Migrates UCP 1.1 docs with history #419
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We might want to take the time to make this work via compose, but that will require some custom bootstrap scripts, so for now, lets just use manual cut-and-paste for anyone who needs a "real" cert setup in dev mode.
Still iterating, but fleshed out enough for review comments.
We'll use two isolated root certificates to allow access control between orca and swarm.
Bring it more-or-less back in sync with the current bootstrapper code.
This likely still needs some tuning/tweaking, but may be helpful as we start to do more scale/performance testing of the system.
It turns out that our support dump logic is *really* fast and compact. Even on a large node (hundreds of containers and thousands of images) it runs in ~10 seconds and weighs in at a few hundred K. Since we're running all the dumps in parallel, there's really no need for the added complexity of saving them to a DB. This change revamps and simplifies the support dump API. Now you simply POST to the API endpoint, and it will stream the full zip file containing all the nodes payloads within. If a node is unreachable, times out, or has some other catastrophic problem, the contents for that node will be an error message instead of the normal tar.gz bundle. I've tested this with a swarm of multiple nodes, confirmed the dumps match up to the hosts, and the system handles offline nodes, reporting an error message within the bundle. (it does take a long time in the failure cases due to a bug in swarm that's slated to be fixed in 1.9, but curl doesn't give up so this still works fine.)
This adds an env flag to toggle behavior on copying vs pulling standard images, as well as fixing paths for volume based deployments.
Updating with comments. Adding in the graphics Tweaking image links Signed-off-by: Mary Anthony <[email protected]>
Signed-off-by: Mary Anthony <[email protected]>
Signed-off-by: Mary Anthony <[email protected]>
This is still theoretical as the required PRs have not yet merged, but this is how it *should* work once everything gets merged in.
Signed-off-by: Mary Anthony <[email protected]>
We may have scenarios where we need to show users how to mitigate problems by accessing the KV store directly. This short doc shows how they can do it with admin bundles.
This change re-wires the way we have CFSSL hooked up so that it requires mutual TLS to access the service. Instead of using command line arguments, and thus relying on environment variables from linking, this change also switches to registering the CAs via KV store entries. The current CFSSL implementation does not support mutual TLS natively, so I've leveraged socat and a proxy container (much like we do for docker) in the interest of expediency. (so under the covers it's still a link between cfss and the proxy.) Once upstream supports mutual TLS (or if we decide to fork/patch it) we can drop the proxy and eliminate all the links.
This makes the necessary changes in the Orca server to enable HA deployments.
This revamps the product and image names. After merging this change, the bootstrapper image will be known as "dockerorca/ucp" since it is the primary image customers interact with. The controller will be known as "dockerorca/ucp-controller" and the corresponding container names are "ucp" and "ucp-controller". Once we get closer to GA, we'll move the images under the "docker" org, so the product name will flow nicely from that "docker/ucp" for the bootstrapping tool, and "docker/ucp-controller" for the server image.
This wires Orca up to support remote syslog endpoints. The configuration is driven through the KV store, and requires manually running curl commands (we can add UI/API for this later.) This also lays the foundation for a general watching facility for configuration. In a subsequent change I'll update this to address other global configuration for the daemon.
This exposes a generalized configuration API base on dividing the configuration space up into subsystems. Within a given subsystem, the configuration is read/written in one json blob. This also does some slight tweaks to the logging subsystem based on this new API structure.
This refines our logging and auditing a bit to make things easier to search for within kibana (or similar external systems) See ./docs/logging.md for more details.
Creating specs directory; may be moved later Adding fix for Issue docker#348 Adding in updates for networking Updating with Dan's comments: removing old -beta Updating networking after talking to Madhu Updated install with HA as optional Moved HA spec into specs Did "customer-facing" HA page Renamed server > controller in docs Entering comments from reviewers Signed-off-by: Mary Anthony <[email protected]>
Signed-off-by: Mary Anthony <[email protected]>
Closes docker#371: Added metadata for web build Updating with Dan's comments Signed-off-by: Mary Anthony <[email protected]>
Signed-off-by: Evan Hazlett <[email protected]>
* Update release notes for UCP 1.1.2 Updates release notes with features, bug fixes, and known issues for UCP 1.1.2 version. * Update release_notes.md
(cherry picked from commit 4f7a1b6e54953edc77203f7751b372619dd12c50)
(cherry picked from commit 15ebba9ae7a4a134c4bb39d3f0dd4b513ea29494)
Signed-off-by: Matt Bentley <[email protected]> (cherry picked from commit 91c2270026f35ce27a9d0c23c27b9bdf4cdbb2c9)
(cherry picked from commit e2809745101b87640b7c671dd14c1dfbc9c794a2)
(cherry picked from commit a2b6185efc2bc78b794fc85f75b3ef4fdfc933f1)
(cherry picked from commit 117740117bf719039cc43dc77a110c9e22fbbead)
(cherry picked from commit 369e6d3e646a51eb65ff5d8291c8c0cf7ef90860)
(cherry picked from commit 224afea59b0ab5bedbff53c574da286991864fe8)
(cherry picked from commit 5f5c931ff99968ee8adf420d43856b964f93e680)
(cherry picked from commit a71ab3fb85e09a389714490678ba4e94514c449a)
(cherry picked from commit 46cdf5a8b80791f6d1cb6462dd66e23266a06d33)
(cherry picked from commit adaa077d3cecdfd71bcb640cef942086e4a42d9a)
joaofnfernandes
changed the title
joaofnfernandes
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The previous migration to this tree did not persisted the history for the UCP docs. This solves that.