Skip to content

Commit

Permalink
docs: PEM-4073 (#2472)
Browse files Browse the repository at this point in the history
  • Loading branch information
@karl-cardenas-coding
karl-cardenas-coding authored Mar 25, 2024
1 parent 50c46ec commit fc8e0c9
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 12 deletions.
10 changes: 9 additions & 1 deletion docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/install.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -393,7 +393,7 @@ your environment. Reach out to our support team if you need assistance.
| `config.installationMode` | The installation mode for VerteX. The values can be `connected` or `airgap`. Set this value to `airgap`. | string |
| `ociPackEcrRegistry` or `ociPackRegistry` | The OCI registry credentials for the VerteX FIPS packs repository. If you are using a Harbor registry, use the `ociPackRegistry` parameter block but ensure you have the OCI registry CA available. | object |
| `ociImageRegistry` | The OCI registry credentials for the VerteX images repository. | object |
| `ociImageRegistry.ca` | If you are using a self-hosted OCI, such as Harbor, ensure you provide the CA. If you are using AWS ECR, you can leave this parameter empty. | string |
| `ociImageRegistry.ca` | If you are using a self-hosted OCI, such as Harbor, ensure you provide the CA in PEM format. If you are using AWS ECR, you can leave this parameter empty. | string |
| `ociImageRegistry.mirrorRegistries` | Replace the placeholder string with the respective values of your OCI registry repository that is hosting the images. |
| `imageSwapConfig.isEKSCluster` | Set this value to `false` if you are NOT installing VerteX on an EKS cluster. | boolean |
| `scar` | Specify your HTTP file server values. If your HTTP file server requires credentials ensure the provided values are base64 encoded. Example of the string "admin" in base64 encoding - `YWRtaW4=`. | object |
Expand All @@ -403,6 +403,14 @@ your environment. Reach out to our support team if you need assistance.
Save the **values.yaml** file after you have populated the required parameters mentioned in the table. Expand the
following sections to review an example of the **values.yaml** file with the required parameters highlighted.

:::warning

Palette VerteX does not support insecure connections. Ensure you have the Certificate Authority (CA) available, in
PEM format, when using a custom packs and image registry. Otherwise, VerteX will not be able to pull packs and
images from the registry. Use the `caCert` parameter to provide the base64-encoded CA certificate.

:::

<details>

<summary>Example - values.yaml</summary>
Expand Down
26 changes: 16 additions & 10 deletions ...-content/vertex/install-palette-vertex/install-on-kubernetes/vertex-helm-ref.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -189,7 +189,13 @@ registries for Palette VerteX to download the required images. You must configur
(OCI) registry for Palette VerteX. You must also provide the credentials for the Spectro Cloud Artifact Repository
(SCAR) to download the required FIPS images.

<br />
:::warning

Palette VerteX does not support insecure connections. Ensure you have the Certificate Authority (CA) available, in PEM
format, when using a custom packs and image registry. Otherwise, VerteX will not be able to pull packs and images from
the registry. Use the `caCert` parameter to provide the base64-encoded CA certificate.

:::

### OCI Registry

Expand All @@ -207,15 +213,15 @@ for additional guidance on how to add the required FIPS packs to your OCI regist

:::

| **Parameters** | **Description** | **Type** | **Default value** |
| ------------------------------------ | -------------------------------------------------------------------------------------------------------------- | -------- | ----------------- |
| `ociPackRegistry.endpoint` | The endpoint URL for the registry. | String | `""` |
| `ociPackRegistry.name` | The name of the registry. | String | `""` |
| `ociPackRegistry.password` | The base64-encoded password for the registry. | String | `""` |
| `ociPackRegistry.username` | The username for the registry. | String | `""` |
| `ociPackRegistry.baseContentPath` | The base path for the registry. | String | `""` |
| `ociPackRegistry.insecureSkipVerify` | Specifies whether to skip Transport Layer Security (TLS) verification for the registry connection. | Boolean | `false` |
| `ociPackRegistry.caCert` | The registry's base64-encoded certificate authority (CA) certificate. Required for self-hosted OCI registries. | String | `""` |
| **Parameters** | **Description** | **Type** | **Default value** |
| ------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ----------------- |
| `ociPackRegistry.endpoint` | The endpoint URL for the registry. | String | `""` |
| `ociPackRegistry.name` | The name of the registry. | String | `""` |
| `ociPackRegistry.password` | The base64-encoded password for the registry. | String | `""` |
| `ociPackRegistry.username` | The username for the registry. | String | `""` |
| `ociPackRegistry.baseContentPath` | The base path for the registry. | String | `""` |
| `ociPackRegistry.insecureSkipVerify` | Specifies whether to skip Transport Layer Security (TLS) verification for the registry connection. VerteX requires the CA for registries that use a self-signed certificate. | Boolean | `false` |
| `ociPackRegistry.caCert` | The registry's base64-encoded certificate authority (CA) certificate. Required for self-hosted OCI registries. | String | `""` |

```yaml
config:
Expand Down
11 changes: 10 additions & 1 deletion docs/docs-content/vertex/install-palette-vertex/install-on-vmware/install.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,15 @@ before proceeding with the installation. Refer to the
Self-hosted Palette VerteX installations provide a system Private Cloud Gateway (PCG) out-of-the-box and typically do
not require a separate, user-installed PCG. However, you can create additional PCGs as needed to support provisioning
into remote data centers that do not have a direct incoming connection from the Palette console. To learn how to install
a PCG on VMware, check out the [VMware](../../../clusters/data-center/vmware.md) guide.
a PCG on VMware, check out the [Deploy to VMware vSphere](../../../clusters/pcg/deploy-pcg/vmware.md) guide.

:::

:::warning

Palette VerteX does not support insecure connections. Ensure you have the Certificate Authority (CA) available, in PEM
format, when using a custom packs and image registry. Otherwise, VerteX will not be able to pull packs and images from
the registry. The Palette CLI will prompt you to provide the CA certificate file path when necessary.

:::

Expand Down Expand Up @@ -154,6 +162,7 @@ Use the following steps to install Palette VerteX.

- Non-Airgap: `https://saas-repo-fips.console.spectrocloud.com`
- Airgap: The URL or IP address of the Spectro Cloud Repository that is provided to you by the airgap setup script.
Make sure to specify the file path to the CA certificate when prompted.

9. Enter the repository credentials. Our support team provides the credentials you need to access the public Spectro
Cloud repository. Airgap installations, provide the credentials to your private repository provided to you by the
Expand Down

0 comments on commit fc8e0c9

Please sign in to comment.