Merge pull request #200 from jonasrosland/website-fixes
Website fixes for broken links, formatting, and more
This commit is contained in:
commit
b3e622c914
@ -29,9 +29,7 @@ menu:
|
|||||||
weight: 100
|
weight: 100
|
||||||
- name: Architecture
|
- name: Architecture
|
||||||
url: /docs/architecture/
|
url: /docs/architecture/
|
||||||
name: Demo
|
- name: Demo
|
||||||
url: /docs/demo/
|
url: /docs/demo/
|
||||||
- name: Scope
|
- name: Scope
|
||||||
url: /docs/scope/
|
url: /docs/scope/
|
||||||
- name: Update Images
|
|
||||||
url: /docs/img/
|
|
@ -4,7 +4,7 @@ cascade:
|
|||||||
layout: docs
|
layout: docs
|
||||||
---
|
---
|
||||||
|
|
||||||
![Pinneped Logo](/docs/img/pinniped_logo.svg)
|
![Pinniped Logo](/docs/img/pinniped_logo.svg)
|
||||||
|
|
||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
@ -48,14 +48,14 @@ Got a question, comment, or idea? Please don't hesitate to reach out via the Git
|
|||||||
|
|
||||||
## Contributions
|
## Contributions
|
||||||
|
|
||||||
Contributions are welcome. Before contributing, please see the [contributing guide](/docs/CONTRIBUTING).
|
Contributions are welcome. Before contributing, please see the [contributing guide](https://github.com/vmware-tanzu/pinniped/blob/main/CONTRIBUTING.md).
|
||||||
|
|
||||||
## Reporting Security Vulnerabilities
|
## Reporting Security Vulnerabilities
|
||||||
|
|
||||||
Please follow the procedure described in [SECURITY.md](/docs/SECURITY).
|
Please follow the procedure described in [SECURITY.md](https://github.com/vmware-tanzu/pinniped/blob/main/SECURITY.md).
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
Pinniped is open source and licensed under Apache License Version 2.0. See [LICENSE](/docs/LICENSE).
|
Pinniped is open source and licensed under Apache License Version 2.0. See [LICENSE](https://github.com/vmware-tanzu/pinniped/blob/main/LICENSE).
|
||||||
|
|
||||||
Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
||||||
|
@ -1,3 +1,9 @@
|
|||||||
|
---
|
||||||
|
title: "Pinniped Architecture"
|
||||||
|
cascade:
|
||||||
|
layout: docs
|
||||||
|
---
|
||||||
|
|
||||||
# Architecture
|
# Architecture
|
||||||
|
|
||||||
The principal purpose of Pinniped is to allow users to access Kubernetes
|
The principal purpose of Pinniped is to allow users to access Kubernetes
|
||||||
@ -8,7 +14,7 @@ This integration is implemented using a credential exchange API which takes as
|
|||||||
input a credential from the external IDP and returns a credential which is understood by the host
|
input a credential from the external IDP and returns a credential which is understood by the host
|
||||||
Kubernetes cluster.
|
Kubernetes cluster.
|
||||||
|
|
||||||
<img src="img/pinniped_architecture.svg" alt="Pinniped Architecture Sketch" width="300px"/>
|
![Pinniped Architecture Sketch](/docs/img/pinniped_architecture.svg)
|
||||||
|
|
||||||
Pinniped supports various IDP types and implements different integration strategies
|
Pinniped supports various IDP types and implements different integration strategies
|
||||||
for various Kubernetes distributions to make authentication possible.
|
for various Kubernetes distributions to make authentication possible.
|
||||||
@ -50,7 +56,7 @@ cleanly enable this integration.
|
|||||||
|
|
||||||
Pinniped supports the following cluster integration strategies.
|
Pinniped supports the following cluster integration strategies.
|
||||||
|
|
||||||
1. Pinniped hosts a credential exchange API endpoint via a Kubernetes aggregated API server.
|
* Pinniped hosts a credential exchange API endpoint via a Kubernetes aggregated API server.
|
||||||
This API returns a new cluster-specific credential using the cluster's signing keypair to
|
This API returns a new cluster-specific credential using the cluster's signing keypair to
|
||||||
issue short-lived cluster certificates. (In the future, when the Kubernetes CSR API
|
issue short-lived cluster certificates. (In the future, when the Kubernetes CSR API
|
||||||
provides a way to issue short-lived certificates, then the Pinniped credential exchange API
|
provides a way to issue short-lived certificates, then the Pinniped credential exchange API
|
||||||
@ -65,7 +71,7 @@ With any of the above IDPs and integration strategies, `kubectl` commands receiv
|
|||||||
cluster-specific credential via a
|
cluster-specific credential via a
|
||||||
[Kubernetes client-go credential plugin](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins).
|
[Kubernetes client-go credential plugin](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins).
|
||||||
Users may use the Pinniped CLI as the credential plugin, or they may use any proprietary CLI
|
Users may use the Pinniped CLI as the credential plugin, or they may use any proprietary CLI
|
||||||
built with the [Pinniped Go client library](.https://github.com/vmware-tanzu/pinniped/generated).
|
built with the [Pinniped Go client library](https://github.com/vmware-tanzu/pinniped/generated).
|
||||||
|
|
||||||
## Example Cluster Authentication Sequence Diagram
|
## Example Cluster Authentication Sequence Diagram
|
||||||
|
|
||||||
|
@ -1,17 +1,23 @@
|
|||||||
|
---
|
||||||
|
title: "Pinniped Demo"
|
||||||
|
cascade:
|
||||||
|
layout: docs
|
||||||
|
---
|
||||||
|
|
||||||
# Trying Pinniped
|
# Trying Pinniped
|
||||||
|
|
||||||
## Prerequisites
|
## Prerequisites
|
||||||
|
|
||||||
1. A Kubernetes cluster of a type supported by Pinniped as described in [doc/architecture.md](../doc/architecture.md).
|
1. A Kubernetes cluster of a type supported by Pinniped as described in [architecture](/docs/architecture).
|
||||||
|
|
||||||
Don't have a cluster handy? Consider using [kind](https://kind.sigs.k8s.io/) on your local machine.
|
Don't have a cluster handy? Consider using [kind](https://kind.sigs.k8s.io/) on your local machine.
|
||||||
See below for an example of using kind.
|
See below for an example of using kind.
|
||||||
|
|
||||||
1. An identity provider of a type supported by Pinniped as described in [doc/architecture.md](../doc/architecture.md).
|
1. An identity provider of a type supported by Pinniped as described in [architecture](/docs/architecture).
|
||||||
|
|
||||||
Don't have an identity provider of a type supported by Pinniped handy? No problem, there is a demo identity provider
|
Don't have an identity provider of a type supported by Pinniped handy? No problem, there is a demo identity provider
|
||||||
available. Start by installing local-user-authenticator on the same cluster where you would like to try Pinniped
|
available. Start by installing local-user-authenticator on the same cluster where you would like to try Pinniped
|
||||||
by following the directions in [deploy/local-user-authenticator/README.md](../deploy/local-user-authenticator/README.md).
|
by following the directions in [deploy/local-user-authenticator/README.md](https://github.com/vmware-tanzu/pinniped/blob/main/deploy/local-user-authenticator/README.md).
|
||||||
See below for an example of deploying this on kind.
|
See below for an example of deploying this on kind.
|
||||||
|
|
||||||
1. A kubeconfig where the current context points to the cluster and has admin-like
|
1. A kubeconfig where the current context points to the cluster and has admin-like
|
||||||
@ -22,7 +28,7 @@
|
|||||||
Installing and trying Pinniped on any cluster will consist of the following general steps. See the next section below
|
Installing and trying Pinniped on any cluster will consist of the following general steps. See the next section below
|
||||||
for a more specific example of installing onto a local kind cluster, including the exact commands to use for that case.
|
for a more specific example of installing onto a local kind cluster, including the exact commands to use for that case.
|
||||||
|
|
||||||
1. Install Pinniped. See [deploy/concierge/README.md](../deploy/concierge/README.md).
|
1. Install Pinniped. See [deploy/concierge/README.md](https://github.com/vmware-tanzu/pinniped/blob/main/deploy/concierge/README.md).
|
||||||
1. Download the Pinniped CLI from [Pinniped's github Releases page](https://github.com/vmware-tanzu/pinniped/releases/latest).
|
1. Download the Pinniped CLI from [Pinniped's github Releases page](https://github.com/vmware-tanzu/pinniped/releases/latest).
|
||||||
1. Generate a kubeconfig using the Pinniped CLI. Run `pinniped get-kubeconfig --help` for more information.
|
1. Generate a kubeconfig using the Pinniped CLI. Run `pinniped get-kubeconfig --help` for more information.
|
||||||
1. Run `kubectl` commands using the generated kubeconfig. Pinniped will automatically be used for authentication during those commands.
|
1. Run `kubectl` commands using the generated kubeconfig. Pinniped will automatically be used for authentication during those commands.
|
||||||
@ -36,14 +42,9 @@ non-production cluster.
|
|||||||
The following steps will deploy the latest release of Pinniped on kind using the local-user-authenticator component
|
The following steps will deploy the latest release of Pinniped on kind using the local-user-authenticator component
|
||||||
as the identity provider.
|
as the identity provider.
|
||||||
|
|
||||||
|
|
||||||
|
![Pinniped Installation Demo](https://user-images.githubusercontent.com/25013435/95272990-b2ea9780-07f6-11eb-994d-872e3cb68457.gif)
|
||||||
<!-- The following image was uploaded to GitHub's CDN using this awesome trick: https://gist.github.com/vinkla/dca76249ba6b73c5dd66a4e986df4c8d -->
|
<!-- The following image was uploaded to GitHub's CDN using this awesome trick: https://gist.github.com/vinkla/dca76249ba6b73c5dd66a4e986df4c8d -->
|
||||||
<p align="center" width="100%">
|
|
||||||
<img
|
|
||||||
src="https://user-images.githubusercontent.com/25013435/95272990-b2ea9780-07f6-11eb-994d-872e3cb68457.gif"
|
|
||||||
alt="Pinniped Installation Demo"
|
|
||||||
width="80%"
|
|
||||||
/>
|
|
||||||
</p>
|
|
||||||
|
|
||||||
1. Install the tools required for the following steps.
|
1. Install the tools required for the following steps.
|
||||||
|
|
||||||
@ -88,7 +89,7 @@ as the identity provider.
|
|||||||
|
|
||||||
The `install-local-user-authenticator.yaml` file includes the default deployment options.
|
The `install-local-user-authenticator.yaml` file includes the default deployment options.
|
||||||
If you would prefer to customize the available options, please
|
If you would prefer to customize the available options, please
|
||||||
see [deploy/local-user-authenticator/README.md](../deploy/local-user-authenticator/README.md)
|
see [deploy/local-user-authenticator/README.md](https://github.com/vmware-tanzu/pinniped/blob/main/deploy/local-user-authenticator/README.md)
|
||||||
for instructions on how to deploy using `ytt`.
|
for instructions on how to deploy using `ytt`.
|
||||||
|
|
||||||
1. Create a test user named `pinny-the-seal` in the local-user-authenticator identity provider.
|
1. Create a test user named `pinny-the-seal` in the local-user-authenticator identity provider.
|
||||||
@ -115,7 +116,7 @@ as the identity provider.
|
|||||||
```
|
```
|
||||||
|
|
||||||
The `install-pinniped-concierge.yaml` file includes the default deployment options.
|
The `install-pinniped-concierge.yaml` file includes the default deployment options.
|
||||||
If you would prefer to customize the available options, please see [deploy/concierge/README.md](../deploy/concierge/README.md)
|
If you would prefer to customize the available options, please see [deploy/concierge/README.md](https://github.com/vmware-tanzu/pinniped/blob/main/deploy/concierge/README.md)
|
||||||
for instructions on how to deploy using `ytt`.
|
for instructions on how to deploy using `ytt`.
|
||||||
|
|
||||||
1. Create a `WebhookAuthenticator` object to configure Pinniped to authenticate using local-user-authenticator.
|
1. Create a `WebhookAuthenticator` object to configure Pinniped to authenticate using local-user-authenticator.
|
||||||
|
@ -1,3 +1,10 @@
|
|||||||
|
---
|
||||||
|
title: "Pinniped Scope"
|
||||||
|
cascade:
|
||||||
|
layout: docs
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
# Project Scope
|
# Project Scope
|
||||||
|
|
||||||
The Pinniped project is guided by the following principles.
|
The Pinniped project is guided by the following principles.
|
||||||
|
@ -7,14 +7,14 @@
|
|||||||
<div class="col text">
|
<div class="col text">
|
||||||
<p class="strong">Cluster Administration</p>
|
<p class="strong">Cluster Administration</p>
|
||||||
<p>Easily plug in external IDPs into Kubernetes clusters while offering a simple install and configuration experience. Leverage first class integration with Kubernetes and kubectl CLI.</p>
|
<p>Easily plug in external IDPs into Kubernetes clusters while offering a simple install and configuration experience. Leverage first class integration with Kubernetes and kubectl CLI.</p>
|
||||||
<p><a href="#" class="button tertiary">Read More</a></p>
|
<!-- <p><a href="#" class="button tertiary">Read More</a></p> -->
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="grid two image-right">
|
<div class="grid two image-right">
|
||||||
<div class="col text">
|
<div class="col text">
|
||||||
<p class="strong">Cluster Administration</p>
|
<p class="strong">Cluster Administration</p>
|
||||||
<p>Easily plug in external IDPs into Kubernetes clusters while offering a simple install and configuration experience. Leverage first class integration with Kubernetes and kubectl CLI.</p>
|
<p>Easily plug in external IDPs into Kubernetes clusters while offering a simple install and configuration experience. Leverage first class integration with Kubernetes and kubectl CLI.</p>
|
||||||
<p><a href="#" class="button tertiary">Read More</a></p>
|
<!-- <p><a href="#" class="button tertiary">Read More</a></p> -->
|
||||||
</div>
|
</div>
|
||||||
<div class="col image">
|
<div class="col image">
|
||||||
<img src="/img/authentication.svg" />
|
<img src="/img/authentication.svg" />
|
||||||
@ -27,7 +27,7 @@
|
|||||||
<div class="col text">
|
<div class="col text">
|
||||||
<p class="strong">Cluster Administration</p>
|
<p class="strong">Cluster Administration</p>
|
||||||
<p>Easily plug in external IDPs into Kubernetes clusters while offering a simple install and configuration experience. Leverage first class integration with Kubernetes and kubectl CLI.</p>
|
<p>Easily plug in external IDPs into Kubernetes clusters while offering a simple install and configuration experience. Leverage first class integration with Kubernetes and kubectl CLI.</p>
|
||||||
<p><a href="#" class="button tertiary">Read More</a></p>
|
<!-- <p><a href="#" class="button tertiary">Read More</a></p> -->
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
Loading…
Reference in New Issue
Block a user