From 86844eed00e8e10a3d15e7740cd44b7cce97e382 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Thu, 30 Oct 2025 11:37:34 -0700 Subject: [PATCH 01/24] Update admin-overview.md Added mermaid graphic and content formatting testing --- docs/versioned/admin/admin-overview.md | 79 +++++++++++--------------- 1 file changed, 34 insertions(+), 45 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 16f9f94133..7b843a5cb9 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -9,6 +9,16 @@ function: explanation This page provides guidance for administrators on how to manage Knative on an existing Kubernetes cluster. +```mermaid +--- +config: + theme: redux +--- +flowchart TD + A(["Administrator"]) --> B{"Knative"} + B --> C["Knative Serving"] & D["Knative Eventing"] +``` + As a cluster administrator, your responsibilities include managing the Kubernetes environment, installing cluster-wide components, and enabling developers to deploy applications on the cluster. Knative aims to simplify developer tasks, while aligning with existing management tools and processes. Knative includes a plugin system to integrate with existing infrastructure in the cluster, enabling Knative resources such as Routes and Brokers to be implemented using one of multiple underlying suppliers. For example, a Knative Eventing app can deliver events to a Broker that triggers a function based on the received event. In a testing cluster, the delivery might use an in-memory option, while a staging or production environment might use a cloud-provided Kafka service. @@ -23,7 +33,29 @@ See the [Installation roadmap](../install/README.md#installation-roadmap) for pr Knative uses Kubernetes YAML manifests to define and configure system components. These manifests include core resources, custom resource definitions (CRDs), and extensibility features. As with Kubernetes, these configuration resources are declarative and can be managed using the `kubectl` CLI tool or with continuous delivery tools. -### Resource scoping and namespaces +This section provides an overview of the current configurations procedures in the Knative documentation of interest to Administrators. + +### Network options + +| Configuration | Frequency | Tool | ConfigMap | +| --- | --- | --- | --- | +| [Configure the ingress gateway](../serving/setting-up-custom-ingress-gateway.md) | Infrequent | kubectl | config-istio | +| [Configure Domain names](../serving/using-a-custom-domain.md) | Infrequent | kubectl | config-domain | +| [Istio Authorization](../serving/istio-authorization.md) | Infrequent | kubectl | | + +### Serving configuration + +TBW + +#### Encryption + +TBW + +### Eventing configurations + +TBW + +## Resource scoping and namespaces Knative resources are namespaced. Knative adheres to the Kubernetes model of namespace-based isolation that lets you manage development teams and resources by assigning them to namespaces. @@ -36,7 +68,7 @@ You can optimize and enforce isolation involving namespaces using standard Kuber - [Network Policies](https://kubernetes.io/docs/concepts/services-networking/network-policies/) - [Pod Security Standards](https://kubernetes.io/docs/concepts/security/pod-security-standards/) -### Configuring Knative components +## Configuring Knative components Knative configurations are performed by the following methods: @@ -52,49 +84,6 @@ Knative configurations are performed by the following methods: Some platform-wide settings can be managed declaratively using the Knative Operator. -### Configuration tasks - -Knative documentation provides the following configuration procedures. This list is subject subject to change. - -Configurations for default settings: - -- [Broker defaults](../eventing/configuration/broker-configuration.md) -- [ConfigMap defaults](../serving/configuration/config-defaults.md) -- [Event source defaults](../eventing/configuration/sources-configuration.md) -- [Channel defaults](../eventing/configuration/channel-configuration.md) -- [Kafka channel defaults](../eventing/configuration/kafka-channel-configuration.md) -- [Domain names](../serving/using-a-custom-domain.md) -- [Ingress gateway replacement](../serving/setting-up-custom-ingress-gateway.md) - -Configurations for new development: - -- [Deployment resources](../serving/configuration/deployment.md) -- [Istio access to deployed services](../serving/istio-authorization.md) -- [Namespace exclusion from webhooks](../serving/istio-authorization.md) - -Configurations for maintenance: - -- [Garbage collection](../serving/revisions/revision-admin-config-options.md) -- [High availability](../serving/config-ha.md) -- [Rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) -- [Autoscaling of Kafka features](../eventing/configuration/keda-configuration.md) - -Configurations for security encryptions: - -- [cert-manager](../serving/encryption/configure-certmanager-integration.md) -- [External domains](../serving/encryption/external-domain-tls.md) -- [Local domains](../serving/encryption/cluster-local-domain-tls.md) -- [system-internal](../serving/encryption/system-internal-tls.md) - -Configurations for extensions: - -- [Kafka Broker features](../serving/encryption/system-internal-tls.md) -- [Sugar Controller](../eventing/configuration/sugar-configuration.md) - -Configurations for flagging features: - -- [Serving features](../serving/configuration/feature-flags.md) -- [Eventing features](../eventing/features/README.md) ## Authorizations From ee353b9539ef5d3750856d0b91e3701ebc26bd91 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Thu, 30 Oct 2025 12:20:04 -0700 Subject: [PATCH 02/24] Update admin-overview.md Formatting testing --- docs/versioned/admin/admin-overview.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 7b843a5cb9..434b0111a8 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -37,11 +37,9 @@ This section provides an overview of the current configurations procedures in th ### Network options -| Configuration | Frequency | Tool | ConfigMap | -| --- | --- | --- | --- | -| [Configure the ingress gateway](../serving/setting-up-custom-ingress-gateway.md) | Infrequent | kubectl | config-istio | -| [Configure Domain names](../serving/using-a-custom-domain.md) | Infrequent | kubectl | config-domain | -| [Istio Authorization](../serving/istio-authorization.md) | Infrequent | kubectl | | +Reconfigure the default gateway, [Configure the ingress gateway](../serving/setting-up-custom-ingress-gateway.md), with the `config-istio` ConfigMap. Grant accesses [Istio Authorization](../serving/istio-authorization.md), and [Configure Domain names](../serving/using-a-custom-domain.md) using the `config-domain` ConfigMap. + +Make these configurations using `kubectl` when creating clusters and as needed. ### Serving configuration From 39f98bdeb46fb55ec98cb41560df1026a8cd5d8a Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Thu, 30 Oct 2025 16:39:35 -0700 Subject: [PATCH 03/24] Update admin-overview.md Trying a "blog" approach.... --- docs/versioned/admin/admin-overview.md | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 434b0111a8..4aecb26117 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -37,17 +37,25 @@ This section provides an overview of the current configurations procedures in th ### Network options -Reconfigure the default gateway, [Configure the ingress gateway](../serving/setting-up-custom-ingress-gateway.md), with the `config-istio` ConfigMap. Grant accesses [Istio Authorization](../serving/istio-authorization.md), and [Configure Domain names](../serving/using-a-custom-domain.md) using the `config-domain` ConfigMap. +For new clusters, you can [configure the ingress gateway](../serving/setting-up-custom-ingress-gateway.md) with your own gateway and underlying service using the `config-istio` ConfigMap. You also need to grant [Istio authorization](../serving/istio-authorization.md) to your deployed Knative services. -Make these configurations using `kubectl` when creating clusters and as needed. +As needed, [configure domain names](../serving/using-a-custom-domain.md) using the `config-domain` ConfigMap. + +You make these configurations using `kubectl`. ### Serving configuration -TBW +As needed for deployments, configure Kubernetes [deployment resources](../serving/configuration/deployment.md), which back Knative services, using the `config-deployment`ConfigMap. Also [configure the Defaults ConfigMap](../serving/configuration/config-defaults.md), `config-defaults` for default resource values such as performance, hardware, and storage settings. -#### Encryption +When traffic concerns occur, such as request queue lengths, you can alleviate congestion with [rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) using the `config-network` ConfigMap. -TBW +You can [configure garbage collection](../serving/revisions/revision-admin-config-options.md), including disabling it on a cluster, elapsed time settings, and minimum and maximum number of revisions to retain. These settings are made with the modifying the `config-gc` ConfigMap. + +Knative provides three layers of encryption, as described in the [Serving Encryption Overview](../serving/encryption/encryption-overview.md), for external domains, local cluster, and system internal using the `config-network`. See also [Configure cert-manager integration](../serving/encryption/configure-certmanager-integration.md.) + +For performance you can [Configure high-availability components](../serving/config-ha.md) and [exclude namespaces from the Knative webhook](..serving/webhook-customizations.md) to alleviate issues during an upgrade. + +You make these configurations using `kubectl`. ### Eventing configurations From a975f5c0238ce897dabe7024a0dc5533108c6079 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Thu, 30 Oct 2025 16:48:24 -0700 Subject: [PATCH 04/24] Update admin-overview.md Minor edits --- docs/versioned/admin/admin-overview.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 4aecb26117..13813e18f6 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -37,21 +37,21 @@ This section provides an overview of the current configurations procedures in th ### Network options -For new clusters, you can [configure the ingress gateway](../serving/setting-up-custom-ingress-gateway.md) with your own gateway and underlying service using the `config-istio` ConfigMap. You also need to grant [Istio authorization](../serving/istio-authorization.md) to your deployed Knative services. +For new clusters, you can [configure the ingress gateway](../serving/setting-up-custom-ingress-gateway.md) with your own gateway and underlying service with the `config-istio` ConfigMap. You also need to grant [Istio authorization](../serving/istio-authorization.md) to your deployed Knative services. -As needed, [configure domain names](../serving/using-a-custom-domain.md) using the `config-domain` ConfigMap. +As needed, [configure domain names](../serving/using-a-custom-domain.md) with the `config-domain` ConfigMap. You make these configurations using `kubectl`. ### Serving configuration -As needed for deployments, configure Kubernetes [deployment resources](../serving/configuration/deployment.md), which back Knative services, using the `config-deployment`ConfigMap. Also [configure the Defaults ConfigMap](../serving/configuration/config-defaults.md), `config-defaults` for default resource values such as performance, hardware, and storage settings. +As needed for deployments, configure Kubernetes [deployment resources](../serving/configuration/deployment.md), which back Knative services, with the `config-deployment`ConfigMap. Also [configure the Defaults ConfigMap](../serving/configuration/config-defaults.md), `config-defaults`, for default resource values such as performance, hardware, and storage settings. -When traffic concerns occur, such as request queue lengths, you can alleviate congestion with [rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) using the `config-network` ConfigMap. +When traffic concerns occur such as request queue lengths, you can alleviate congestion with [rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) with the `config-network` ConfigMap. -You can [configure garbage collection](../serving/revisions/revision-admin-config-options.md), including disabling it on a cluster, elapsed time settings, and minimum and maximum number of revisions to retain. These settings are made with the modifying the `config-gc` ConfigMap. +You can [configure garbage collection](../serving/revisions/revision-admin-config-options.md), including disabling it on a cluster, elapsed time settings, and minimum and maximum number of revisions to retain. These settings are made with the `config-gc` ConfigMap. -Knative provides three layers of encryption, as described in the [Serving Encryption Overview](../serving/encryption/encryption-overview.md), for external domains, local cluster, and system internal using the `config-network`. See also [Configure cert-manager integration](../serving/encryption/configure-certmanager-integration.md.) +Knative provides three layers of encryption, as described in the [Serving Encryption Overview](../serving/encryption/encryption-overview.md), for external domains, local cluster, and system internal with the `config-network` ConfigMap. See also [Configure cert-manager integration](../serving/encryption/configure-certmanager-integration.md.) For performance you can [Configure high-availability components](../serving/config-ha.md) and [exclude namespaces from the Knative webhook](..serving/webhook-customizations.md) to alleviate issues during an upgrade. From 4d519f97422e1db7149a250b8942289894df8291 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Thu, 30 Oct 2025 17:05:10 -0700 Subject: [PATCH 05/24] Update admin-overview.md Link fixes --- docs/versioned/admin/admin-overview.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 13813e18f6..d0a1342032 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -51,9 +51,9 @@ When traffic concerns occur such as request queue lengths, you can alleviate con You can [configure garbage collection](../serving/revisions/revision-admin-config-options.md), including disabling it on a cluster, elapsed time settings, and minimum and maximum number of revisions to retain. These settings are made with the `config-gc` ConfigMap. -Knative provides three layers of encryption, as described in the [Serving Encryption Overview](../serving/encryption/encryption-overview.md), for external domains, local cluster, and system internal with the `config-network` ConfigMap. See also [Configure cert-manager integration](../serving/encryption/configure-certmanager-integration.md.) +Knative provides three layers of encryption, as described in the [Serving Encryption Overview](../serving/encryption/encryption-overview.md), for external domains, local cluster, and system internal with the `config-network` ConfigMap. See also [Configure cert-manager integration](../serving/encryption/configure-certmanager-integration.md). -For performance you can [Configure high-availability components](../serving/config-ha.md) and [exclude namespaces from the Knative webhook](..serving/webhook-customizations.md) to alleviate issues during an upgrade. +For performance you can [Configure high-availability components](../serving/config-ha.md) and [exclude namespaces from the Knative webhook](../serving/webhook-customizations.md) to alleviate issues during an upgrade. You make these configurations using `kubectl`. From 5b77048409c88f18c425578462bce6a4d4d17409 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Thu, 30 Oct 2025 18:25:57 -0700 Subject: [PATCH 06/24] Update admin-overview.md Minor edits --- docs/versioned/admin/admin-overview.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index d0a1342032..52808ab414 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -33,7 +33,7 @@ See the [Installation roadmap](../install/README.md#installation-roadmap) for pr Knative uses Kubernetes YAML manifests to define and configure system components. These manifests include core resources, custom resource definitions (CRDs), and extensibility features. As with Kubernetes, these configuration resources are declarative and can be managed using the `kubectl` CLI tool or with continuous delivery tools. -This section provides an overview of the current configurations procedures in the Knative documentation of interest to Administrators. +The following sections provide an overview of the current configurations procedures of interest to Administrators. ### Network options @@ -43,17 +43,17 @@ As needed, [configure domain names](../serving/using-a-custom-domain.md) with th You make these configurations using `kubectl`. -### Serving configuration +### Serving configurations -As needed for deployments, configure Kubernetes [deployment resources](../serving/configuration/deployment.md), which back Knative services, with the `config-deployment`ConfigMap. Also [configure the Defaults ConfigMap](../serving/configuration/config-defaults.md), `config-defaults`, for default resource values such as performance, hardware, and storage settings. +As needed for deployments, configure Kubernetes [deployment resources](../serving/configuration/deployment.md), which back Knative services, with the `config-deployment`ConfigMap. Also [configure the defaults ConfigMap](../serving/configuration/config-defaults.md), `config-defaults`, for default resource values such as performance, hardware, and storage settings. -When traffic concerns occur such as request queue lengths, you can alleviate congestion with [rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) with the `config-network` ConfigMap. +When a traffic issue in the request queue occurs, you can alleviate congestion with [rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) with the `config-network` ConfigMap. You can [configure garbage collection](../serving/revisions/revision-admin-config-options.md), including disabling it on a cluster, elapsed time settings, and minimum and maximum number of revisions to retain. These settings are made with the `config-gc` ConfigMap. -Knative provides three layers of encryption, as described in the [Serving Encryption Overview](../serving/encryption/encryption-overview.md), for external domains, local cluster, and system internal with the `config-network` ConfigMap. See also [Configure cert-manager integration](../serving/encryption/configure-certmanager-integration.md). +Knative provides three layers of encryption, as described in the [Serving Encryption Overview](../serving/encryption/encryption-overview.md), for external domains, local cluster, and system internal. These settings are made with the `config-network` ConfigMap. See also [Configure cert-manager integration](../serving/encryption/configure-certmanager-integration.md). -For performance you can [Configure high-availability components](../serving/config-ha.md) and [exclude namespaces from the Knative webhook](../serving/webhook-customizations.md) to alleviate issues during an upgrade. +For performance concerns during an upgrade, you can [configure high-availability components](../serving/config-ha.md) and [exclude namespaces from the Knative webhook](../serving/webhook-customizations.md). You make these configurations using `kubectl`. From d09b0f3f5af1a62d15534cb715e7d84c1cf6d875 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Thu, 30 Oct 2025 23:03:16 -0700 Subject: [PATCH 07/24] Update docs/versioned/admin/admin-overview.md Co-authored-by: Evan Anderson --- docs/versioned/admin/admin-overview.md | 33 ++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 52808ab414..1254c15708 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -15,8 +15,37 @@ config: theme: redux --- flowchart TD - A(["Administrator"]) --> B{"Knative"} - B --> C["Knative Serving"] & D["Knative Eventing"] + Dev(["Application Developers"]) + dev-acts@{ shape: text, label: "Manages k8s objects defined by" } + subgraph Knative + Serving + Eventing + end + subgraph Plugins + net-istio["Istio"] + net-contour["Contour"] + net-gateway-api["Gateway API"] + event-kafka["Kafka"] + event-rabbitmq["RabbitMQ"] + event-nats["NATS"] + end + event-impl@{ shape: text, label: "implements" } + net-impl@{ shape: text, label: "implements" } + admin-acts@{ shape: text, label: "Installs and configures" } + Admin(["Cluster Administrators"]) + + Dev --- dev-acts + dev-acts --> Serving & Eventing + + admin-acts --- Admin + Plugins & Knative --- admin-acts + %% The ~~~ ... --> syntax is used to force backwards arrows; + %% See https://github.com/mermaid-js/mermaid/issues/2629 for details. + Serving ~~~ net-impl --> Serving + Eventing ~~~ event-impl --> Eventing + + net-impl --- net-istio & net-contour & net-gateway-api + event-impl --- event-kafka & event-rabbitmq & event-nats ``` As a cluster administrator, your responsibilities include managing the Kubernetes environment, installing cluster-wide components, and enabling developers to deploy applications on the cluster. Knative aims to simplify developer tasks, while aligning with existing management tools and processes. From 500ac2f86c0d6201f103fdae079ca7f686835629 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Thu, 30 Oct 2025 23:13:28 -0700 Subject: [PATCH 08/24] Update admin-overview.md Added Eventing config summaries --- docs/versioned/admin/admin-overview.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 1254c15708..40d6e6aeac 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -88,7 +88,17 @@ You make these configurations using `kubectl`. ### Eventing configurations -TBW +| Configuration | ConfigMap | Description | +| -- | --- | --- | +| [Broker defaults](../eventing/configuration/broker-configuration.md) | `config-br-defaults` | Specify your own broker class and channel, or use the default `MTChannelBasedBroker` Broker class and the ConfigMap of channel defaults. | +| [Channel defaults](../eventing/configuration/channel-configuration.md) | `default-ch-webhook` | Default configurations and labels to use for the channel. | +| [Apache Kafka Channel defaults](../eventing/configuration/kafka-channel-configuration.md) | `kafka-channel` | Defines how KafkaChannel instances are created. Requires that KafkaChannel custom resource definitions (CRD) are installed.| +| [Kafka Broker features](../eventing/brokers/broker-types/kafka-broker/configuring-kafka-features.md) | `config-kafka-features` | Configure options for Broker interactions with Apache Kafka clusters. | +| [Event source defaults](../eventing/configuration/sources-configuration.md) |`config-ping-defaults` | Configure the PingSource default resources and the maximum data size for CloudEvents it produces. | +| [Sugar Controller](../eventing/sugar/README.md) |`config-sugar` | Configure the Sugar controller, which reacts to label configurations to produce or control eventing resources. See also [Knative Eventing Sugar Controller](../eventing/sugar/README.md). | +| [KEDA Autoscaling of Knative Kafka Resources](../eventing/configuration/keda-configuration.md) |`config-kafka-features` | Configure how KEDA scales a KafkaSource, trigger, or subscription. Note: This feature is is Alpha pre-release. | + +You make these configurations using `kubectl`, some by applying YAML files you create. ## Resource scoping and namespaces From 4464b7ae09fd7c65fd9ebb69c3ce723637379784 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 00:17:47 -0700 Subject: [PATCH 09/24] Update admin-overview.md Put all config overviews in tables --- docs/versioned/admin/admin-overview.md | 27 ++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 40d6e6aeac..ce34fe8f62 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -66,23 +66,26 @@ The following sections provide an overview of the current configurations procedu ### Network options -For new clusters, you can [configure the ingress gateway](../serving/setting-up-custom-ingress-gateway.md) with your own gateway and underlying service with the `config-istio` ConfigMap. You also need to grant [Istio authorization](../serving/istio-authorization.md) to your deployed Knative services. - -As needed, [configure domain names](../serving/using-a-custom-domain.md) with the `config-domain` ConfigMap. +| Configuration | ConfigMap | Description | +| -- | --- | --- | +| [Ingress gateway](../serving/setting-up-custom-ingress-gateway.md)| `config-istio` | For new clusters, you can configure your own gateway and underlying service. | +| [Istio authorization](../serving/istio-authorization.md) | NA | Grant authorization to your deployed Knative services. | +| [Configure domain names](../serving/using-a-custom-domain.md) | `config-domain` | Configure and publish domains. | You make these configurations using `kubectl`. ### Serving configurations -As needed for deployments, configure Kubernetes [deployment resources](../serving/configuration/deployment.md), which back Knative services, with the `config-deployment`ConfigMap. Also [configure the defaults ConfigMap](../serving/configuration/config-defaults.md), `config-defaults`, for default resource values such as performance, hardware, and storage settings. - -When a traffic issue in the request queue occurs, you can alleviate congestion with [rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) with the `config-network` ConfigMap. - -You can [configure garbage collection](../serving/revisions/revision-admin-config-options.md), including disabling it on a cluster, elapsed time settings, and minimum and maximum number of revisions to retain. These settings are made with the `config-gc` ConfigMap. - -Knative provides three layers of encryption, as described in the [Serving Encryption Overview](../serving/encryption/encryption-overview.md), for external domains, local cluster, and system internal. These settings are made with the `config-network` ConfigMap. See also [Configure cert-manager integration](../serving/encryption/configure-certmanager-integration.md). - -For performance concerns during an upgrade, you can [configure high-availability components](../serving/config-ha.md) and [exclude namespaces from the Knative webhook](../serving/webhook-customizations.md). +| Configuration | ConfigMap | Description | +| -- | --- | --- | +| [Deployment resources](../serving/configuration/deployment.md) | `config-deployment` | Kubernetes deployment resources that back Knative services. | +| [Defaults ConfigMap](../serving/configuration/config-defaults.md) | `config-defaults` | Default resource values such as performance, hardware, and storage settings. | +| [Rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) | `config-network` | Adjust rollout durations to accommodate longer request queues. | +| [Garbage collection](../serving/revisions/revision-admin-config-options.md) | `config-gc` | Disable and enable collection and set retention time values. | +| [Serving Encryption Overview](../serving/encryption/encryption-overview.md) | `config-network` | Provides links to procedures for encrypting external domains, the local cluster, and system internal. | +| [Configure cert-manager integration](../serving/encryption/configure-certmanager-integration.md) | NA | Describes how to manage automatic certificate provisioning. | +| [High-availability components](../serving/config-ha.md) | NA | Configure ensure that APIs stay operational if a disruption occurs. | +| [Exclude namespaces from the Knative webhook](../serving/webhook-customizations.md) | NA | For performance concerns during an upgrade. | You make these configurations using `kubectl`. From 3654642cb4bb3ea3a0dea3640720929d9243cd44 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 00:24:17 -0700 Subject: [PATCH 10/24] Update admin-overview.md Section title tweaks --- docs/versioned/admin/admin-overview.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index ce34fe8f62..1d9cecf9c3 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -58,13 +58,13 @@ Of particular interest to cluster administrators is that Knative supports custom See the [Installation roadmap](../install/README.md#installation-roadmap) for prerequisites and installation steps. Your first installation decision is whether to use a YAML-based installation or use the Knative Operator. The Knative Operator is a custom controller that extends the Kubernetes API to install Knative components. If you just need to get acquainted with Knative at this time, you can install the [quickstart](../getting-started/quickstart-install.md). -## Configuring Knative +## Configuring Summaries Knative uses Kubernetes YAML manifests to define and configure system components. These manifests include core resources, custom resource definitions (CRDs), and extensibility features. As with Kubernetes, these configuration resources are declarative and can be managed using the `kubectl` CLI tool or with continuous delivery tools. The following sections provide an overview of the current configurations procedures of interest to Administrators. -### Network options +### Network option summaries | Configuration | ConfigMap | Description | | -- | --- | --- | @@ -74,7 +74,7 @@ The following sections provide an overview of the current configurations procedu You make these configurations using `kubectl`. -### Serving configurations +### Serving configuration summaries | Configuration | ConfigMap | Description | | -- | --- | --- | @@ -89,7 +89,7 @@ You make these configurations using `kubectl`. You make these configurations using `kubectl`. -### Eventing configurations +### Eventing configuration summaries | Configuration | ConfigMap | Description | | -- | --- | --- | From 26312596796440f10f464376e3334b90a3671650 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 00:39:10 -0700 Subject: [PATCH 11/24] Update admin-overview.md Formatting edits --- docs/versioned/admin/admin-overview.md | 24 +++++++++--------------- 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 1d9cecf9c3..6ad93e8446 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -58,23 +58,21 @@ Of particular interest to cluster administrators is that Knative supports custom See the [Installation roadmap](../install/README.md#installation-roadmap) for prerequisites and installation steps. Your first installation decision is whether to use a YAML-based installation or use the Knative Operator. The Knative Operator is a custom controller that extends the Kubernetes API to install Knative components. If you just need to get acquainted with Knative at this time, you can install the [quickstart](../getting-started/quickstart-install.md). -## Configuring Summaries +## Configuration summaries Knative uses Kubernetes YAML manifests to define and configure system components. These manifests include core resources, custom resource definitions (CRDs), and extensibility features. As with Kubernetes, these configuration resources are declarative and can be managed using the `kubectl` CLI tool or with continuous delivery tools. -The following sections provide an overview of the current configurations procedures of interest to Administrators. +The following sections provide an overview of the current configurations procedures of interest to Administrators. You make these configurations using `kubectl`, some by applying YAML files you create. -### Network option summaries +### Network | Configuration | ConfigMap | Description | | -- | --- | --- | | [Ingress gateway](../serving/setting-up-custom-ingress-gateway.md)| `config-istio` | For new clusters, you can configure your own gateway and underlying service. | | [Istio authorization](../serving/istio-authorization.md) | NA | Grant authorization to your deployed Knative services. | -| [Configure domain names](../serving/using-a-custom-domain.md) | `config-domain` | Configure and publish domains. | +| [Domain names](../serving/using-a-custom-domain.md) | `config-domain` | Configure and publish domains. | -You make these configurations using `kubectl`. - -### Serving configuration summaries +### Serving | Configuration | ConfigMap | Description | | -- | --- | --- | @@ -82,14 +80,12 @@ You make these configurations using `kubectl`. | [Defaults ConfigMap](../serving/configuration/config-defaults.md) | `config-defaults` | Default resource values such as performance, hardware, and storage settings. | | [Rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) | `config-network` | Adjust rollout durations to accommodate longer request queues. | | [Garbage collection](../serving/revisions/revision-admin-config-options.md) | `config-gc` | Disable and enable collection and set retention time values. | -| [Serving Encryption Overview](../serving/encryption/encryption-overview.md) | `config-network` | Provides links to procedures for encrypting external domains, the local cluster, and system internal. | -| [Configure cert-manager integration](../serving/encryption/configure-certmanager-integration.md) | NA | Describes how to manage automatic certificate provisioning. | +| [Encryption Overview](../serving/encryption/encryption-overview.md) | `config-network` | Provides links to procedures for encrypting external domains, the local cluster, and system internal. | +| [Cert-manager integration](../serving/encryption/configure-certmanager-integration.md) | NA | Describes how to manage automatic certificate provisioning. | | [High-availability components](../serving/config-ha.md) | NA | Configure ensure that APIs stay operational if a disruption occurs. | -| [Exclude namespaces from the Knative webhook](../serving/webhook-customizations.md) | NA | For performance concerns during an upgrade. | - -You make these configurations using `kubectl`. +| [Namespace exclusion from the Knative webhook](../serving/webhook-customizations.md) | NA | For performance concerns during an upgrade. | -### Eventing configuration summaries +### Eventing | Configuration | ConfigMap | Description | | -- | --- | --- | @@ -101,8 +97,6 @@ You make these configurations using `kubectl`. | [Sugar Controller](../eventing/sugar/README.md) |`config-sugar` | Configure the Sugar controller, which reacts to label configurations to produce or control eventing resources. See also [Knative Eventing Sugar Controller](../eventing/sugar/README.md). | | [KEDA Autoscaling of Knative Kafka Resources](../eventing/configuration/keda-configuration.md) |`config-kafka-features` | Configure how KEDA scales a KafkaSource, trigger, or subscription. Note: This feature is is Alpha pre-release. | -You make these configurations using `kubectl`, some by applying YAML files you create. - ## Resource scoping and namespaces Knative resources are namespaced. Knative adheres to the Kubernetes model of namespace-based isolation that lets you manage development teams and resources by assigning them to namespaces. From bc3125a48db1c17ae0372a13d71026eafdef6a71 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 01:04:59 -0700 Subject: [PATCH 12/24] Update admin-overview.md Organized sections --- docs/versioned/admin/admin-overview.md | 39 +++++++++++++------------- 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 6ad93e8446..af851fe880 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -58,13 +58,29 @@ Of particular interest to cluster administrators is that Knative supports custom See the [Installation roadmap](../install/README.md#installation-roadmap) for prerequisites and installation steps. Your first installation decision is whether to use a YAML-based installation or use the Knative Operator. The Knative Operator is a custom controller that extends the Kubernetes API to install Knative components. If you just need to get acquainted with Knative at this time, you can install the [quickstart](../getting-started/quickstart-install.md). +## Configuring Knative components + +Knative configurations are performed by the following methods: + +- Editing YAML manifests and applying with the `kubectl` tool + + Modify resource definitions directly, including labels, annotations, and field values. You can use Kubernetes features such as [OPA](https://kubernetes.io/blog/2019/08/06/opa-gatekeeper-policy-and-governance-for-kubernetes/) and [Kyverno](https://kyverno.io) to enforce specific values on a resource type, or use ConfigMaps in plugin installations to set values at the cluster level. + +- Using ConfigMaps + + Store and manage configuration data as key-value pairs. ConfigMaps are frequently used to tune platform-wide behavior. Most of the Knative ConfigMaps are in the `knative-serving` and `knative-eventing` namespaces. Their settings apply to all the relevant Knative components in all namespaces. + +- Using the Knative Operator + + Some platform-wide settings can be managed declaratively using the Knative Operator, installed with the `kn` Knative CLI plugin. For more information, see [Installing CLI tools](../client/README.md) + ## Configuration summaries Knative uses Kubernetes YAML manifests to define and configure system components. These manifests include core resources, custom resource definitions (CRDs), and extensibility features. As with Kubernetes, these configuration resources are declarative and can be managed using the `kubectl` CLI tool or with continuous delivery tools. The following sections provide an overview of the current configurations procedures of interest to Administrators. You make these configurations using `kubectl`, some by applying YAML files you create. -### Network +### Network configuration summaries | Configuration | ConfigMap | Description | | -- | --- | --- | @@ -72,7 +88,7 @@ The following sections provide an overview of the current configurations procedu | [Istio authorization](../serving/istio-authorization.md) | NA | Grant authorization to your deployed Knative services. | | [Domain names](../serving/using-a-custom-domain.md) | `config-domain` | Configure and publish domains. | -### Serving +### Serving configuration summaries | Configuration | ConfigMap | Description | | -- | --- | --- | @@ -85,7 +101,7 @@ The following sections provide an overview of the current configurations procedu | [High-availability components](../serving/config-ha.md) | NA | Configure ensure that APIs stay operational if a disruption occurs. | | [Namespace exclusion from the Knative webhook](../serving/webhook-customizations.md) | NA | For performance concerns during an upgrade. | -### Eventing +### Eventing configuration summaries | Configuration | ConfigMap | Description | | -- | --- | --- | @@ -110,23 +126,6 @@ You can optimize and enforce isolation involving namespaces using standard Kuber - [Network Policies](https://kubernetes.io/docs/concepts/services-networking/network-policies/) - [Pod Security Standards](https://kubernetes.io/docs/concepts/security/pod-security-standards/) -## Configuring Knative components - -Knative configurations are performed by the following methods: - -- Editing YAML manifests - - Modify resource definitions directly, including labels, annotations, and field values. You can use Kubernetes features such as [OPA](https://kubernetes.io/blog/2019/08/06/opa-gatekeeper-policy-and-governance-for-kubernetes/) and [Kyverno](https://kyverno.io) to enforce specific values on a resource type, or use ConfigMaps in plugin installations to set values at the cluster level. - -- Using ConfigMaps - - Store and manage configuration data as key-value pairs. ConfigMaps are frequently used to tune platform-wide behavior. Most of the Knative ConfigMaps are in the `knative-serving` and `knative-eventing` namespaces. Their settings apply to all the relevant Knative components in all namespaces. - -- Using the Knative Operator - - Some platform-wide settings can be managed declaratively using the Knative Operator. - - ## Authorizations You can grant developers access to additional resources related to their namespace in other services, such as observability, logs, metrics, tracing, and dashboards. From bc743bf1d311f0f40205605be7ae923a328894fc Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 02:05:55 -0700 Subject: [PATCH 13/24] Update admin-overview.md Formatting test --- docs/versioned/admin/admin-overview.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index af851fe880..f2c65e688c 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -101,6 +101,14 @@ The following sections provide an overview of the current configurations procedu | [High-availability components](../serving/config-ha.md) | NA | Configure ensure that APIs stay operational if a disruption occurs. | | [Namespace exclusion from the Knative webhook](../serving/webhook-customizations.md) | NA | For performance concerns during an upgrade. | +### Compressed view test - Serving + +| Configuration and ConfigMap (if applicable) | +| -- | +| [Deployment resources](../serving/configuration/deployment.md) - `config-deployment`
[Defaults ConfigMap](../serving/configuration/config-defaults.md) - `config-defaults`
[Rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) - `config-network`
[Garbage collection](../serving/revisions/revision-admin-config-options.md) - `config-gc`
[Encryption Overview](../serving/encryption/encryption-overview.md)- `config-network`
[Cert-manager integration](../serving/encryption/configure-certmanager-integration.md)
[High-availability components](../serving/config-ha.md)
[Namespace exclusion from the Knative webhook](../serving/webhook-customizations.md) | + + + ### Eventing configuration summaries | Configuration | ConfigMap | Description | From efa3f032ed3b5e53b2c4ed06735a60dc2fe3e486 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 08:09:47 -0700 Subject: [PATCH 14/24] Update admin-overview.md Removed temporary test --- docs/versioned/admin/admin-overview.md | 8 -------- 1 file changed, 8 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index f2c65e688c..af851fe880 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -101,14 +101,6 @@ The following sections provide an overview of the current configurations procedu | [High-availability components](../serving/config-ha.md) | NA | Configure ensure that APIs stay operational if a disruption occurs. | | [Namespace exclusion from the Knative webhook](../serving/webhook-customizations.md) | NA | For performance concerns during an upgrade. | -### Compressed view test - Serving - -| Configuration and ConfigMap (if applicable) | -| -- | -| [Deployment resources](../serving/configuration/deployment.md) - `config-deployment`
[Defaults ConfigMap](../serving/configuration/config-defaults.md) - `config-defaults`
[Rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) - `config-network`
[Garbage collection](../serving/revisions/revision-admin-config-options.md) - `config-gc`
[Encryption Overview](../serving/encryption/encryption-overview.md)- `config-network`
[Cert-manager integration](../serving/encryption/configure-certmanager-integration.md)
[High-availability components](../serving/config-ha.md)
[Namespace exclusion from the Knative webhook](../serving/webhook-customizations.md) | - - - ### Eventing configuration summaries | Configuration | ConfigMap | Description | From d6e0422ca967dd4d10baa017fa9d200d0151b139 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 10:45:59 -0700 Subject: [PATCH 15/24] Update admin-overview.md Section organization --- docs/versioned/admin/admin-overview.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index af851fe880..7d6dbf726c 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -58,7 +58,7 @@ Of particular interest to cluster administrators is that Knative supports custom See the [Installation roadmap](../install/README.md#installation-roadmap) for prerequisites and installation steps. Your first installation decision is whether to use a YAML-based installation or use the Knative Operator. The Knative Operator is a custom controller that extends the Kubernetes API to install Knative components. If you just need to get acquainted with Knative at this time, you can install the [quickstart](../getting-started/quickstart-install.md). -## Configuring Knative components +## Knative configurations Knative configurations are performed by the following methods: @@ -74,10 +74,10 @@ Knative configurations are performed by the following methods: Some platform-wide settings can be managed declaratively using the Knative Operator, installed with the `kn` Knative CLI plugin. For more information, see [Installing CLI tools](../client/README.md) -## Configuration summaries - Knative uses Kubernetes YAML manifests to define and configure system components. These manifests include core resources, custom resource definitions (CRDs), and extensibility features. As with Kubernetes, these configuration resources are declarative and can be managed using the `kubectl` CLI tool or with continuous delivery tools. +## Configuration summaries + The following sections provide an overview of the current configurations procedures of interest to Administrators. You make these configurations using `kubectl`, some by applying YAML files you create. ### Network configuration summaries From 7404d613b560708d52ce32cdcc560f38d882fc19 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 11:04:48 -0700 Subject: [PATCH 16/24] Update admin-overview.md Title shortening --- docs/versioned/admin/admin-overview.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 7d6dbf726c..057340e375 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -54,11 +54,11 @@ Knative includes a plugin system to integrate with existing infrastructure in th Of particular interest to cluster administrators is that Knative supports customizable _default values_ on the parameters defined in resource YAML files. These configurations reduce the amount of environment configuration tasks developers needs to consider. -## Knative installations +## Installations See the [Installation roadmap](../install/README.md#installation-roadmap) for prerequisites and installation steps. Your first installation decision is whether to use a YAML-based installation or use the Knative Operator. The Knative Operator is a custom controller that extends the Kubernetes API to install Knative components. If you just need to get acquainted with Knative at this time, you can install the [quickstart](../getting-started/quickstart-install.md). -## Knative configurations +## Configurations Knative configurations are performed by the following methods: @@ -80,7 +80,7 @@ Knative uses Kubernetes YAML manifests to define and configure system components The following sections provide an overview of the current configurations procedures of interest to Administrators. You make these configurations using `kubectl`, some by applying YAML files you create. -### Network configuration summaries +### Networking | Configuration | ConfigMap | Description | | -- | --- | --- | @@ -88,7 +88,7 @@ The following sections provide an overview of the current configurations procedu | [Istio authorization](../serving/istio-authorization.md) | NA | Grant authorization to your deployed Knative services. | | [Domain names](../serving/using-a-custom-domain.md) | `config-domain` | Configure and publish domains. | -### Serving configuration summaries +### Serving | Configuration | ConfigMap | Description | | -- | --- | --- | @@ -101,7 +101,7 @@ The following sections provide an overview of the current configurations procedu | [High-availability components](../serving/config-ha.md) | NA | Configure ensure that APIs stay operational if a disruption occurs. | | [Namespace exclusion from the Knative webhook](../serving/webhook-customizations.md) | NA | For performance concerns during an upgrade. | -### Eventing configuration summaries +### Eventing | Configuration | ConfigMap | Description | | -- | --- | --- | From 727fffe48829f1b83ac2481a4b4ce19968398861 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 11:23:33 -0700 Subject: [PATCH 17/24] Update admin-overview.md Alphabetized rows in config summary tables --- docs/versioned/admin/admin-overview.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 057340e375..d9b2871cf3 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -84,9 +84,9 @@ The following sections provide an overview of the current configurations procedu | Configuration | ConfigMap | Description | | -- | --- | --- | +| [Domain names](../serving/using-a-custom-domain.md) | `config-domain` | Configure and publish domains. | | [Ingress gateway](../serving/setting-up-custom-ingress-gateway.md)| `config-istio` | For new clusters, you can configure your own gateway and underlying service. | | [Istio authorization](../serving/istio-authorization.md) | NA | Grant authorization to your deployed Knative services. | -| [Domain names](../serving/using-a-custom-domain.md) | `config-domain` | Configure and publish domains. | ### Serving @@ -94,24 +94,24 @@ The following sections provide an overview of the current configurations procedu | -- | --- | --- | | [Deployment resources](../serving/configuration/deployment.md) | `config-deployment` | Kubernetes deployment resources that back Knative services. | | [Defaults ConfigMap](../serving/configuration/config-defaults.md) | `config-defaults` | Default resource values such as performance, hardware, and storage settings. | -| [Rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) | `config-network` | Adjust rollout durations to accommodate longer request queues. | -| [Garbage collection](../serving/revisions/revision-admin-config-options.md) | `config-gc` | Disable and enable collection and set retention time values. | -| [Encryption Overview](../serving/encryption/encryption-overview.md) | `config-network` | Provides links to procedures for encrypting external domains, the local cluster, and system internal. | -| [Cert-manager integration](../serving/encryption/configure-certmanager-integration.md) | NA | Describes how to manage automatic certificate provisioning. | | [High-availability components](../serving/config-ha.md) | NA | Configure ensure that APIs stay operational if a disruption occurs. | +| [Garbage collection](../serving/revisions/revision-admin-config-options.md) | `config-gc` | Disable and enable collection and set retention time values. | | [Namespace exclusion from the Knative webhook](../serving/webhook-customizations.md) | NA | For performance concerns during an upgrade. | +| [Rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) | `config-network` | Adjust rollout durations to accommodate longer request queues. | +| [Security - Encryption Overview](../serving/encryption/encryption-overview.md) | `config-network` | Provides links to procedures for encrypting external domains, the local cluster, and system internal. | +| [Security - Cert-manager integration](../serving/encryption/configure-certmanager-integration.md) | NA | Describes how to manage automatic certificate provisioning. | ### Eventing | Configuration | ConfigMap | Description | | -- | --- | --- | | [Broker defaults](../eventing/configuration/broker-configuration.md) | `config-br-defaults` | Specify your own broker class and channel, or use the default `MTChannelBasedBroker` Broker class and the ConfigMap of channel defaults. | +| [Broker features - Kafka](../eventing/brokers/broker-types/kafka-broker/configuring-kafka-features.md) | `config-kafka-features` | Configure options for Broker interactions with Apache Kafka clusters. | | [Channel defaults](../eventing/configuration/channel-configuration.md) | `default-ch-webhook` | Default configurations and labels to use for the channel. | -| [Apache Kafka Channel defaults](../eventing/configuration/kafka-channel-configuration.md) | `kafka-channel` | Defines how KafkaChannel instances are created. Requires that KafkaChannel custom resource definitions (CRD) are installed.| -| [Kafka Broker features](../eventing/brokers/broker-types/kafka-broker/configuring-kafka-features.md) | `config-kafka-features` | Configure options for Broker interactions with Apache Kafka clusters. | +| [Channel defaults - Kafka](../eventing/configuration/kafka-channel-configuration.md) | `kafka-channel` | Defines how KafkaChannel instances are created. Requires that KafkaChannel custom resource definitions (CRD) are installed.| | [Event source defaults](../eventing/configuration/sources-configuration.md) |`config-ping-defaults` | Configure the PingSource default resources and the maximum data size for CloudEvents it produces. | +| [KEDA Autoscaling of Kafka Resources](../eventing/configuration/keda-configuration.md) |`config-kafka-features` | Configure how KEDA scales a KafkaSource, trigger, or subscription. Note: This feature is is Alpha pre-release. | | [Sugar Controller](../eventing/sugar/README.md) |`config-sugar` | Configure the Sugar controller, which reacts to label configurations to produce or control eventing resources. See also [Knative Eventing Sugar Controller](../eventing/sugar/README.md). | -| [KEDA Autoscaling of Knative Kafka Resources](../eventing/configuration/keda-configuration.md) |`config-kafka-features` | Configure how KEDA scales a KafkaSource, trigger, or subscription. Note: This feature is is Alpha pre-release. | ## Resource scoping and namespaces From b8a0223c539031c089a1bc7791d46a66bd58b695 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 11:36:19 -0700 Subject: [PATCH 18/24] Update admin-overview.md Link text edits in tables first columns --- docs/versioned/admin/admin-overview.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index d9b2871cf3..35361b878b 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -92,23 +92,23 @@ The following sections provide an overview of the current configurations procedu | Configuration | ConfigMap | Description | | -- | --- | --- | +| [Default configurations](../serving/configuration/config-defaults.md) | `config-defaults` | Default resource values such as performance, hardware, and storage settings. | | [Deployment resources](../serving/configuration/deployment.md) | `config-deployment` | Kubernetes deployment resources that back Knative services. | -| [Defaults ConfigMap](../serving/configuration/config-defaults.md) | `config-defaults` | Default resource values such as performance, hardware, and storage settings. | -| [High-availability components](../serving/config-ha.md) | NA | Configure ensure that APIs stay operational if a disruption occurs. | +| [High-availability](../serving/config-ha.md) | NA | Configure ensure that APIs stay operational if a disruption occurs. | | [Garbage collection](../serving/revisions/revision-admin-config-options.md) | `config-gc` | Disable and enable collection and set retention time values. | -| [Namespace exclusion from the Knative webhook](../serving/webhook-customizations.md) | NA | For performance concerns during an upgrade. | +| [Namespace exclusion from webhook](../serving/webhook-customizations.md) | NA | For performance concerns during an upgrade. | | [Rollout duration for revisions](../serving/configuration/rolling-out-latest-revision-configmap.md) | `config-network` | Adjust rollout durations to accommodate longer request queues. | -| [Security - Encryption Overview](../serving/encryption/encryption-overview.md) | `config-network` | Provides links to procedures for encrypting external domains, the local cluster, and system internal. | -| [Security - Cert-manager integration](../serving/encryption/configure-certmanager-integration.md) | NA | Describes how to manage automatic certificate provisioning. | +| [Security - Certificates](../serving/encryption/configure-certmanager-integration.md) | NA | Describes how to manage automatic certificate provisioning. | +| [Security - Encryptions](../serving/encryption/encryption-overview.md) | `config-network` | Provides links to procedures for encrypting external domains, the local cluster, and system internal. | ### Eventing | Configuration | ConfigMap | Description | | -- | --- | --- | | [Broker defaults](../eventing/configuration/broker-configuration.md) | `config-br-defaults` | Specify your own broker class and channel, or use the default `MTChannelBasedBroker` Broker class and the ConfigMap of channel defaults. | -| [Broker features - Kafka](../eventing/brokers/broker-types/kafka-broker/configuring-kafka-features.md) | `config-kafka-features` | Configure options for Broker interactions with Apache Kafka clusters. | +| [Broker features (Kafka)](../eventing/brokers/broker-types/kafka-broker/configuring-kafka-features.md) | `config-kafka-features` | Configure options for Broker interactions with Apache Kafka clusters. | | [Channel defaults](../eventing/configuration/channel-configuration.md) | `default-ch-webhook` | Default configurations and labels to use for the channel. | -| [Channel defaults - Kafka](../eventing/configuration/kafka-channel-configuration.md) | `kafka-channel` | Defines how KafkaChannel instances are created. Requires that KafkaChannel custom resource definitions (CRD) are installed.| +| [Channel defaults (Kafka)](../eventing/configuration/kafka-channel-configuration.md) | `kafka-channel` | Defines how KafkaChannel instances are created. Requires that KafkaChannel custom resource definitions (CRD) are installed.| | [Event source defaults](../eventing/configuration/sources-configuration.md) |`config-ping-defaults` | Configure the PingSource default resources and the maximum data size for CloudEvents it produces. | | [KEDA Autoscaling of Kafka Resources](../eventing/configuration/keda-configuration.md) |`config-kafka-features` | Configure how KEDA scales a KafkaSource, trigger, or subscription. Note: This feature is is Alpha pre-release. | | [Sugar Controller](../eventing/sugar/README.md) |`config-sugar` | Configure the Sugar controller, which reacts to label configurations to produce or control eventing resources. See also [Knative Eventing Sugar Controller](../eventing/sugar/README.md). | From 27b23a52e062b99e4a3b03fa946069bad3cf1fc9 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Fri, 31 Oct 2025 11:42:24 -0700 Subject: [PATCH 19/24] Update admin-overview.md Minor edit to rebuild --- docs/versioned/admin/admin-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 35361b878b..25fa947d2a 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -78,7 +78,7 @@ Knative uses Kubernetes YAML manifests to define and configure system components ## Configuration summaries -The following sections provide an overview of the current configurations procedures of interest to Administrators. You make these configurations using `kubectl`, some by applying YAML files you create. +The following sections provide an overview of the current configurations procedures of interest to Administrators. You make these configurations using `kubectl`, with some procedures applying YAML files. ### Networking From cf9d358f66e6295efa008e822bba442fe8ca2768 Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Sat, 1 Nov 2025 21:30:20 -0700 Subject: [PATCH 20/24] Update admin-overview.md Reviewer updates and mermaid edits --- docs/versioned/admin/admin-overview.md | 77 +++++++++++++------------- 1 file changed, 38 insertions(+), 39 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 25fa947d2a..e44fb12e4d 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -13,39 +13,35 @@ This page provides guidance for administrators on how to manage Knative on an ex --- config: theme: redux + layout: elk --- -flowchart TD - Dev(["Application Developers"]) - dev-acts@{ shape: text, label: "Manages k8s objects defined by" } - subgraph Knative - Serving - Eventing - end - subgraph Plugins +flowchart LR + subgraph Knative["Knative"] + direction LR + Serving["Serving"] + Eventing["Eventing"] + end + subgraph Plugins["Plugins"] + direction LR net-istio["Istio"] net-contour["Contour"] net-gateway-api["Gateway API"] event-kafka["Kafka"] event-rabbitmq["RabbitMQ"] event-nats["NATS"] - end - event-impl@{ shape: text, label: "implements" } - net-impl@{ shape: text, label: "implements" } - admin-acts@{ shape: text, label: "Installs and configures" } - Admin(["Cluster Administrators"]) - - Dev --- dev-acts + end + Dev(["Application Developers"]) --> dev-acts["Manages k8s objects defined by"] dev-acts --> Serving & Eventing - - admin-acts --- Admin - Plugins & Knative --- admin-acts - %% The ~~~ ... --> syntax is used to force backwards arrows; - %% See https://github.com/mermaid-js/mermaid/issues/2629 for details. - Serving ~~~ net-impl --> Serving - Eventing ~~~ event-impl --> Eventing - - net-impl --- net-istio & net-contour & net-gateway-api - event-impl --- event-kafka & event-rabbitmq & event-nats + Admin(["Cluster Administrators"]) --> admin-acts["Installs and configures"] + admin-acts --> Knative & Plugins + Serving --> net-impl["implements"] + net-impl --> net-istio & net-contour & net-gateway-api + Eventing --> event-impl["implements"] + event-impl --> event-kafka & event-rabbitmq & event-nats + dev-acts@{ shape: text} + admin-acts@{ shape: text} + net-impl@{ shape: text} + event-impl@{ shape: text} ``` As a cluster administrator, your responsibilities include managing the Kubernetes environment, installing cluster-wide components, and enabling developers to deploy applications on the cluster. Knative aims to simplify developer tasks, while aligning with existing management tools and processes. @@ -54,10 +50,19 @@ Knative includes a plugin system to integrate with existing infrastructure in th Of particular interest to cluster administrators is that Knative supports customizable _default values_ on the parameters defined in resource YAML files. These configurations reduce the amount of environment configuration tasks developers needs to consider. -## Installations +## Installation decisions See the [Installation roadmap](../install/README.md#installation-roadmap) for prerequisites and installation steps. Your first installation decision is whether to use a YAML-based installation or use the Knative Operator. The Knative Operator is a custom controller that extends the Kubernetes API to install Knative components. If you just need to get acquainted with Knative at this time, you can install the [quickstart](../getting-started/quickstart-install.md). +Knative installations are not permanent and you can install clusters differently depending on the situation. Although switching services and applications in real time may be possible, a best practice is to start with a new cluster. + +### Upgrades + +Administrators are generally responsible for performing upgrades to cluster infrastructure, apps, and services. Knative is designed and tested for continuous operation during upgrades and rollbacks, allowing you to: + +- Upgrade or revert the Knative components while it is serving traffic, rather than needing a maintenance window. +- Downgrade by one Knative version. Downgrades work provided that no applications have used new features since the last upgrade. + ## Configurations Knative configurations are performed by the following methods: @@ -72,7 +77,10 @@ Knative configurations are performed by the following methods: - Using the Knative Operator - Some platform-wide settings can be managed declaratively using the Knative Operator, installed with the `kn` Knative CLI plugin. For more information, see [Installing CLI tools](../client/README.md) + Some platform-wide settings can be managed declaratively using the Knative Operator, installed with the `kn` Knative CLI plugin. You can manage the operator without using the `kn` CLI. The `kn` CLI manages only operator installations. + + +For more information, see [Installing CLI tools](../client/README.md) Knative uses Kubernetes YAML manifests to define and configure system components. These manifests include core resources, custom resource definitions (CRDs), and extensibility features. As with Kubernetes, these configuration resources are declarative and can be managed using the `kubectl` CLI tool or with continuous delivery tools. @@ -113,7 +121,9 @@ The following sections provide an overview of the current configurations procedu | [KEDA Autoscaling of Kafka Resources](../eventing/configuration/keda-configuration.md) |`config-kafka-features` | Configure how KEDA scales a KafkaSource, trigger, or subscription. Note: This feature is is Alpha pre-release. | | [Sugar Controller](../eventing/sugar/README.md) |`config-sugar` | Configure the Sugar controller, which reacts to label configurations to produce or control eventing resources. See also [Knative Eventing Sugar Controller](../eventing/sugar/README.md). | -## Resource scoping and namespaces +## Securing Knative + +You can grant developers access to additional resources related to their namespace in other services, such as observability, logs, metrics, tracing, and dashboards. Knative resources are namespaced. Knative adheres to the Kubernetes model of namespace-based isolation that lets you manage development teams and resources by assigning them to namespaces. @@ -125,14 +135,3 @@ You can optimize and enforce isolation involving namespaces using standard Kuber - [Resource Quotas](https://kubernetes.io/docs/concepts/policy/resource-quotas/) - [Network Policies](https://kubernetes.io/docs/concepts/services-networking/network-policies/) - [Pod Security Standards](https://kubernetes.io/docs/concepts/security/pod-security-standards/) - -## Authorizations - -You can grant developers access to additional resources related to their namespace in other services, such as observability, logs, metrics, tracing, and dashboards. - -## Upgrades - -Administrators are generally responsible for performing upgrades cluster infrastructure and apps and services. Knative is designed and tested for continuous operation during upgrades and rollbacks, allowing you to: - -- Upgrade or revert the Knative components while it is serving traffic, rather than needing a maintenance window. -- Downgrade one Knative version. Downgrades work provided that no applications have used new features since the last upgrade. From 72e642b26ec1e9371744bea72414e0aa41c4a77a Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Sat, 1 Nov 2025 22:49:09 -0700 Subject: [PATCH 21/24] Update admin-overview.md Diagram test --- docs/versioned/admin/admin-overview.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index e44fb12e4d..a018cd25dc 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -14,6 +14,7 @@ This page provides guidance for administrators on how to manage Knative on an ex config: theme: redux layout: elk + look: classic --- flowchart LR subgraph Knative["Knative"] @@ -30,7 +31,7 @@ flowchart LR event-rabbitmq["RabbitMQ"] event-nats["NATS"] end - Dev(["Application Developers"]) --> dev-acts["Manages k8s objects defined by"] + Dev(["Cluster Developers"]) --> dev-acts["Manages k8s objects defined by"] dev-acts --> Serving & Eventing Admin(["Cluster Administrators"]) --> admin-acts["Installs and configures"] admin-acts --> Knative & Plugins @@ -42,6 +43,12 @@ flowchart LR admin-acts@{ shape: text} net-impl@{ shape: text} event-impl@{ shape: text} + style Serving fill:#757575,color:#FFFFFF + style net-istio fill:#757575,color:#FFFFFF + style net-contour fill:#757575,color:#FFFFFF + style net-gateway-api fill:#757575,color:#FFFFFF + style Dev fill:#FF6D00,color:#FFFFFF + style Admin fill:#2962FF,color:#FFFFFF ``` As a cluster administrator, your responsibilities include managing the Kubernetes environment, installing cluster-wide components, and enabling developers to deploy applications on the cluster. Knative aims to simplify developer tasks, while aligning with existing management tools and processes. From 4d925f375512f33bf897f51754c0ab8f40c4ba1e Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Sat, 1 Nov 2025 23:17:16 -0700 Subject: [PATCH 22/24] Update admin-overview.md Graphic testing --- docs/versioned/admin/admin-overview.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index a018cd25dc..b8595f7cdd 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -12,7 +12,7 @@ This page provides guidance for administrators on how to manage Knative on an ex ```mermaid --- config: - theme: redux + theme: mc layout: elk look: classic --- @@ -31,24 +31,27 @@ flowchart LR event-rabbitmq["RabbitMQ"] event-nats["NATS"] end - Dev(["Cluster Developers"]) --> dev-acts["Manages k8s objects defined by"] + Dev(["Developers"]) --> dev-acts["Manages k8s objects defined by"] dev-acts --> Serving & Eventing - Admin(["Cluster Administrators"]) --> admin-acts["Installs and configures"] + Admin(["Administrators"]) --> admin-acts["Installs and configures"] admin-acts --> Knative & Plugins Serving --> net-impl["implements"] net-impl --> net-istio & net-contour & net-gateway-api Eventing --> event-impl["implements"] event-impl --> event-kafka & event-rabbitmq & event-nats + n1["Text Block"] dev-acts@{ shape: text} admin-acts@{ shape: text} net-impl@{ shape: text} event-impl@{ shape: text} + n1@{ shape: text} style Serving fill:#757575,color:#FFFFFF style net-istio fill:#757575,color:#FFFFFF style net-contour fill:#757575,color:#FFFFFF style net-gateway-api fill:#757575,color:#FFFFFF style Dev fill:#FF6D00,color:#FFFFFF style Admin fill:#2962FF,color:#FFFFFF + ``` As a cluster administrator, your responsibilities include managing the Kubernetes environment, installing cluster-wide components, and enabling developers to deploy applications on the cluster. Knative aims to simplify developer tasks, while aligning with existing management tools and processes. From faf66504230c10d2646b4bed0ab17e44fc355f9b Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Sun, 2 Nov 2025 10:46:38 -0800 Subject: [PATCH 23/24] Update admin-overview.md mermaid testing --- docs/versioned/admin/admin-overview.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index b8595f7cdd..3f3751d708 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -31,7 +31,7 @@ flowchart LR event-rabbitmq["RabbitMQ"] event-nats["NATS"] end - Dev(["Developers"]) --> dev-acts["Manages k8s objects defined by"] + Dev(["Developers"]) --> dev-acts["Manages defined Kubernetes objects"] dev-acts --> Serving & Eventing Admin(["Administrators"]) --> admin-acts["Installs and configures"] admin-acts --> Knative & Plugins @@ -39,12 +39,10 @@ flowchart LR net-impl --> net-istio & net-contour & net-gateway-api Eventing --> event-impl["implements"] event-impl --> event-kafka & event-rabbitmq & event-nats - n1["Text Block"] dev-acts@{ shape: text} admin-acts@{ shape: text} net-impl@{ shape: text} event-impl@{ shape: text} - n1@{ shape: text} style Serving fill:#757575,color:#FFFFFF style net-istio fill:#757575,color:#FFFFFF style net-contour fill:#757575,color:#FFFFFF @@ -52,6 +50,7 @@ flowchart LR style Dev fill:#FF6D00,color:#FFFFFF style Admin fill:#2962FF,color:#FFFFFF + ``` As a cluster administrator, your responsibilities include managing the Kubernetes environment, installing cluster-wide components, and enabling developers to deploy applications on the cluster. Knative aims to simplify developer tasks, while aligning with existing management tools and processes. From 89dbafcbe07e54d09774d4eab7b82aef232e57be Mon Sep 17 00:00:00 2001 From: Bruce Hamilton Date: Sun, 2 Nov 2025 11:11:23 -0800 Subject: [PATCH 24/24] Update admin-overview.md mermaid with HTML test --- docs/versioned/admin/admin-overview.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/versioned/admin/admin-overview.md b/docs/versioned/admin/admin-overview.md index 3f3751d708..29f8e546f6 100644 --- a/docs/versioned/admin/admin-overview.md +++ b/docs/versioned/admin/admin-overview.md @@ -9,6 +9,11 @@ function: explanation This page provides guidance for administrators on how to manage Knative on an existing Kubernetes cluster. + + ```mermaid --- config: