset of these permissions.
Follow Amazon's guide on [understanding](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) and [managing policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html).
</tabItem>
<tabItem value="azure" label="Azure">
</TabItem>
<TabItem value="azure" label="Azure">
The following [resource providers need to be registered](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/resource-providers-and-types#register-resource-provider) in your subscription:
@ -226,8 +226,8 @@ Follow Microsoft's guide on [understanding](https://learn.microsoft.com/en-us/az
1: You can omit `*/register/Action` if the resource providers mentioned above are already registered and the `ARM_SKIP_PROVIDER_REGISTRATION` environment variable is set to `true` when creating the IAM configuration.
</tabItem>
<tabItem value="gcp" label="GCP">
</TabItem>
<TabItem value="gcp" label="GCP">
Create a new project for Constellation or use an existing one.
Enable the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com) on it.
@ -312,16 +312,16 @@ Together, the built-in roles `roles/editor`, `roles/compute.instanceAdmin` and `
Follow Google's guide on [understanding](https://cloud.google.com/iam/docs/understanding-roles) and [assigning roles](https://cloud.google.com/iam/docs/granting-changing-revoking-access).
</tabItem>
<tabItem value="stackit" label="STACKIT">
</TabItem>
<TabItem value="stackit" label="STACKIT">
Constellation on STACKIT requires a User Access Token (UAT) for the OpenStack API and a STACKIT service account.
The UAT already has all required permissions by default.
The STACKIT service account needs the `editor` role to create STACKIT LoadBalancers.
Look at the [STACKIT documentation](https://docs.stackit.cloud/stackit/en/getting-started-in-service-accounts-134415831.html) on how to create the service account and assign the role.
</tabItem>
</tabs>
</TabItem>
</Tabs>
### Authentication
@ -331,8 +331,8 @@ You need to authenticate with your CSP. The following lists the required steps f
The steps for a *testing* environment are simpler. However, they may expose secrets to the CSP. If in doubt, follow the *production* steps.
:::
<tabs groupId="csp">
<tabItem value="aws" label="AWS">
<Tabs groupId="csp">
<TabItem value="aws" label="AWS">
**Testing**
@ -348,8 +348,8 @@ aws configure
Options and first steps are described in the [AWS CLI documentation](https://docs.aws.amazon.com/cli/index.html).
</tabItem>
<tabItem value="azure" label="Azure">
</TabItem>
<TabItem value="azure" label="Azure">
**Testing**
@ -365,8 +365,8 @@ az login
Other options are described in Azure's [authentication guide](https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli).
</tabItem>
<tabItem value="gcp" label="GCP">
</TabItem>
<TabItem value="gcp" label="GCP">
**Testing**
@ -389,8 +389,8 @@ Use one of the following options on a trusted machine:
Follow [Google's guide](https://cloud.google.com/docs/authentication/production#manually) for setting up your credentials.
</tabItem>
<tabItem value="stackit" label="STACKIT">
</TabItem>
<TabItem value="stackit" label="STACKIT">
You need to authenticate with the infrastructure API (OpenStack) and create a service account (STACKIT API).
@ -420,9 +420,9 @@ You need to authenticate with the infrastructure API (OpenStack) and create a se
{"STACKIT_SERVICE_ACCOUNT_TOKEN":"REPLACE_WITH_TOKEN"}
```
</tabItem>
</TabItem>
</tabs>
</Tabs>
## Next steps

20
docs/versioned_docs/version-2.16/getting-started/marketplaces.md
View file

@ -4,8 +4,8 @@ Constellation is available through the Marketplaces of AWS, Azure, GCP, and STAC
This document explains how to run Constellation with the dynamically billed cloud marketplace images.
<tabs groupId="csp">
<tabItem value="aws" label="AWS">
<Tabs groupId="csp">
<TabItem value="aws" label="AWS">
To use Constellation's marketplace images, ensure that you are subscribed to the [marketplace offering](https://aws.amazon.com/marketplace/pp/prodview-2mbn65nv57oys) through the web portal.
@ -15,8 +15,8 @@ Then, enable the use of marketplace images in your Constellation `constellation-
yq eval -i ".provider.aws.useMarketplaceImage = true" constellation-conf.yaml
```
</tabItem>
<tabItem value="azure" label="Azure">
</TabItem>
<TabItem value="azure" label="Azure">
Constellation has a private marketplace plan. Please [contact us](https://www.edgeless.systems/enterprise-support/) to gain access.
@ -32,8 +32,8 @@ Then, enable the use of marketplace images in your Constellation `constellation-
yq eval -i ".provider.azure.useMarketplaceImage = true" constellation-conf.yaml
```
</tabItem>
<tabItem value="gcp" label="GCP">
</TabItem>
<TabItem value="gcp" label="GCP">
To use a marketplace image, ensure that the account is entitled to use marketplace images by Edgeless Systems by accepting the terms through the [web portal](https://console.cloud.google.com/marketplace/vm/config/edgeless-systems-public/constellation).
@ -43,13 +43,13 @@ Then, enable the use of marketplace images in your Constellation `constellation-
yq eval -i ".provider.gcp.useMarketplaceImage = true" constellation-conf.yaml
```
</tabItem>
<tabItem value="stackit" label="STACKIT">
</TabItem>
<TabItem value="stackit" label="STACKIT">
On STACKIT, the selected Constellation image is always a marketplace image. You can find more information on the STACKIT portal.
</tabItem>
</tabs>
</TabItem>
</Tabs>
Ensure that the cluster uses an official release image version (i.e., `.image=vX.Y.Z` in the `constellation-conf.yaml` file).