Adding a getting started section for installing the APIs

Signed-off-by: Dyanngg <[email protected]>
kubernetes-sigs · Jun 20, 2023 · f5fb7f2 · f5fb7f2
1 parent 579435f
commit f5fb7f2
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 9 deletions.
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -39,6 +39,8 @@ nav:
     - Resources: api-overview.md
     - Versioning: versioning.md
     - Implementations: implementations.md
+  - Guides:
+    - Getting started: getting-started.md
   - Reference:
     - Examples: reference/examples.md
     - API Reference: reference/spec.md

diff --git a/site-src/getting-started.md b/site-src/getting-started.md
@@ -0,0 +1,24 @@
+# Getting started with Network Policy API
+
+**1. Install a Network Policy API compatible CNI**
+
+There are numerous Container Network Plugin projects that support or are actively working on
+supporting the Network Policy API. Please refer to the [implementations](implementations.md)
+doc for details on the supportability matrix.
+
+**2. Install the Network Policy API CRDs**
+
+The following commands will install the latest release version of the `AdminNetworkPolicy` and
+`BaselineAdminNetworkPolicy` CRDs in your K8s cluster:
+
+```bash
+kubectl apply -f https://github.com/kubernetes-sigs/network-policy-api/releases/download/v0.1.0/install.yaml
+```
+
+**3. Try out one of the sample yamls for specific user stories**
+
+- [Deny traffic at a cluster level](reference/examples.md#sample-spec-for-story-1-deny-traffic-at-a-cluster-level)
+- [Allow traffic at a cluster level](reference/examples.md#sample-spec-for-story-2-allow-traffic-at-a-cluster-level)
+- [Explicitly Delegate traffic to existing K8s Network Policy](reference/examples.md#sample-spec-for-story-3-explicitly-delegate-traffic-to-existing-k8s-network-policy)
+- [Create and Isolate multiple tenants in a cluster](reference/examples.md#sample-spec-for-story-4-create-and-isolate-multiple-tenants-in-a-cluster)
+- [Cluster Wide Default Guardrails](reference/examples.md#sample-spec-for-story-5-cluster-wide-default-guardrails)
diff --git a/site-src/reference/examples.md b/site-src/reference/examples.md
@@ -65,7 +65,7 @@ spec:
               app: kube-dns
 ```
 
-### Story 3: Explicitly Delegate traffic to existing K8s Network Policy
+### Sample Spec for Story 3: Explicitly Delegate traffic to existing K8s Network Policy
 
 ![Alt text](../../images/delegation.png?raw=true "Delegate")
 
@@ -81,21 +81,20 @@ spec:
   egress:
   - action: Pass
     to:
-    - namespaces:
+    - pods:
         namespaceSelector:
           matchLabels:
             kubernetes.io/metadata.name: bar-ns-1
-      pods:
         podSelector:
           matchLabels:
             app: svc-pub
     ports:
-      - portNumber: 
-          protocol: TCP
-          port: 8080
+    - portNumber:
+        protocol: TCP
+        port: 8080
 ```
 
-### Story 4: Create and Isolate multiple tenants in a cluster  
+### Sample Spec for Story 4: Create and Isolate multiple tenants in a cluster  
 
 ![Alt text](../../images/tenants.png?raw=true "Tenants")
 
@@ -117,7 +116,7 @@ spec:
           - tenant
 ```
 
-This can also be expressed in the following way: 
+This can also be expressed in the following way:
 
 ```yaml
 apiVersion: policy.networking.k8s.io/v1alpha1
@@ -141,7 +140,7 @@ spec:
           namespaceSelector: {}
 ```
 
-### Story 5: Cluster Wide Default Guardrails
+### Sample Spec for Story 5: Cluster Wide Default Guardrails
 
 ![Alt text](../../images/baseline.png?raw=true "Default Rules")