Merge pull request #2379 from replicatedhq/kotsadm-ns-rm

Clarify usage of kotsadm namespace
replicatedhq · Jun 11, 2024 · 8a80e2f · 8a80e2f
2 parents 70f1f56 + bbfbbf0
commit 8a80e2f
Show file tree

Hide file tree

Showing 16 changed files with 340 additions and 208 deletions.
diff --git a/docs/enterprise/snapshots-configuring-hostpath.md b/docs/enterprise/snapshots-configuring-hostpath.md
@@ -66,8 +66,7 @@ To install Velero and configure host path storage in air gapped environments:
    kubectl kots velero configure-hostpath \
      --namespace NAME \
      --hostpath /PATH \
-     --kotsadm-registry REGISTRY_HOSTNAME \
-     --kotsadm-namespace REGISTRY_NAMESPACE \
+     --kotsadm-registry REGISTRY_HOSTNAME[/REGISTRY_NAMESPACE] \
      --registry-username REGISTRY_USERNAME \
      --registry-password REGISTRY_PASSWORD
    ```
@@ -76,7 +75,7 @@ To install Velero and configure host path storage in air gapped environments:
      - `NAME` with the namespace where the Admin Console is installed and running
      - `PATH` with the path to the directory where the backups will be stored
      - `REGISTRY_HOSTNAME` with the registry endpoint where the images are hosted
-     - `REGISTRY_NAMESPACE` with the registry namespace where the images are hosted
+     - `REGISTRY_NAMESPACE` with the registry namespace where the images are hosted (Optional)
      - `REGISTRY_USERNAME` with the username to use to authenticate with the registry
      - `REGISTRY_PASSWORD` with the password to use to authenticate with the registry
 

diff --git a/docs/enterprise/snapshots-configuring-nfs.md b/docs/enterprise/snapshots-configuring-nfs.md
@@ -69,8 +69,7 @@ To install Velero and configure NFS storage in air gapped environments:
      --namespace NAME \
      --nfs-server HOST \
      --nfs-path PATH \
-     --kotsadm-registry REGISTRY_HOSTNAME \
-     --kotsadm-namespace REGISTRY_NAMESPACE \
+     --kotsadm-registry REGISTRY_HOSTNAME[/REGISTRY_NAMESPACE] \
      --registry-username REGISTRY_USERNAME \
      --registry-password REGISTRY_PASSWORD
    ```
@@ -80,7 +79,7 @@ To install Velero and configure NFS storage in air gapped environments:
      - `HOST` with the hostname or IP address of the NFS server
      - `PATH` with the path that is exported by the NFS server
      - `REGISTRY_HOSTNAME` with the registry endpoint where the images are hosted
-     - `REGISTRY_NAMESPACE` with the registry namespace where the images are hosted
+     - `REGISTRY_NAMESPACE` with the registry namespace where the images are hosted (Optional)
      - `REGISTRY_USERNAME` with the username to use to authenticate with the registry
      - `REGISTRY_PASSWORD` with the password to use to authenticate with the registry
 

diff --git a/docs/enterprise/snapshots-storage-destinations.md b/docs/enterprise/snapshots-storage-destinations.md
@@ -158,24 +158,23 @@ kubectl kots velero configure-other-s3 \
   --bucket BUCKET \
   --access-key-id ACCESS_KEY_ID \
   --secret-access-key SECRET_ACCESS_KEY \
-  --kotsadm-registry REGISTRY_HOSTNAME \
-  --kotsadm-namespace REGISTRY_NAMESPACE \
+  --kotsadm-registry REGISTRY_HOSTNAME[/REGISTRY_NAMESPACE] \
   --registry-username REGISTRY_USERNAME \
   --registry-password REGISTRY_PASSWORD
 ```
 
 Replace:
 
-- NAME with the name of the namespace where the Admin Console is installed and running
-- ENDPOINT with the s3 endpoint
-- REGION with the region where the bucket exists 
-- BUCKET with the name of the object storage bucket where backups should be stored
-- ACCESS_KEY_ID with the access key id to use for accessing the bucket
-- SECRET_ACCESS_KEY with the secret access key to use for accessing the bucket
-- REGISTRY_HOSTNAME with the registry endpoint where the images are hosted
-- REGISTRY_NAMESPACE with the registry namespace where the images are hosted
-- REGISTRY_USERNAME with the username to use to authenticate with the registry
-- REGISTRY_PASSWORD with the password to use to authenticate with the registry
+- `NAME` with the name of the namespace where the Admin Console is installed and running
+- `ENDPOINT` with the s3 endpoint
+- `REGION` with the region where the bucket exists 
+- `BUCKET` with the name of the object storage bucket where backups should be stored
+- `ACCESS_KEY_ID` with the access key id to use for accessing the bucket
+- `SECRET_ACCESS_KEY` with the secret access key to use for accessing the bucket
+- `REGISTRY_HOSTNAME` with the registry endpoint where the images are hosted
+- `REGISTRY_NAMESPACE` with the registry namespace where the images are hosted (Optional)
+- `REGISTRY_USERNAME` with the username to use to authenticate with the registry
+- `REGISTRY_PASSWORD` with the password to use to authenticate with the registry
 
 If no Velero installation is detected, instructions are displayed to install Velero and configure the storage destination.
 

diff --git a/...ise/snapshots-velero-installing-config.md → ...se/snapshots-velero-installing-config.mdx b/...ise/snapshots-velero-installing-config.md → ...se/snapshots-velero-installing-config.mdx
@@ -1,4 +1,6 @@
 import NodeAgentMemLimit from "../partials/snapshots/_node-agent-mem-limit.mdx"
+import KotsadmNamespace from "../partials/kots-cli/_kotsadm-namespace.mdx"
+import KotsadmRegistry from "../partials/kots-cli/_kotsadm-registry.mdx"
 
 # Configuring Namespace Access and Memory Limit
 

diff --git a/docs/enterprise/updating-apps.md b/docs/enterprise/updating-apps.md
@@ -110,8 +110,7 @@ In order to install an update from an air gap file, the following command can be
 ```bash
 kubectl kots upstream upgrade <app slug> \
   --airgap-bundle new-app-release.airgap \
-  --kotsadm-namespace <registry namespace> \
-  --kotsadm-registry <registry host> \
+  --kotsadm-registry <registry host>[/<registry namespace>] \
   --registry-username <username> \
   --registry-password <password> \
   -n <Admin Console namespace>

diff --git a/docs/partials/kots-cli/_kotsadm-namespace.mdx b/docs/partials/kots-cli/_kotsadm-namespace.mdx
@@ -1,5 +1,5 @@
 <tr>
   <td><code>--kotsadm-namespace</code></td>
   <td>string</td>
-  <td>Overrides the namespace of Admin Console images. Used for air gap installations.</td>
+  <td><p>Set to override the registry namespace of KOTS Admin Console images. Used for air gap installations. For more information, see [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped).</p><p><strong>Note:</strong> Replicated recommends that you use <code>--kotsadm-registry</code> instead of <code>--kotsadm-namespace</code> to override both the registry hostname and, optionally, the registry namespace with a single flag.</p></td>
 </tr>
diff --git a/docs/partials/kots-cli/_kotsadm-registry.mdx b/docs/partials/kots-cli/_kotsadm-registry.mdx
@@ -1,5 +1,5 @@
 <tr>
   <td><code>--kotsadm-registry</code></td>
   <td>string</td>
-  <td>Overrides the registry of Admin Console images. Used for air gap installations.</td>
+  <td>Set to override the registry hostname and namespace of KOTS Admin Console images. Used for air gap installations. For more information, see [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped).</td>
 </tr>
diff --git a/docs/reference/kots-cli-admin-console-generate-manifests.md b/docs/reference/kots-cli-admin-console-generate-manifests.md
diff --git a/docs/reference/kots-cli-admin-console-generate-manifests.mdx b/docs/reference/kots-cli-admin-console-generate-manifests.mdx
@@ -0,0 +1,85 @@
+import KotsadmNamespace from "../partials/kots-cli/_kotsadm-namespace.mdx"
+import KotsadmRegistry from "../partials/kots-cli/_kotsadm-registry.mdx"
+import RegistryPassword from "../partials/kots-cli/_registry-password.mdx"
+import RegistryUsername from "../partials/kots-cli/_registry-username.mdx"
+
+# admin-console generate-manifests
+
+Running this command will create a directory on the workstation containing the Replicated Admin Console manifests. These assets can be used to deploy KOTS to a cluster through other workflows, such as kubectl, to provide additional customization of the Admin Console before deploying.
+
+### Limitations
+
+`generate-manifests` does not support generating manifests for Red Hat OpenShift clusters or GKE Autopilot clusters if executed without a Kubernetes cluster context.
+
+To upgrade a KOTS instance that has ever been on version 1.72.0 or earlier, you must run `generate-manifests` with a Kubernetes cluster context.
+
+### Usage
+```bash
+kubectl kots admin-console generate-manifests [flags]
+```
+
+This command supports the following flags:
+
+<table>
+    <tr>
+        <td>Flag</td>
+        <td>Type</td>
+        <td>Description</td>
+    </tr>
+    <tr>
+        <td><code>--rootdir</code></td>
+        <td>string</td>
+        <td>Root directory where the YAML will be written (default `${HOME}` or `%USERPROFILE%`)</td>
+    </tr>
+    <tr>
+        <td><code>--namespace</code></td>
+        <td>string</td>
+        <td>Target namespace for the Admin Console</td>
+    </tr>
+    <tr>
+        <td><code>--shared-password</code></td>
+        <td>string</td>
+        <td>Shared password to use when deploying the Admin Console</td>
+    </tr>
+    <tr>
+        <td><code>--http-proxy</code></td>
+        <td>string</td>
+        <td>Sets HTTP_PROXY environment variable in all KOTS Admin Console components</td>
+    </tr>
+    <tr>
+        <td><code>--http-proxy</code></td>
+        <td>string</td>
+        <td>Sets HTTP_PROXY environment variable in all KOTS Admin Console</td>
+    </tr>
+    <KotsadmNamespace/>
+    <KotsadmRegistry/>
+    <tr>
+        <td><code>--no-proxy</code></td>
+        <td>string</td>
+        <td>Sets NO_PROXY environment variable in all KOTS Admin Console components</td>
+    </tr>
+    <RegistryPassword/>
+    <RegistryUsername/>
+    <tr>
+        <td><code>--with-minio</code></td>
+        <td>bool</td>
+        <td>Set to true to include a local minio instance to be used for storage (default true)</td>
+    </tr>
+    <tr>
+        <td><code>--minimal-rbac</code></td>
+        <td>bool</td>
+        <td>Set to true to include a local minio instance to be used for storage (default true)</td>
+    </tr>
+    <tr>
+        <td><code>--additional-namespaces</code></td>
+        <td>string</td>
+        <td>Comma delimited list to specify additional namespace(s) managed by KOTS outside where it is to be deployed. Ignored without with <code>--minimal-rbac=true</code></td>
+    </tr>
+</table>
+
+### Examples
+```bash
+kubectl kots admin-console generate-manifests
+kubectl kots admin-console generate-manifests --rootdir ./manifests
+kubectl kots admin-console generate-manifests --namespace kotsadm --minimal-rbac=true --additional-namespaces="app1,app3"
+```
diff --git a/docs/reference/kots-cli-install.md → docs/reference/kots-cli-install.mdx b/docs/reference/kots-cli-install.md → docs/reference/kots-cli-install.mdx
@@ -1,4 +1,9 @@
 import StrictSecurityContext from "../partials/kots-cli/_strict-security-context.mdx"
+import KotsadmNamespace from "../partials/kots-cli/_kotsadm-namespace.mdx"
+import KotsadmRegistry from "../partials/kots-cli/_kotsadm-registry.mdx"
+import RegistryPassword from "../partials/kots-cli/_registry-password.mdx"
+import RegistryUsername from "../partials/kots-cli/_registry-username.mdx"
+import Help from "../partials/kots-cli/_help.mdx"
 
 # install
 
@@ -59,11 +64,7 @@ This command supports all [global flags](kots-cli-global-flags) and also:
         <td>bool</td>
         <td>When <code>false</code>, KOTS does not attempt to create the RBAC resources necessary to manage applications. <strong>Default:</strong> <code>true</code>. If a role specification is needed, use the [generate-manifests](kots-cli-admin-console-generate-manifests) command.</td>
     </tr>
-    <tr>
-        <td><code>-h, --help</code></td>
-        <td></td>
-        <td>Help for install.</td>
-    </tr>
+    <Help/>
     <tr>
         <td><code>--http-proxy</code></td>
         <td>string</td>
@@ -74,16 +75,8 @@ This command supports all [global flags](kots-cli-global-flags) and also:
         <td>string</td>
         <td>Sets HTTPS_PROXY environment variable in all Admin Console components.</td>
     </tr>
-    <tr>
-        <td><code>--kotsadm-namespace</code></td>
-        <td>string</td>
-        <td>Set to override the namespace of kotsadm images. Used for air gapped installations. For more information, see [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped).</td>
-    </tr>
-    <tr>
-        <td><code>--kotsadm-registry</code></td>
-        <td>string</td>
-        <td>Set to override the registry of kotsadm images. Used for air gapped installations. For more information, see [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped).</td>
-    </tr>
+    <KotsadmNamespace/>
+    <KotsadmRegistry/>
     <tr>
         <td><code>--license-file</code></td>
         <td>string</td>
@@ -119,16 +112,8 @@ This command supports all [global flags](kots-cli-global-flags) and also:
         <td>string</td>
         <td>Timeout to be used while waiting for preflights to complete. Must be in [Go duration](https://pkg.go.dev/time#ParseDuration) format. For example, 10s, 2m. <strong>Default:</strong> 15m</td>
     </tr>
-    <tr>
-        <td><code>--registry-password</code></td>
-        <td>string</td>
-        <td>Password to use to authenticate with the application registry. Used for air gapped installations. For more information, see [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped).</td>
-    </tr>
-    <tr>
-        <td><code>--registry-username</code></td>
-        <td>string</td>
-        <td>Username to use to authenticate with the application registry. Used for air gapped installations. For more information, see [Air Gap Installation in Existing Clusters](/enterprise/installing-existing-cluster-airgapped).</td>
-    </tr>
+    <RegistryPassword/>
+    <RegistryUsername/>
     <tr>
         <td><code>--repo</code></td>
         <td>string</td>

diff --git a/docs/reference/kots-cli-velero-configure-hostpath.md b/docs/reference/kots-cli-velero-configure-hostpath.md