Copy 0.2 stratio-docs (kubernetes-sigs#266)

stg-0 · Sep 6, 2023 · 33b9c36 · 33b9c36
1 parent 12c6fb8
commit 33b9c36
Show file tree

Hide file tree

Showing 50 changed files with 5,246 additions and 0 deletions.
diff --git a/stratio-docs/HOW_TO_DOC.md b/stratio-docs/HOW_TO_DOC.md
@@ -0,0 +1,9 @@
+This is the client documentation, in opposition as the internal documentation present in the README.md
+
+* This documentation must be written in *Spanish*, the translation into an English version will be done by the Documentation team
+* When adding doc in *Spanish* file must be duplicated in the *en* folder with the header: _TO BE TRANSLATED_
+* The file names must be in english (as the filenames are used for generating links for both ES and EN versions)
+* When updating the docs a different PR must be opened, and the tag doc added to it. It will be reviewed by the Documentation team.
+* You must write your documentation under *Asciidoc* https://asciidoc-py.github.io/index.html
+* File `/antor-docs/es/antora.yml` must contain a version field matching the Version of cloud-provisioner
+
diff --git a/stratio-docs/en/antora.yml b/stratio-docs/en/antora.yml
@@ -0,0 +1,6 @@
+name: cloud-provisioner
+title: Stratio Cloud Provisioner
+version: '0.2'
+nav:
+- modules/ROOT/nav.adoc
+start_page: introduction.adoc
diff --git a/stratio-docs/en/modules/ROOT/assets/attachments/example-eks-md.yaml b/stratio-docs/en/modules/ROOT/assets/attachments/example-eks-md.yaml
@@ -0,0 +1,73 @@
+---
+apiVersion: cluster.x-k8s.io/v1beta1
+kind: MachineDeployment
+metadata:
+  annotations:
+    cluster.x-k8s.io/cluster-api-autoscaler-node-group-max-size: "3"
+    cluster.x-k8s.io/cluster-api-autoscaler-node-group-min-size: "1"
+  labels:
+    cluster.x-k8s.io/cluster-name: example
+  name: example-medium
+  namespace: cluster-example
+spec:
+  clusterName: example
+  minReadySeconds: 0
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 1
+  selector:
+    matchLabels:
+      cluster.x-k8s.io/cluster-name: example
+      cluster.x-k8s.io/deployment-name: example-medium
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        cluster.x-k8s.io/cluster-name: example
+        cluster.x-k8s.io/deployment-name: example-medium
+    spec:
+      bootstrap:
+        configRef:
+          apiVersion: bootstrap.cluster.x-k8s.io/v1beta2
+          kind: EKSConfigTemplate
+          name: example-medium
+          namespace: cluster-example
+      clusterName: example
+      failureDomain: eu-west-1c
+      infrastructureRef:
+        apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
+        kind: AWSMachineTemplate
+        name: example-medium
+        namespace: cluster-example
+      version: v1.24.0
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
+kind: AWSMachineTemplate
+metadata:
+  name: example-medium
+  namespace: cluster-example
+spec:
+  template:
+    metadata: {}
+    spec:
+      ami: {}
+      cloudInit: {}
+      iamInstanceProfile: nodes.cluster-api-provider-aws.sigs.k8s.io
+      instanceType: t3.medium
+      sshKeyName: null
+---
+apiVersion: bootstrap.cluster.x-k8s.io/v1beta2
+kind: EKSConfigTemplate
+metadata:
+  name: example-medium
+  namespace: cluster-example
+spec:
+  template:
+    spec:
+      kubeletExtraArgs:
+        node-labels: dynamic=true,
+---
diff --git a/stratio-docs/en/modules/ROOT/assets/attachments/example-gcp-md.yaml b/stratio-docs/en/modules/ROOT/assets/attachments/example-gcp-md.yaml
@@ -0,0 +1,62 @@
+---
+apiVersion: cluster.x-k8s.io/v1beta1
+kind: MachineDeployment
+metadata:
+  name: example-standard
+  namespace: cluster-example
+spec:
+  clusterName: example
+  replicas: 3
+  selector:
+    matchLabels: null
+  template:
+    spec:
+      bootstrap:
+        configRef:
+          apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
+          kind: KubeadmConfigTemplate
+          name: example-standard
+      clusterName: example
+      infrastructureRef:
+        apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+        kind: GCPMachineTemplate
+        name: example-standard
+      version: 1.24.11
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: GCPMachineTemplate
+metadata:
+  name: example-standard
+  namespace: cluster-example
+spec:
+  template:
+    spec:
+      image: projects/clusterapi-369611/global/images/cluster-api-ubuntu-2004-v1-24-11-1670424551
+      instanceType: n1-standard-2
+---
+apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
+kind: KubeadmConfigTemplate
+metadata:
+  name: example-standard
+  namespace: cluster-example
+spec:
+  template:
+    spec:
+      files:
+        - path: /etc/containerd/config.toml
+          content: "version = 2\nimports = [\"/etc/containerd/conf.d/*.toml\"]\n[plugins]\n\
+            \  [plugins.\"io.containerd.grpc.v1.cri\"]\n    sandbox_image = \"k8s.gcr.io/pause:3.6\"\
+            \n  [plugins.\"io.containerd.grpc.v1.cri\".containerd.runtimes.runc]\n\
+            \    runtime_type = \"io.containerd.runc.v2\"\n  [plugins.\"io.containerd.grpc.v1.cri\"\
+            .containerd.runtimes.runc.options]\n    SystemdCgroup = true\n  [plugins.\"\
+            io.containerd.grpc.v1.cri\".registry]\n    [plugins.\"io.containerd.grpc.v1.cri\"\
+            .registry.mirrors]\n      [plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors.\"\
+            docker.io\"]\n        endpoint = [\"https://registry-1.docker.io\"]\n\
+            \    [plugins.\"io.containerd.grpc.v1.cri\".registry.configs.\"eosregistry.azurecr.io\"\
+            .auth]\n      password = \"fzz7Q~ENWGZLq2EDBe2p_oTvw4ZhzZe0quWGZ\"\n \
+            \     username = \"3bf0da11-ce47-42a7-995d-1f8dd40bc84f\"\n"
+      joinConfiguration:
+        nodeRegistration:
+          kubeletExtraArgs:
+            cloud-provider: gce
+          name: '{{ ds.meta_data.local_hostname.split(".")[0] }}'
diff --git a/stratio-docs/en/modules/ROOT/assets/attachments/stratio-eks-policy.json b/stratio-docs/en/modules/ROOT/assets/attachments/stratio-eks-policy.json
@@ -0,0 +1,240 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": "iam:CreateServiceLinkedRole",
+      "Resource": "arn:*:iam::*:role/aws-service-role/eks.amazonaws.com/AWSServiceRoleForAmazonEKS",
+      "Condition": {
+        "StringLike": {
+          "iam:AWSServiceName": "eks.amazonaws.com"
+        }
+      }
+    },
+    {
+      "Effect": "Allow",
+      "Action": "iam:CreateServiceLinkedRole",
+      "Resource": "arn:*:iam::*:role/aws-service-role/eks-nodegroup.amazonaws.com/AWSServiceRoleForAmazonEKSNodegroup",
+      "Condition": {
+        "StringLike": {
+          "iam:AWSServiceName": "eks-nodegroup.amazonaws.com"
+        }
+      }
+    },
+    {
+      "Effect": "Allow",
+      "Action": "iam:CreateServiceLinkedRole",
+      "Resource": "arn:*:iam::*:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling",
+      "Condition": {
+        "StringLike": {
+          "iam:AWSServiceName": "autoscaling.amazonaws.com"
+        }
+      }
+    },
+    {
+      "Effect": "Allow",
+      "Action": "iam:CreateServiceLinkedRole",
+      "Resource": "arn:*:iam::*:role/aws-service-role/elasticloadbalancing.amazonaws.com/AWSServiceRoleForElasticLoadBalancing",
+      "Condition": {
+        "StringLike": {
+          "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com"
+        }
+      }
+    },
+    {
+      "Effect": "Allow",
+      "Action": "iam:CreateServiceLinkedRole",
+      "Resource": "arn:*:iam::*:role/aws-service-role/spot.amazonaws.com/AWSServiceRoleForEC2Spot",
+      "Condition": {
+        "StringLike": {
+          "iam:AWSServiceName": "spot.amazonaws.com"
+        }
+      }
+    },
+    {
+      "Effect": "Allow",
+      "Action": "iam:PassRole",
+      "Resource": "*",
+      "Condition": {
+        "StringEquals": {
+          "iam:PassedToService": "eks.amazonaws.com"
+        }
+      }
+    },
+    {
+      "Effect": "Allow",
+      "Action": [
+        "ec2:AuthorizeSecurityGroupIngress",
+        "ec2:DeleteSubnet",
+        "ec2:DescribeInstances",
+        "eks:UpdateAddon",
+        "iam:CreateRole",
+        "ec2:AttachInternetGateway",
+        "ec2:AssociateVpcCidrBlock",
+        "ec2:ReplaceRoute",
+        "ec2:AssociateRouteTable",
+        "ec2:DeleteRouteTable",
+        "ec2:DisassociateVpcCidrBlock",
+        "eks:DescribeAddon",
+        "ec2:DescribeInternetGateways",
+        "elasticloadbalancing:DeleteLoadBalancer",
+        "elasticloadbalancing:DescribeLoadBalancers",
+        "iam:AttachRolePolicy",
+        "iam:DetachRolePolicy",
+        "ec2:CreateRoute",
+        "ec2:CreateInternetGateway",
+        "autoscaling:DescribeAutoScalingGroups",
+        "ec2:DescribeVolumes",
+        "ec2:DescribeAccountAttributes",
+        "ec2:DeleteInternetGateway",
+        "autoscaling:DescribeInstanceRefreshes",
+        "ec2:DescribeKeyPairs",
+        "ec2:DescribeRouteTables",
+        "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
+        "elasticloadbalancing:RegisterInstancesWithLoadBalancer",
+        "ec2:DescribeLaunchTemplates",
+        "ec2:CreateTags",
+        "ec2:ModifyNetworkInterfaceAttribute",
+        "ec2:CreateRouteTable",
+        "ec2:RunInstances",
+        "iam:DeleteRole",
+        "iam:TagRole",
+        "ec2:DetachInternetGateway",
+        "ec2:DisassociateRouteTable",
+        "ec2:RevokeSecurityGroupIngress",
+        "elasticloadbalancing:DescribeLoadBalancerAttributes",
+        "elasticloadbalancing:AddTags",
+        "eks:CreateAddon",
+        "ec2:DeleteNatGateway",
+        "ec2:DeleteVpc",
+        "ec2:CreateSubnet",
+        "ec2:DescribeSubnets",
+        "elasticloadbalancing:ModifyLoadBalancerAttributes",
+        "ec2:DisassociateAddress",
+        "ec2:DescribeAddresses",
+        "tag:GetResources",
+        "ec2:DeleteTags",
+        "ec2:CreateNatGateway",
+        "elasticloadbalancing:ConfigureHealthCheck",
+        "ec2:CreateVpc",
+        "eks:ListAddons",
+        "ec2:DescribeVpcAttribute",
+        "ec2:ModifySubnetAttribute",
+        "elasticloadbalancing:RemoveTags",
+        "ec2:DescribeNetworkInterfaces",
+        "ec2:DescribeAvailabilityZones",
+        "ec2:DescribeNetworkInterfaceAttribute",
+        "ec2:CreateSecurityGroup",
+        "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer",
+        "ec2:ModifyVpcAttribute",
+        "ec2:DeleteLaunchTemplateVersions",
+        "eks:DescribeAddonVersions",
+        "ec2:ModifyInstanceAttribute",
+        "ec2:ReleaseAddress",
+        "ec2:DeleteLaunchTemplate",
+        "ec2:TerminateInstances",
+        "elasticloadbalancing:CreateLoadBalancer",
+        "elasticloadbalancing:DescribeTags",
+        "ec2:DescribeLaunchTemplateVersions",
+        "ec2:DescribeNatGateways",
+        "elasticloadbalancing:DeleteTargetGroup",
+        "ec2:AllocateAddress",
+        "ec2:DescribeSecurityGroups",
+        "ec2:CreateLaunchTemplateVersion",
+        "ec2:DescribeImages",
+        "ec2:CreateLaunchTemplate",
+        "eks:DeleteAddon",
+        "ec2:DescribeVpcs",
+        "ec2:DeleteSecurityGroup",
+        "eks:TagResource",
+        "ecr:GetAuthorizationToken",
+        "ecr:GetDownloadUrlForLayer",
+        "ecr:BatchGetImage",
+        "ecr:BatchCheckLayerAvailability",
+        "iam:ListInstanceProfilesForRole",
+        "iam:CreateInstanceProfile",
+        "iam:AddRoleToInstanceProfile",
+        "iam:ListRoleTags",
+        "route53:ListHostedZones",
+        "iam:PutRolePolicy",
+        "iam:PassRole",
+        "iam:DeleteOpenIDConnectProvider"
+      ],
+      "Resource": "*"
+    },
+    {
+      "Effect": "Allow",
+      "Action": "iam:PassRole",
+      "Resource": "arn:*:iam::*:role/*.cluster-api-provider-aws.sigs.k8s.io"
+    },
+    {
+      "Effect": "Allow",
+      "Action": [
+        "iam:GetRole",
+        "iam:ListAttachedRolePolicies",
+        "iam:GetOpenIDConnectProvider",
+        "iam:CreateOpenIDConnectProvider",
+        "iam:ListOpenIDConnectProviders"
+      ],
+      "Resource": [
+        "arn:*:iam::*:role/*",
+        "arn:*:iam::*:oidc-provider/*"
+      ]
+    },
+    {
+      "Effect": "Allow",
+      "Action": [
+        "kms:DescribeKey",
+        "kms:CreateGrant"
+      ],
+      "Resource": "*",
+      "Condition": {
+        "ForAnyValue:StringLike": {
+          "kms:ResourceAliases": "alias/cluster-api-provider-aws-*"
+        }
+      }
+    },
+    {
+      "Effect": "Allow",
+      "Action": [
+        "eks:UpdateClusterVersion",
+        "secretsmanager:CreateSecret",
+        "secretsmanager:DeleteSecret",
+        "eks:UpdateClusterConfig",
+        "ssm:GetParameter",
+        "eks:UpdateNodegroupVersion",
+        "eks:DescribeNodegroup",
+        "eks:AssociateEncryptionConfig",
+        "autoscaling:UpdateAutoScalingGroup",
+        "eks:ListIdentityProviderConfigs",
+        "autoscaling:DeleteTags",
+        "eks:DisassociateIdentityProviderConfig",
+        "iam:GetPolicy",
+        "eks:UntagResource",
+        "eks:CreateNodegroup",
+        "autoscaling:StartInstanceRefresh",
+        "eks:DeleteCluster",
+        "eks:DescribeIdentityProviderConfig",
+        "autoscaling:CreateOrUpdateTags",
+        "eks:DeleteNodegroup",
+        "eks:TagResource",
+        "eks:UpdateNodegroupConfig",
+        "eks:DescribeCluster",
+        "autoscaling:DeleteAutoScalingGroup",
+        "autoscaling:CreateAutoScalingGroup",
+        "eks:AssociateIdentityProviderConfig",
+        "secretsmanager:TagResource",
+        "eks:ListClusters",
+        "eks:CreateCluster"
+      ],
+      "Resource": [
+        "arn:*:autoscaling:*:*:autoScalingGroup:*:autoScalingGroupName/*",
+        "arn:*:secretsmanager:*:*:secret:aws.cluster.x-k8s.io/*",
+        "arn:*:ssm:*:*:parameter/aws/service/eks/optimized-ami/*",
+        "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy",
+        "arn:*:eks:*:*:cluster/*",
+        "arn:*:eks:*:*:nodegroup/*/*/*"
+      ]
+    }
+  ]
+}