diff --git a/modules/coo-troubleshooting-ui-plugin-using.adoc b/modules/coo-troubleshooting-ui-plugin-using.adoc index cb6f5940e85b..1930c19e41d8 100644 --- a/modules/coo-troubleshooting-ui-plugin-using.adoc +++ b/modules/coo-troubleshooting-ui-plugin-using.adoc @@ -30,7 +30,7 @@ Other signal types require optional components to be installed: image::coo-troubleshooting-panel-link.png[Troubleshooting Panel link] + Click on the **Troubleshooting Panel** link to display the panel. -. The panel consists of query details and a topology graph of the query results. The selected alert is converted into a Korrel8r query string and sent to the `korrel8r` service. +. The panel consists of query details and a topology graph of the query results. The selected alert is converted into a Korrel8r query string and sent to the `korrel8r` service. The results are displayed as a graph network connecting the returned signals and resources. This is a _neighbourhood_ graph, starting at the current resource and including related objects up to 3 steps away from the starting point. Clicking on nodes in the graph takes you to the corresponding web console pages for those resouces. . You can use the troubleshooting panel to find resources relating to the chosen alert. @@ -62,11 +62,11 @@ image::coo-troubleshooting-experimental.png[Experimental features] [arabic] ... **Hide Query** hides the experimental features. -... The query that identifies the starting point for the graph. -The query language, part of the link:https://korrel8r.github.io/korrel8r[Korrel8r] correlation engine used to create the graphs, is experimental and may change in future. -The query is updated by the **Focus** button to correspond to the resources in the main web console window. +... The query that identifies the starting point for the graph. +The query language, part of the link:https://korrel8r.github.io/korrel8r[Korrel8r] correlation engine used to create the graphs, is experimental and may change in future. +The query is updated by the **Focus** button to correspond to the resources in the main web console window. -... **Neighbourhood depth** is used to display a smaller or larger neighbourhood. +... **Neighbourhood depth** is used to display a smaller or larger neighbourhood. + [NOTE] ==== @@ -80,4 +80,4 @@ Setting a large value in a large cluster might cause the query to fail, if the n **** `netflow:network` representing any network observability network event. -**** `log:__LOG_TYPE__` representing stored logs, where `__LOG_TYPE__` must be one of `application`, `infrastructure` or `audit`. \ No newline at end of file +**** `log:__LOG_TYPE__` representing stored logs, where `__LOG_TYPE__` must be one of `application`, `infrastructure` or `audit`. diff --git a/modules/dr-restoring-cluster-state.adoc b/modules/dr-restoring-cluster-state.adoc index 8dcbef5e2486..48b25b38dd76 100644 --- a/modules/dr-restoring-cluster-state.adoc +++ b/modules/dr-restoring-cluster-state.adoc @@ -5,12 +5,12 @@ // Contributors: The documentation for this section changed drastically for 4.18+. -// Contributors: Some changes for the `etcd` restore procedure are only valid for 4.14+. -// In the 4.14+ documentation, OVN-K requires different steps because there is no centralized OVN -// control plane to be converted. For more information, see PR #64939. +// Contributors: Some changes for the `etcd` restore procedure are only valid for 4.14+. +// In the 4.14+ documentation, OVN-K requires different steps because there is no centralized OVN +// control plane to be converted. For more information, see PR #64939. // Do not cherry pick from "main" to "enterprise-4.12" or "enterprise-4.13" because the cherry pick -// procedure is different for these versions. Instead, open a separate PR for 4.13 and -// cherry pick to 4.12 or make the updates directly in 4.12. +// procedure is different for these versions. Instead, open a separate PR for 4.13 and +// cherry pick to 4.12 or make the updates directly in 4.12. :_mod-docs-content-type: PROCEDURE [id="dr-scenario-2-restoring-cluster-state_{context}"] @@ -76,7 +76,7 @@ $ sudo -E /usr/local/bin/cluster-restore.sh /home/core/ . Exit the SSH session. -. Once the API responds, turn off the etcd Operator quorum guard by runnning the following command: +. Once the API responds, turn off the etcd Operator quorum guard by running the following command: + [source,terminal] ---- diff --git a/modules/network-observability-filtering-ebpf-rule.adoc b/modules/network-observability-filtering-ebpf-rule.adoc index 8e4cbf8c8bb4..0325f721e027 100644 --- a/modules/network-observability-filtering-ebpf-rule.adoc +++ b/modules/network-observability-filtering-ebpf-rule.adoc @@ -52,7 +52,7 @@ spec: ---- <1> To enable eBPF flow filtering, set `spec.agent.ebpf.flowFilter.enable` to `true`. <2> To define the action for the flow filter rule, set the required `action` parameter. Valid values are `Accept` or `Reject`. -<3> To define the IP address and CIDR mask for the flow filter rule, set the required `cidr` parameter. This parameter supports both IPv4 and IPv6 address formats. To match any IP address, use `0.0.0.0/0` for IPv4 or ``::/0` for IPv6. +<3> To define the IP address and CIDR mask for the flow filter rule, set the required `cidr` parameter. This parameter supports both IPv4 and IPv6 address formats. To match any IP address, use `0.0.0.0/0` for IPv4 or `::/0` for IPv6. <4> To define the sampling rate for matched flows and override the global sampling setting `spec.agent.ebpf.sampling`, set the `sampling` parameter. <5> To filter flows by Peer IP CIDR, set the `peerCIDR` parameter. @@ -86,4 +86,4 @@ spec: <2> To report packet drops for each network flow, add the `PacketDrop` value to the `spec.agent.ebpf.features` list. <3> To enable eBPF flow filtering, set `spec.agent.ebpf.flowFilter.enable` to `true`. <4> To define the action for the flow filter rule, set the required `action` parameter. Valid values are `Accept` or `Reject`. -<5> To filter flows containing drops, set `pktDrops` to `true`. \ No newline at end of file +<5> To filter flows containing drops, set `pktDrops` to `true`. diff --git a/modules/persistent-storage-csi-azure-file-static-provisioning-procedure.adoc b/modules/persistent-storage-csi-azure-file-static-provisioning-procedure.adoc index 524bd607629a..49212bf851f1 100644 --- a/modules/persistent-storage-csi-azure-file-static-provisioning-procedure.adoc +++ b/modules/persistent-storage-csi-azure-file-static-provisioning-procedure.adoc @@ -54,28 +54,28 @@ spec: - uid=0 - gid=0 - cache=strict <6> - - nosharesock <7> - - actimeo=30 <8> + - nosharesock <7> + - actimeo=30 <8> - nobrl <9> csi: driver: file.csi.azure.com volumeHandle: "{resource-group-name}#{account-name}#{file-share-name}" <10> volumeAttributes: - shareName: EXISTING_FILE_SHARE_NAME <11> + shareName: EXISTING_FILE_SHARE_NAME <11> nodeStageSecretRef: name: azure-secret <12> namespace: <13> ---- <1> Volume size. -<2> Access mode. Defines the read-write and mount permissions. For more information, under _Additional Resources_, see _Access modes_. +<2> Access mode. Defines the read-write and mount permissions. For more information, under _Additional resources_, see _Access modes_. <3> Reclaim policy. Tells the cluster what to do with the volume after it is released. Accepted values are `Retain`, `Recycle`, or `Delete`. <4> Storage class name. This name is used by the PVC to bind to this specific PV. For static provisioning, a `StorageClass` object does not need to exist, but the name in the PV and PVC must match. <5> Modify this permission if you want to enhance the security. <6> Cache mode. Accepted values are `none`, `strict`, and `loose`. The default is `strict`. <7> Use to reduce the probability of a reconnect race. -<8> The time (in seconds) that the CIFS client caches attributes of a file or directory before it requests attribute information from a server. +<8> The time (in seconds) that the CIFS client caches attributes of a file or directory before it requests attribute information from a server. <9> Disables sending byte range lock requests to the server, and for applications which have challenges with POSIX locks. -<10> Ensure that `volumeHandle` is unique across the cluster. The `resource-group-name` is the Azure resource group where the storage account resides. +<10> Ensure that `volumeHandle` is unique across the cluster. The `resource-group-name` is the Azure resource group where the storage account resides. <11> File share name. Use only the file share name; do not use full path. <12> Provide the name of the secret created in step 1 of this procedure. In this example, it is _azure-secret_. <13> The namespace that the secret was created in. This must be the namespace where the PV is consumed. @@ -103,7 +103,7 @@ spec: <2> Namespace for the PVC. <3> The name of the PV that you created in the previous step. <4> Storage class name. This name is used by the PVC to bind to this specific PV. For static provisioning, a `StorageClass` object does not need to exist, but the name in the PV and PVC must match. -<5> Access mode. Defines the requested read-write access for the PVC. Claims use the same conventions as volumes when requesting storage with specific access modes. For more information, under _Additional Resources_, see _Access modes_. +<5> Access mode. Defines the requested read-write access for the PVC. Claims use the same conventions as volumes when requesting storage with specific access modes. For more information, under _Additional resources_, see _Access modes_. <6> PVC size. . Ensure that the PVC is created and in `Bound` status after a while by running the following command: diff --git a/modules/persistent-storage-csi-drivers-supported.adoc b/modules/persistent-storage-csi-drivers-supported.adoc index a50b84f2bfb0..9c7108f72a6c 100644 --- a/modules/persistent-storage-csi-drivers-supported.adoc +++ b/modules/persistent-storage-csi-drivers-supported.adoc @@ -30,43 +30,43 @@ ifndef::openshift-rosa,openshift-rosa-hcp[] If your CSI driver is not listed in the following table, you must follow the installation instructions provided by your CSI storage vendor to use their supported CSI features. ==== -For a list of third-party-certified CSI drivers, see the _Red Hat ecosystem portal_ under _Additional Resources_. +For a list of third-party-certified CSI drivers, see the _Red Hat ecosystem portal_ under _Additional resources_. endif::openshift-rosa,openshift-rosa-hcp[] ifdef::openshift-rosa,,openshift-rosa-hcp,openshift-aro[] -In addition to the drivers listed in the following table, ROSA functions with CSI drivers from third-party storage vendors. Red Hat does not oversee third-party provisioners or the connected CSI drivers and the vendors fully control source code, deployment, operation, and Kubernetes compatibility. These volume provisioners are considered customer-managed and the respective vendors are responsible for providing support. See the link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-policy-responsibility-matrix.html#rosa-policy-responsibilities_rosa-policy-responsibility-matrix[Shared responsibilities for {product-title}] matrix for more information. +In addition to the drivers listed in the following table, ROSA functions with CSI drivers from third-party storage vendors. Red Hat does not oversee third-party provisioners or the connected CSI drivers and the vendors fully control source code, deployment, operation, and Kubernetes compatibility. These volume provisioners are considered customer-managed and the respective vendors are responsible for providing support. See the link:https://docs.openshift.com/rosa/rosa_architecture/rosa_policy_service_definition/rosa-policy-responsibility-matrix.html#rosa-policy-responsibilities_rosa-policy-responsibility-matrix[Shared responsibilities for {product-title}] matrix for more information. endif::openshift-rosa,,openshift-rosa-hcp,openshift-aro[] .Supported CSI drivers and features in {product-title} [cols=",^v,^v,^v,^v,^v,^v width="100%",options="header"] |=== |CSI driver |CSI volume snapshots |CSI volume group snapshots ^[1]^ |CSI cloning |CSI resize |Inline ephemeral volumes -|AWS EBS | ✅ | | | ✅| -|AWS EFS | | | | | +|AWS EBS | ✅ | | | ✅| +|AWS EFS | | | | | ifndef::openshift-rosa,openshift-rosa-hcp[] |Google Compute Platform (GCP) persistent disk (PD)| ✅| |✅^[2]^ | ✅| -|GCP Filestore | ✅ | | | ✅| +|GCP Filestore | ✅ | | | ✅| endif::openshift-rosa,openshift-rosa-hcp[] ifndef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] -|{ibm-power-server-name} Block | | | | ✅ | -|{ibm-cloud-name} Block | ✅^[3]^ | | | ✅^[3]^| +|{ibm-power-server-name} Block | | | | ✅ | +|{ibm-cloud-name} Block | ✅^[3]^ | | | ✅^[3]^| endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] -|LVM Storage | ✅ | | ✅ | ✅ | +|LVM Storage | ✅ | | ✅ | ✅ | ifndef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] -|Microsoft Azure Disk | ✅ | | ✅ | ✅| -|Microsoft Azure Stack Hub | ✅ | | ✅ | ✅| +|Microsoft Azure Disk | ✅ | | ✅ | ✅| +|Microsoft Azure Stack Hub | ✅ | | ✅ | ✅| |Microsoft Azure File | ✅^[4]^ | | ✅^[4]^ | ✅| ✅ -|OpenStack Cinder | ✅ | | ✅ | ✅| -|OpenShift Data Foundation | ✅ | ✅ | ✅ | ✅| -|OpenStack Manila | ✅ | | | ✅ | +|OpenStack Cinder | ✅ | | ✅ | ✅| +|OpenShift Data Foundation | ✅ | ✅ | ✅ | ✅| +|OpenStack Manila | ✅ | | | ✅ | |Shared Resource | | | | | ✅ -|CIFS/SMB | | | ✅ | | -|VMware vSphere | ✅^[5]^ | | | ✅^[6]^| +|CIFS/SMB | | | ✅ | | +|VMware vSphere | ✅^[5]^ | | | ✅^[6]^| endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] |=== ifndef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] -- -1. +1. :FeatureName: CSI volume group snapshots include::snippets/technology-preview.adoc[leveloffset=+1] @@ -88,7 +88,7 @@ include::snippets/technology-preview.adoc[leveloffset=+1] :FeatureName: Azure File CSI cloning and snapshot include::snippets/technology-preview.adoc[leveloffset=+1] -5. +5. * Requires vSphere version 7.0 Update 3 or later for both vCenter Server and ESXi. @@ -98,4 +98,4 @@ include::snippets/technology-preview.adoc[leveloffset=+1] * Online expansion is supported from vSphere version 7.0 Update 2 and later. -- -endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] \ No newline at end of file +endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] diff --git a/networking/network_security/network-policy-apis.adoc b/networking/network_security/network-policy-apis.adoc index a04fd574dc1e..95b193fbe3cc 100644 --- a/networking/network_security/network-policy-apis.adoc +++ b/networking/network_security/network-policy-apis.adoc @@ -18,4 +18,4 @@ image::615_OpenShift_OVN-K_ACLs_0324.png[OVK-Kubernetes Access Control List (ACL ANPs are evaluated first. When the match is an ANP `allow` or `deny` rule, any existing `NetworkPolicy` and `BaselineAdminNetworkPolicy` (BANP) objects in the cluster are skipped from evaluation. When the match is an ANP `pass` rule, then evaluation moves from tier 1 of the ACL to tier 2 where the `NetworkPolicy` policy is evaluated. If no `NetworkPolicy` matches the traffic then evaluation moves from tier 2 ACLs to tier 3 ACLs where BANP is evaluated. -include::modules/nw-anp-np-reference.adoc[leveloffset=+1] \ No newline at end of file +include::modules/nw-anp-np-reference.adoc[leveloffset=+1] diff --git a/security/zero_trust_workload_identity_manager/zero-trust-manager-release-notes.adoc b/security/zero_trust_workload_identity_manager/zero-trust-manager-release-notes.adoc index e682872faad3..f620640e82f3 100644 --- a/security/zero_trust_workload_identity_manager/zero-trust-manager-release-notes.adoc +++ b/security/zero_trust_workload_identity_manager/zero-trust-manager-release-notes.adoc @@ -41,4 +41,4 @@ This initial release of {zero-trust-full} is a Technology Preview. This version * This version operates using a fixed configuration. User-defined configurations are not allowed. -* The log level of operands are not configurable. The default value is `DEBUG``. \ No newline at end of file +* The log level of operands are not configurable. The default value is `DEBUG`.