diff --git a/.vale/config/vocabularies/Nephio/accept.txt b/.vale/config/vocabularies/Nephio/accept.txt index 98983ba8..c7cee35c 100644 --- a/.vale/config/vocabularies/Nephio/accept.txt +++ b/.vale/config/vocabularies/Nephio/accept.txt @@ -1,4 +1,5 @@ # Accepted words (other acronyms must be explained) +amfName Ansible Anthos API @@ -6,6 +7,7 @@ APIs apiserver ASN ASNs +authProvider [Aa]utoscaling backtrackVal [Bb]ool @@ -48,8 +50,8 @@ GVKs [Hh]ostname [Hh]omebrew html -http -https +HTTP +HTTPS JFrog JSON [Kk]pt @@ -70,6 +72,7 @@ MetalLB Nephio nerdctl Netlify +networkName NF NFDeploy NFDeployment @@ -115,12 +118,14 @@ repoTest [Rr]pkg [Rr]oot[Ss]ync [Rr]ollout +sbi SDK starlark stdout stderr [Ss]udo [Ss]ubpackage +SSH [Sp]pecializer TLS [Tt]riage @@ -135,6 +140,7 @@ URIs upsertRepo upstreamlock [Uu]ntar +[Uu]ndeploy [Uu]tils validator vCPU @@ -148,6 +154,7 @@ vSphere wantErr WebUI xApps +XXFDeployment YAML # Nephio contributors mentioned in the docs diff --git a/content/en/docs/guides/install-guides/common-dependencies.md b/content/en/docs/guides/install-guides/common-dependencies.md index 722a15d5..594a4924 100644 --- a/content/en/docs/guides/install-guides/common-dependencies.md +++ b/content/en/docs/guides/install-guides/common-dependencies.md @@ -12,7 +12,7 @@ installation, the CRDs that come along with them are necessary. {{% alert title="Note" color="primary" %}} -If you want to use a version other than that of v3.0.0 of Nephio *catalog* repo, then replace the *@origin/v3.0.0* +If you want to use a version other than that of v3.0.0 of Nephio *catalog* repository, then replace the *@origin/v3.0.0* suffix on the package URLs on the `kpt pkg get` commands below with the tag/branch of the version you wish to use. While using KPT you can [either pull a branch or a tag](https://kpt.dev/book/03-packages/01-getting-a-package) from a diff --git a/content/en/docs/guides/install-guides/explore-nephio-free5gc.md b/content/en/docs/guides/install-guides/explore-nephio-free5gc.md index ad95da9e..f91784d6 100644 --- a/content/en/docs/guides/install-guides/explore-nephio-free5gc.md +++ b/content/en/docs/guides/install-guides/explore-nephio-free5gc.md @@ -56,7 +56,7 @@ tasks such as * createService: This function creates a Service resource for the AMF deployment. It defines the desired state of the service, including the selector for the associated deployment and the ports it exposes. * createConfigMap: This function creates a ConfigMap resource for the AMF deployment. It generates the - configuration data for the AMF based on the provided template values and renders it into the amfcfg.yaml file. + configuration data for the AMF based on the provided template values and renders it into the *amfcfg.yaml* file. * createResourceRequirements: This function calculates the resource requirements (CPU and memory limits and requests) for the AMF deployment based on the specified capacity and sets them in a ResourceRequirements object. * createNetworkAttachmentDefinitionNetworks: This function creates the network attachment definition networks for diff --git a/content/en/docs/guides/install-guides/install-on-byoc.md b/content/en/docs/guides/install-guides/install-on-byoc.md index 2643f3c2..6c9ddd2f 100644 --- a/content/en/docs/guides/install-guides/install-on-byoc.md +++ b/content/en/docs/guides/install-guides/install-on-byoc.md @@ -22,7 +22,7 @@ your environment and choices. - *kpt* [installed](https://kpt.dev/installation/kpt-cli) on your workstation (version v1.0.0-beta.43 or later) - *porchctl* [installed](/content/en/docs/porch/user-guides/porchctl-cli-guide.md) on your workstation - - Sudo-less *docker*, *podman*, or *nerdctl*. If using *podman* or *nerdctl*, + - Sudo-less *docker*, *Podman*, or *nerdctl*. If using *Podman* or *nerdctl*, you must set the [`KPT_FN_RUNTIME`](https://kpt.dev/reference/cli/fn/render/?id=environment-variables) environment variable. @@ -125,9 +125,9 @@ If you wish to avoid running `kubectl port-forward`, the use of Kubernetes Ingre ### Nephio WebUI Authentication and Authorization In the default configuration, the Nephio WebUI **is wide open with no -authentication**. The webui itself authenticates to the cluster using a static +authentication**. The WebUI itself authenticates to the cluster using a static service account, which is bound to the cluster admin role. Any user accessing -the webui is **acting as a cluster admin**. +the WebUI is **acting as a cluster admin**. This configuration is designed for **testing and development only**. You must not use this configuration in any other situation, and even for testing and diff --git a/content/en/docs/guides/install-guides/install-on-multiple-vm.md b/content/en/docs/guides/install-guides/install-on-multiple-vm.md index f70440a6..00b1c587 100644 --- a/content/en/docs/guides/install-guides/install-on-multiple-vm.md +++ b/content/en/docs/guides/install-guides/install-on-multiple-vm.md @@ -54,7 +54,7 @@ If you want to use GitHub or GitLab then follow below steps Get a [GitHub token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens) if your repository is private, to allow Porch to make modifications. -Register the edge repository using *kpt* cli or Nephio WebUI. +Register the edge repository using *kpt* CLI or Nephio WebUI. ```bash GITHUB_USERNAME= @@ -82,7 +82,7 @@ kpt live apply --reconcile-timeout=15m --output=table {{% alert title="Note" color="primary" %}} * For management cluster you have to name the repository as *mgmt*. -* In the *repository* package by default gitea address is *172.18.0.200:3000* in *repository/set-values.yaml* +* In the *repository* package by default Gitea address is *172.18.0.200:3000* in *repository/set-values.yaml* change this to your git address. * *repository/token-configsync.yaml* and *repository/token-porch.yaml* are responsible for creating secrets with the help of Nephio token controller for accessing git instance for root-sync. You would need the name of config-sync token diff --git a/content/en/docs/guides/install-guides/install-on-openshift.md b/content/en/docs/guides/install-guides/install-on-openshift.md index 3e0a5789..52f5ffc4 100644 --- a/content/en/docs/guides/install-guides/install-on-openshift.md +++ b/content/en/docs/guides/install-guides/install-on-openshift.md @@ -25,7 +25,7 @@ In this guide, you will set up Nephio with: ## Prerequisites - A Red Hat Account and access to https://console.redhat.com/openshift/ -- OpenShift cli client *oc*. [Download here](https://console.redhat.com/openshift/downloads) +- OpenShift CLI client *oc*. [Download here](https://console.redhat.com/openshift/downloads) ## Setup the Management Cluster @@ -58,12 +58,12 @@ Once installed, you need to prepare the management cluster for zero touch provis If using init.sh directly to deploy Nephio management components, as one would for a generic K8s Cluster, there are some prerequisites to consider: - A default StorageClass must be configured providing persistent storage for PVCs (for instance through the LVMS Operator and an LVMCluster) -- [Security Context Constraits](https://github.com/nephio-project/catalog/tree/main/distros/openshift/security-context-constraints) must be applied for successful Nephio component deployment +- [Security Context Constraints](https://github.com/nephio-project/catalog/tree/main/distros/openshift/security-context-constraints) must be applied for successful Nephio component deployment -Follow the steps present in the [Install Guide](/content/en/docs/guides/install-guides/_index.md) for a Pre-installed K8s Cluster to install manaement components +Follow the steps present in the [Install Guide](/content/en/docs/guides/install-guides/_index.md) for a Pre-installed K8s Cluster to install management components -### Option 2: Using Blueprints Nephio OpenShift Repo OpenShift Package Repository +### Option 2: Using Blueprints Nephio OpenShift Repository OpenShift Package Repository A repository of OpenShift-installation specific packages must be used to deploy Nephio. This repository contains packages derived from the standard Nephio R1 packages, but with OpenShift-specific modifications. diff --git a/content/en/docs/guides/install-guides/web-ui/_index.md b/content/en/docs/guides/install-guides/web-ui/_index.md index 3c61ca1b..d25c8a90 100644 --- a/content/en/docs/guides/install-guides/web-ui/_index.md +++ b/content/en/docs/guides/install-guides/web-ui/_index.md @@ -13,12 +13,12 @@ kpt pkg get --for-deployment https://github.com/nephio-project/nephio-packages.g Before we apply it to the cluster, however, we should configure it. -By default, it expects the webui to be reached via *http://localhost:7007*. If you plan to expose the webui via a load +By default, it expects the WebUI to be reached via *http://localhost:7007*. If you plan to expose the WebUI via a load balancer service instead, then you need to configure the scheme, hostname, port, and service. Note that if you wish to use HTTPS, you should set the *scheme* to *https*, but you will need to terminate the TLS at the load balancer as the container currently only supports HTTP. -This information is captured in the application ConfigMap for the webui, which is generated by a KRM function. We can +This information is captured in the application ConfigMap for the WebUI, which is generated by a KRM function. We can change the values in the *nephio-webui/gen-configmap.yaml* just using a text editor (change the *hostname* and *port* values under *params:*), and those will take effect later when we run `kpt fn render`. As an alternative to a text editor, you can run these commands: @@ -36,8 +36,8 @@ or run: kpt fn eval nephio-webui --image gcr.io/kpt-fn/search-replace:v0.2.0 --match-kind Service -- 'by-path=spec.type' 'put-value=LoadBalancer' ``` -In the default configuration, the Nephio WebUI **is wide open with no authentication**. The webui itself authenticates to -the cluster using a static service account, which is bound to the cluster admin role. Any user accessing the webui is +In the default configuration, the Nephio WebUI **is wide open with no authentication**. The WebUI itself authenticates to +the cluster using a static service account, which is bound to the cluster admin role. Any user accessing the WebUI is **acting as a cluster admin**. This configuration is designed for **testing and development only**. You must not use this configuration in any other diff --git a/content/en/docs/guides/install-guides/web-ui/webui-auth-gcp.md b/content/en/docs/guides/install-guides/web-ui/webui-auth-gcp.md index 31814237..e97ed61f 100644 --- a/content/en/docs/guides/install-guides/web-ui/webui-auth-gcp.md +++ b/content/en/docs/guides/install-guides/web-ui/webui-auth-gcp.md @@ -10,7 +10,7 @@ weight: 7 When used with the WebUI running in a GKE cluster, the users authorization roles will be automatically synchronized based upon their IAM roles in GCP. -If you are not exposing the webui on a load balancer IP address, but are instead using `kubectl port-forward`, you +If you are not exposing the WebUI on a load balancer IP address, but are instead using `kubectl port-forward`, you should use *http*, *localhost* and *7007* for the SCHEME, HOSTNAME and PORT; otherwise, use the scheme, DNS name and port as it will be seen by your browser. You can leave the port off if it is 443 for HTTPS or 80 for HTTP. @@ -25,7 +25,7 @@ client ID and secret: 4. Click **Create Credentials** and choose **OAuth client ID** 5. Configure an OAuth consent screen, if required - - For scopes, select *openid*, *auth/userinfo.email*, *auth/userinfo.profile*, and *auth/cloud-platform*. + - For scopes, select *OpenID*, *auth/userinfo.email*, *auth/userinfo.profile*, and *auth/cloud-platform*. - Add any users that will want access to the UI if using External user type 6. Set **Application Type** to *Web Application* with these settings: @@ -49,7 +49,7 @@ kubectl create secret generic -n nephio-webui nephio-google-oauth-client --from- ## Enable Google OAuth -The *webui* package has a function that will configure the package for authentication with different services. Edit the +The *WebUI* package has a function that will configure the package for authentication with different services. Edit the *set-auth.yaml* file to set the authProvider field to *google* or run the following command: ```bash @@ -57,7 +57,7 @@ kpt fn eval nephio-webui --image gcr.io/kpt-fn/search-replace:v0.2.0 --match-nam ``` ## Enable OIDC with Google -The *webui* package has a function that will configure the package for authentication with different services. Edit the +The *WebUI* package has a function that will configure the package for authentication with different services. Edit the *set-auth.yaml* file to set the authProvider field to *oidc* and the oidcTokenProvider to *google*, or run the following commands: diff --git a/content/en/docs/guides/install-guides/web-ui/webui-auth-okta.md b/content/en/docs/guides/install-guides/web-ui/webui-auth-okta.md index 85610448..bdd067e7 100644 --- a/content/en/docs/guides/install-guides/web-ui/webui-auth-okta.md +++ b/content/en/docs/guides/install-guides/web-ui/webui-auth-okta.md @@ -5,7 +5,7 @@ description: > weight: 7 --- -If you are not exposing the webui on a load balancer IP address, but are instead using `kubectl port-forward`, you +If you are not exposing the WebUI on a load balancer IP address, but are instead using `kubectl port-forward`, you should use *localhost* and *7007* for the HOSTNAME and PORT; otherwise, use the DNS name and port as it will be seen by your browser. @@ -60,7 +60,7 @@ kubectl create secret generic -n nephio-webui nephio-okta-oauth-client \ ## Enable the WebUI Auth Provider -The *webui* package has a function that will configure the package for authentication with different services. Edit the +The *WebUI* package has a function that will configure the package for authentication with different services. Edit the *set-auth.yaml* file to set the authProvider field to *oidc* and the oidcTokenProvider to *okta*, or run the following commands: