diff --git a/public-site/Makefile b/public-site/Makefile index 971638bf..e44253cb 100644 --- a/public-site/Makefile +++ b/public-site/Makefile @@ -1,43 +1,15 @@ -.PHONY: lint -lint: - npm run "lint" - npm run "lint-ts" +.PHONY: dev-up +dev-up: + docker compose --profile dev up --build +.PHONY: dev-down +dev-down: + docker compose --profile dev down -.PHONY: lint-strict -lint-strict: - npm run "lint-strict" - -.PHONY: run -run: - npm run start - -.PHONY: build-dist run-dist run-dist-rebuilt - -build-dist: - npm run build - -run-dist: - npm run serve - -run-dist-rebuilt: build-dist run-dist - -.PHONY: run-docker-dev -run-docker-dev: - docker compose -f docker-compose.yml up - -.PHONY: build-docker -build-docker: - docker build . -t public-site - -.PHONY: run-docker -run-docker: - docker run -it -p 8080:8080 public-site - -.PHONY: run-docker-rebuilt -run-docker-rebuilt: build-docker run-docker - -.PHONY: down -down: - docker compose down +.PHONY: prod-up +prod-up: + docker compose --profile prod up --build +.PHONY: prod-down +prod-down: + docker compose --profile prod down diff --git a/public-site/README.md b/public-site/README.md index 85a8fe2a..495573fa 100644 --- a/public-site/README.md +++ b/public-site/README.md @@ -1,19 +1,19 @@ # Radix Public Site This is the public site for promoting, documenting & showcasing the Radix -platform. It is a static site built with [VuePress 2](https://v2.vuepress.vuejs.org/). +platform. It is a static site built with [Docusaurus](https://docusaurus.io). ## Running, building ### The easy way -`docker compose --profile dev up --build` +`make dev-up`: Starts Docker compose services beloning to the`dev` profile. This starts the Docusaurus developer server on port 8000, and NGINX on port 8080 which proxies requests to the docusaurus server. This ensures that your browser receives the same security related headers (defined in ./proxy/headers) as when you build and run the Dockerfile container image. Changes to source files are immediatly shown in the browser. You can see the site on <http://localhost:8080> -Stop the server with Ctrl+C, but also run `docker compose --profile dev down` to clean up the +Stop the server with Ctrl+C, but also run `make dev-down` to clean up the Docker state. If you need a shell in the container: @@ -22,71 +22,31 @@ If you need a shell in the container: NB: The search plugin does not work when running the docusaurus development server. -You can also build and run the container image intended for production environments by running `docker compose --profile prod up --build`. To stop and cleanup you run `docker compose --profile prod down`. - -**Windows**: There is currently [a -problem](https://github.com/docker/for-win/issues/56) with Docker that prevents -auto-reload of the development server from working when source files change. A -simple workaround is to use [a little watcher -process](https://github.com/FrodeHus/docker-windows-volume-watcher/releases). +You can also build and run the container image intended for production environments by running `make prod-up`. To stop and cleanup you run `make prod-down`. ### The other way You can also run docusurus locally. All that is needed is NodeJS and NPM. In the root folder of the project run `npm i` to fetch dependencies followed by `npm run start` to start serving the development environment of the Public Site. The disadvantage is that you will not catch errors caused by the security headers set by NGINX. -## Folder structure - -The site content is organised within `/docs/src/`. In here you'll find: +## Files and folder structure -- `/.vuepress/`: The Vuepress source folder containing the main site configuration. -- `/.vuepress/components/`: Custom user-created Vuepress components. -- `/.vuepress/public/`: All public content for the Public Site, such as images and general stylesheets. -- `/.vuepress/styles/`: Style override files for Vuepress. See the [CSS Section](#CSS) below. - -But the interesting bits are the actual content: +File `docusaurus.config.ts` contains the main configuration for Docusaurus. This is where we configure the overall page layout like headers, footers, navbar, themes etc. `sidebars.ts` contains configuration for the sidebars. +- `/community/`: Information about the Radix community and team. - `/docs/`: General concepts (topics). +- `/feature/`: List of all fratures in Radix. - `/guides/`: User-friendly, conversational guides on how to achieve specific objectives. -- `/references/`: Reference documentation for end-users. -- `/other/`: Documentation not directly related to any specific category. +- `/radix-config/`: Reference documentation for end-users. +- `/start/`: Getting started guide ## docusaurus + This website is built using [Docusaurus](https://docusaurus.io/), a modern static website generator. [Create an application](https://docusaurus.io/docs/installation) ```bash npx create-docusaurus@latest public-site classic --typescript ``` - -## docusaurus development - -`npm start` -Starts the development server. - -`npm run build` -Bundles your website into static files for production. - -`npm run serve` -Serves the built website locally. - -`npm run deploy` -Publishes the website to GitHub pages. - -We recommend that you begin by typing: - -`cd public-site` -`npm start` - -## Production build - -The production build is containerised in the project's `Dockerfile`. To run the -build image locally: - - docker build -t radix-public-site-prod . - docker run --name radix-public-site-prod_container --rm -p 8080:8080 radix-public-site-prod - -The web server will be available on <http://localhost:8080> - # Credits trees by Made x Made from the Noun Project: <https://thenounproject.com/term/trees/1723897/> diff --git a/public-site/docs/docs/topic-domain-names/index.md b/public-site/docs/docs/topic-domain-names/index.md index baaa55d5..cc16932d 100644 --- a/public-site/docs/docs/topic-domain-names/index.md +++ b/public-site/docs/docs/topic-domain-names/index.md @@ -4,84 +4,70 @@ title: Domain names # Domain names -There can be several domain names mapped to [application components](/start/radix-concepts/index.md#component) in Radix. In general you will want to use the [public name](#public-name), but you should understand all options. +There can be several domain names mapped to [application components](/start/radix-concepts/index.md#component) in Radix. -:::tip Domain names -Some domain names include a `clusterEnvNamepace` component. This varies depending on the type of cluster. In Radix there are two(three) **cluster types**; these are the values for `clusterEnvNamepace` in each type +The domain names are composed with information from the application, and the [Radix cluster](../../start/radix-clusters/) where the application is hosted: - - platform (_blank_) - (eu-"weeknumber") - - playground (`playground`) - (playground-"weeknumber") - - (dev (`dev`)) -::: - -## Canonical name - -```text -[componentName]-[appName]-[envName].[clusterName].[clusterEnvNamepace].radix.equinor.com -``` - -The authoritative name for a specific component in a specific cluster. The _canonical name_ can be useful when debugging, however. - -- Always allocated -- Automatically allocated -- One per component - -Examples: - -- `frontend-myapp-production.playground-92.playground.radix.equinor.com` -- `backend-myapp-production.playground-92.playground.radix.equinor.com` -- `serializer-oneapp-qa.eu-12.radix.equinor.com` +- `component-name`: The name of the component, e.g. `frontend`. +- `app-name`: The name of the application, e.g. `myapp`. +- `env-name`: The name of the environment where the component is deployed to, e.g. `production`. +- `cluster-name`: Exists only in [canonical name](./#canonical-name). The name of the underlying Kubernetes cluster used for hosting a specific [Radix cluster](../../start/radix-clusters/), e.g. `eu-18`. This value can change, for example during upgrade of a Radix cluster. Domain names using this value should only be used for debugging purposes, and should never be used by end users/services. +- `cluster-dns-zone`: The DNS zone for the [Radix cluster](../../start/radix-clusters/) where the application is hosted, e.g. `radix.equinor.com`, `playground.radix.equinor.com`. ## Public name ```text -[componentName]-[appName]-[envName].[clusterEnvNamepace].radix.equinor.com +[component-name]-[app-name]-[env-name].[cluster-dns-zone] ``` - Automatically allocated -- One per component +- Unique for each component in each environment Examples: -- `frontend-myapp-production.playground.radix.equinor.com` -- `backend-myapp-production.playground.radix.equinor.com` - `serializer-oneapp-qa.radix.equinor.com` +- `frontend-myapp-production.c2.radix.equinor.com` +- `backend-myapp-production.playground.radix.equinor.com` ## App default alias ```text -[appName].app.[clusterEnvNamepace].radix.equinor.com +[app-name].app.[cluster-dns-zone] ``` -The _app default alias_ is a convenience domain name to make it easier to publish and use your application. It points to a specific component and environment in your application, and allows a reasonable URL to be distributed to end-users without the hassle of setting up [external aliases](#external-alias). +The _app default alias_ is a convenience domain name to make it easier to publish and use your application. It points to a specific component and environment in your application, and allows a reasonable URL to be distributed to end users/services without the hassle of setting up [external aliases](#external-alias). - One per application - [Defined in `radixconfig.yaml`](/radix-config/index.md#dnsappalias) Examples: -- `myapp.app.playground.radix.equinor.com` - `oneapp.app.radix.equinor.com` +- `otherapp.app.c2.radix.equinor.com` +- `myapp.app.playground.radix.equinor.com` ## App alias ```text -[appName].[clusterEnvNamepace].radix.equinor.com +[subdomain].[cluster-dns-zone] ``` -`dnsAlias` creates one or several DNS aliases in the form of `.radix.equinor.com` for the specified environment and component. There are few reserved aliases which cannot be used: -- Difference from App default alias - it does not have `app.` domain before `radix.equinor.com` and there can be multiple aliases per application, per environment, per component +The _app alias_ allows you to configure a custom subdomain in the `[cluster-dns-zone]` where the application is hosted. With the exception of a few reserved names, the rule is _"first come, first served"_. + + +- Multiple allowed per component - [Defined in `radixconfig.yaml`](/radix-config/index.md#dnsalias) Examples: -- `myapp.playground.radix.equinor.com` - `oneapp.radix.equinor.com` +- `otherapp.c2.radix.equinor.com` +- `myapp.playground.radix.equinor.com` ## External alias ```text -[whatever] +[a valid external DNS name] ``` For ultimate customisation of your domain names, you can "bring your own" domain into Radix with an _external alias_. There is a [detailed guide](/guides/external-alias/) on how to configure this. @@ -89,10 +75,29 @@ For ultimate customisation of your domain names, you can "bring your own" domain - Multiple allowed per component - [Defined in `radixconfig.yaml`](/radix-config/index.md#dnsexternalalias) - Requires external DNS alias management -- Requires custom TLS certificate +- [Bring your own TLS](../../guides/external-alias-certificate/index.md) certificate, or let [Radix handle](../../guides/external-alias/index.md#configure-certificate-automation-service) it Examples: -- `cowabunga.equinor.com` -- `cheap-domains-r-us.net` -- `go0gle.com` +- `myapp.equinor.com` +- `www.mydomain.com` +## Canonical name + +```text +[component-name]-[app-name]-[env-name].[cluster-name].[cluster-dns-zone] +``` + +The authoritative name for a specific component in a specific Kubernetes- and Radix-cluster. + +- Automatically allocated +- One per component + +:::warning + The _canonical name_ should never be used by end users/services because `[cluster-name]` is not considered stable, and can change without warning. +::: + +Examples: + +- `serializer-oneapp-qa.eu-18.radix.equinor.com` +- `frontend-myapp-production.c2-11.c2.radix.equinor.com` +- `backend-myapp-production.playground-92.playground.radix.equinor.com` diff --git a/public-site/docs/docs/topic-dynatrace-int/index.md b/public-site/docs/docs/topic-dynatrace-int/index.md index ac6ff89d..e2fb57ef 100644 --- a/public-site/docs/docs/topic-dynatrace-int/index.md +++ b/public-site/docs/docs/topic-dynatrace-int/index.md @@ -80,8 +80,8 @@ spec: - DT_CONNECTION_POINT # formattedCommunicationEndpoints from response ``` -After changing your `radixconfig.yaml` file and pushing the changes, you must log in to your Application Configuration page in [Radix Console](https://console.radix.equinor.com) and paste in the PaaS-Token in **Private image hubs** under **App Secrets**. -Then you must update environment secrets in each component with corresponding Dynatrace configuration: `DT_TENANT`, `DT_TENANTTOKEN` (`tenantToken`) and `DT_CONNECTION_POINT` (`formattedCommunicationEndpoints`). +After changing your `radixconfig.yaml` file and pushing the changes, you must open the application's configuration page in [Web Console](https://console.radix.equinor.com) and paste in the PaaS-Token in **Private image hubs** under **App Secrets**. +You must then update environment secrets in each component with corresponding Dynatrace configuration: `DT_TENANT`, `DT_TENANTTOKEN` (`tenantToken`) and `DT_CONNECTION_POINT` (`formattedCommunicationEndpoints`). ```request GET https://spa-equinor.kanari.com/e//api/v1/deployment/installer/agent/connectioninfo accept: application/json diff --git a/public-site/docs/docs/topic-radix-cli/index.md b/public-site/docs/docs/topic-radix-cli/index.md index 82d0896f..b0a7678c 100644 --- a/public-site/docs/docs/topic-radix-cli/index.md +++ b/public-site/docs/docs/topic-radix-cli/index.md @@ -6,57 +6,35 @@ title: Radix CLI ## Purpose -[Radix command line interface](https://github.com/equinor/radix-cli) is an application to execute commands for getting information, creating a Radix application or pipeline jobs, setting values of secrets, start and stop Radis components and other operations, described below. The Radix CLI, available for multiple platforms, it can be downloaded from the [GitHub repository](https://github.com/equinor/radix-cli/tags). +[Radix CLI](https://github.com/equinor/radix-cli) is an application to execute commands for getting information, creating a Radix application or pipeline jobs, setting values of secrets, start and stop Radis components and other operations, described below. The Radix CLI, available for multiple platforms, it can be downloaded from the [GitHub repository](https://github.com/equinor/radix-cli/releases). ## Use -The Radix CLI can be used on local PC, in CI workflow, in a docker container. +Radix CLI can be installed and run from your local PC, as a Docker container, or in CI workflows, like GitHub actions. -Commands can be executed for `platform` or `playground` cluster, specified by an option `--context` or `-c`. Example: `--context platform` or `-c playground`. When no context specified, `platform` is used. +Commands can be executed towards all Radix cluster, either by setting the `--context` flag when executing a command, or by configuring the default context. `platform` is used if no context is specified. -The default context can be changed +Set the default context: ```shell rx set context --context playground ``` -Check the current context +Check the current context: ```shell rx get context ``` -Only applications, permitted for users or Azure AD groups, where they are member of, are available to execute commands for. - -The command `rx --version` or `rx -v` shows the version, installed on the PC. - -To get debug information about request, sent by the Radix CLI prefix the command with set of environment variable `DEBUG`: `DEBUG=true rx get application -a your-app-name` - ### Run on a local PC -Download a [version of a Radix CLI](https://github.com/equinor/radix-cli/tags) for a required platform, extract an executable binary from an archive and move it to a folder, where executables usually located on the PC (or it can remain the folder, from it can be run). Example for a Linux or Mac: - -```shell -LATEST_VERSION=$( -curl --silent "https://api.github.com/repos/equinor/radix-cli/releases/latest" | -grep '"tag_name":' | -sed -E 's/.*"v([^"]+)".*/\1/' -) - -rx_tar=radix-cli_${LATEST_VERSION}_Darwin_x86_64.tar.gz -curl -OL "https://github.com/equinor/radix-cli/releases/download/v${LATEST_VERSION}/${rx_tar}" -tar -xf ${rx_tar} - -sudo mv rx /usr/local/bin/rx -rm ${rx_tar} -``` +Install Radix CLI locally by following the installation instructions in the [Radix CLI GitHub repository](https://github.com/equinor/radix-cli#installation). -To start working with Radix CLI, first login to the cluster: +To start working with Radix CLI you must first login: ```shell rx login ``` -Follow the provided Microsoft sign in device login URL and enter the provided code. -On successful login - commands can be executed within your user permissions to the Radix. +After successful login, you can start executing commands. -To clean up the login data - logout from the Radix: +To clean up the login data, logout from the Radix: ```shell rx logout ``` @@ -107,7 +85,7 @@ Scope can be specified for most commands: :::tip An option `job` of commands `create`, `get logs` is replaced with `pipeline-job`. It will be supported for backward compatibility. ::: -* Create a new "deploy only" pipeline job with specified image tags. When `radixconfig.yaml` contains `image` option with dynamic [imageTagName](https://radix.equinor.com/radix-config/index.md#imagetagname), this `imageTagName` can be altered in the Radix CLI `create pipeline-job deploy` command option `image-tag-name`. This option will override values defined in the `radixconfig.yaml` and can be defined for multiple components in the command. `image-tag-name`, provided as an option in the command `rx create pipeline-job deploy` is shown in the Radix pipeline orchestration job log. Component names that does not exist within the Radix application environment will be ignored. +* Create a new "deploy only" pipeline job with specified image tags. When `radixconfig.yaml` contains `image` option with dynamic [imageTagName](../../radix-config/index.md#imagetagname), this `imageTagName` can be altered in the Radix CLI `create pipeline-job deploy` command option `image-tag-name`. This option will override values defined in the `radixconfig.yaml` and can be defined for multiple components in the command. `image-tag-name`, provided as an option in the command `rx create pipeline-job deploy` is shown in the Radix pipeline orchestration job log. Component names that does not exist within the Radix application environment will be ignored. ```shell rx create pipeline-job deploy --application your-app-name --environment dev --image-tag-name web-app=stable-123 --image-tag-name api=1.22.0 rx create pipeline-job deploy -a your-app-name -e dev -t web-app=stable-123 -t api=1.22.0 @@ -190,7 +168,7 @@ An option `job` of commands `create`, `get logs` is replaced with `pipeline-job` ``` :::info This scale will persist after re-deployment, so remember to reset the component when you are finished. - After reset, scaled component gets replicas specified in the `radixconfig.yaml`, "1" if not specified, or set by [horizontal scaling](https://radix.equinor.com/radix-config/index.md#environmentconfig) + After reset, scaled component gets replicas specified in the [`radixconfig.yaml`](../../radix-config/index.md), "1" if not specified, or set by [`horizontal scaling`](../../radix-config/index.md#horizontalscaling) ::: #### Manage components * Set a value of a component secret (runtime secret) diff --git a/public-site/docs/docs/topic-uptime/index.md b/public-site/docs/docs/topic-uptime/index.md index eb8d4de9..4557d9c9 100644 --- a/public-site/docs/docs/topic-uptime/index.md +++ b/public-site/docs/docs/topic-uptime/index.md @@ -28,10 +28,11 @@ The monitoring has not been active for 90 days yet, so the current report will s The Radix Platform should be used when your team has chosen Radix as PaaS (Platform-as-a-Service) for a product under development or in production. -| Cluster | Purpose | Upgrade | Support | -| -------------- | ------------------------------------------- | :-----------------: | :---------: | -| **Platform** | Products under development or in production | Every ~6 months | Yes | -| **Playground** | Testing and experimenting with Radix | | Best-effort | +| Cluster | Purpose | Upgrade | Support | +| ---------------------------- | ------------------------------------------- | :-------------: | :---------: | +| **Platform (North Europe)** | Apps under development or in production | Every ~6 months | Yes | +| **Platform 2 (West Europe)** | Apps under development or in production | Every ~6 months | Yes | +| **Playground** | Testing and experimenting with Radix | | Best-effort | ### Support diff --git a/public-site/docs/guides/component-start-stop-restart/index.md b/public-site/docs/guides/component-start-stop-restart/index.md index 8d2dad32..19b564d1 100644 --- a/public-site/docs/guides/component-start-stop-restart/index.md +++ b/public-site/docs/guides/component-start-stop-restart/index.md @@ -22,7 +22,7 @@ When manually scaled a component, it will be persisted accross deployments. Clic ## Reset -*Reset* removes the manually configured replicas count and will use the number of replica to the number set in the [`radixconfig.yaml`](/radix-config/index.md) for the *active deployment* or by [horizontal scaling](https://radix.equinor.com/radix-config/index.md#environmentconfig). +*Reset* removes the manually configured replica count and sets it to the value defined in [`replicas`](../../radix-config/index.md#replicas) or [`horizontalScaling`](../../radix-config/index.md#horizontalscaling) defined by the *active deployment*. ## Restarting diff --git a/public-site/docs/guides/deploy-only/index.md b/public-site/docs/guides/deploy-only/index.md index 70475513..b89faa4f 100644 --- a/public-site/docs/guides/deploy-only/index.md +++ b/public-site/docs/guides/deploy-only/index.md @@ -81,7 +81,7 @@ In the `radixconfig.yaml` above, there are two tagging strategies; A dynamic tag in this context means that there is a new tag produced for every build, either referring to the release tag, or the commit sha (in the case above) or any other attributes that uniquely identifies what the image is produced from. The dynamic tag will give better control over what runs in the environment, and it also allows for promoting older deployments in case there is a need for a rollback. -A static tag will not permit radix to update an existing deployment by relying on changes to `imageTagName` to pull a new image. To force radix to pull a new image from the image-hub, the component must be restarted using the component page on the web-console or restart call to the [API](https://api.radix.equinor.com/swaggerui/#/component/restartComponent) or [CLI](https://github.com/equinor/radix-cli). There is currently no log trace of components starting and stopping. If this is necessary, one may call `deploy-only` once on the application before `restart` on each component using static tags. +A static tag will not permit radix to update an existing deployment by relying on changes to [`imageTagName`](../../radix-config/index.md#imagetagname) to pull a new image. To force radix to pull a new image from the image-hub, the component must be restarted using the component page on the web-console or restart call to the [Radix API](https://api.radix.equinor.com/swaggerui/#/component/restartComponent) or [CLI](https://github.com/equinor/radix-cli). The URL for Radix API depends on which [Radix cluster](../../start/radix-clusters/) is hosting the application. The second part of the `radixconfig.yaml` which distinguishes itself from a regular radix application is the [`privateImageHubs` property](/radix-config/index.md#privateimagehubs). In short, it will allow for the image produced outside of Radix to be pulled down to the Radix cluster. @@ -122,7 +122,7 @@ Read about [how to connect GitHub actions and Azure](https://learn.microsoft.com With the access token you can make calls to Radix API through either: -- Calling the API directly ([Radix Platform API](https://api.radix.equinor.com/swaggerui/) or [Radix Playground API](https://api.playground.radix.equinor.com/swaggerui/)), by passing the bearer token (i.e. curl -X GET --header "Authorization: Bearer \$token") +- Calling the Radix API directly by passing the bearer token (i.e. curl -X GET --header "Authorization: Bearer \$token") - Calling the API though functions in the [Radix CLI](https://github.com/equinor/radix-cli), which allows for simpler access to the API - Calling the API through [Radix GitHub Actions](https://github.com/equinor/radix-github-actions). If you have opted for GitHub Actions as your CI tool, then calling the Radix API indirectly through the Radix CLI using the Radix GitHub Actions can be done. It allows for simpler access to the CLI in your action's workflow. @@ -212,7 +212,7 @@ Disclaimer: Please seek advice elsewhere on whether GitHub Actions and/or GitHub When a Radix application has multiple components and only one or some of them need to be deployed, an option `component` can be used to specify these components. Multiple components can be specified. Other components, if exist in the environment, will not be re-deployed, keeping their `commitID` and `gitTags`, environment variables, secrets, etc. Replicas of not deployed components will not be restarted on deployment. -Please look at [Radix CLI deploy command](/docs/topic-radix-cli/index.md#deploy-pipeline-job) for examples. The `component` option can also be used with [Radix GitHub action](https://github.com/equinor/radix-github-actions) and [Radix API](https://api.radix.equinor.com/swaggerui/). +Please look at [Radix CLI deploy command](/docs/topic-radix-cli/index.md#deploy-pipeline-job) for examples. The `component` option can also be used with [Radix GitHub action](https://github.com/equinor/radix-github-actions) and Radix API. When deploy pipeline job has been run with `component` option, Radix console will indicate on pipeline job, deployment and environment pages which components were not deployed: diff --git a/public-site/docs/guides/pipeline-badge/index.md b/public-site/docs/guides/pipeline-badge/index.md index f4403681..717a3888 100644 --- a/public-site/docs/guides/pipeline-badge/index.md +++ b/public-site/docs/guides/pipeline-badge/index.md @@ -7,9 +7,11 @@ title: Pipeline Badges A pipeline status badge shows the status of the latest pipeline job of a specific type in a specific environment. Status is one of **success**, **failing**, **stopped**, **pending** or **running**. The URL for generating a badge is: -*https://api.radix.equinor.com/api/v1/applications/`app-name`/environments/`env-name`/buildstatus?pipeline=`pipeline-type`* +``` +https://api./api/v1/applications//environments//buildstatus?pipeline= +``` -where `app-name` is the name of the application, `env-name` is the name of the environment within the application, and `pipeline-type`(optional) is one of **build-deploy**(default), **deploy** or **promote**. +where `app-name` is the name of the application, `env-name` is the name of the environment within the application, and `pipeline-type`(optional) is one of **build-deploy**(default), **deploy** or **promote**. Refer to *DNS Zone* in [Radix clusters](../../start/radix-clusters/) to get the `cluster-dns-zone` value for the cluster where your application is hosted. Requesting a badge for a non-existing application or environment, or for a pipeline type that hasn't been run yet, the badge returns with an **unknown** status. ![build-deploy unknown](./build-deploy-unknown.png "build-deploy unknown") diff --git a/public-site/docs/guides/resource-request/index.md b/public-site/docs/guides/resource-request/index.md index 9029cee7..b7c976a8 100644 --- a/public-site/docs/guides/resource-request/index.md +++ b/public-site/docs/guides/resource-request/index.md @@ -116,4 +116,4 @@ For modern application development in Kubernetes and in Radix it is preferred to ![horizontal-pod-autoscaling](./horizontal-pod-autoscaling.png) -For Radix this can easily be done through horizontal pod autoscaling in the [radixconfig.yaml](https://www.radix.equinor.com/radix-config/index.md#horizontalscaling). It will scale up based on CPU load over time for containers of a component (higher than 80%). More information can be found at [kubernetes docs](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) +For Radix this can easily be configured with [`horizontalScaling`](../../radix-config/index.md#horizontalscaling) in [`radixconfig.yaml`](../../radix-config/index.md). It can scale components up and down based on CPU and memory utilization of the containers. More information can be found at [kubernetes docs](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) diff --git a/public-site/docs/guides/sub-pipeline/example-pipeline-with-azure-workload-identity.md b/public-site/docs/guides/sub-pipeline/example-pipeline-with-azure-workload-identity.md index 25f33701..50b37a06 100644 --- a/public-site/docs/guides/sub-pipeline/example-pipeline-with-azure-workload-identity.md +++ b/public-site/docs/guides/sub-pipeline/example-pipeline-with-azure-workload-identity.md @@ -21,7 +21,7 @@ The `issuer` URL will change in certain cases when a Radix Cluster is replaced d We will notify as early as possible when this happens in the **#omnia_radix** slack channel. ::: -1. Go to Radix Console and click the `i` icon in the top right corner of the cluster you want to use. Or click [here](https://console.radix.equinor.com/about) for the Platform Cluster. +1. Go to Radix Console and click the `i` icon in the top right corner of the cluster you want to use. 2. Copy the `CLUSTER_OIDC_ISSUER_URL` value. This is the credentials issuer in Radix Cluster. 3. The `Namespace` has the format of `-app`, for the application `my-radix-app` the namespace will be `my-radix-app-app`. 4. The `Service Account` has the format of `subpipeline--sa`, for the environment `dev` the service account will be `subpipeline-dev-sa`. diff --git a/public-site/docs/radix-config/index.md b/public-site/docs/radix-config/index.md index 062398b8..931e393f 100644 --- a/public-site/docs/radix-config/index.md +++ b/public-site/docs/radix-config/index.md @@ -575,7 +575,7 @@ An `emptyDir` volume mounts a temporary writable volume in the container. Data i - `protocol` - (optional) a protocol, supported by the BlobFuse2. Currently, supports `fuse2` (default) and `nfs`. - `container` - name of the blob container. -- `uid` and/or `gid` - User ID and/or group ID (numbers) of a [mounted volume owner](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#podsecuritycontext-v1-core). It is a User ID and Group ID of a user in the running container within component replicas. Usually a user, which is a member of one or multiple [groups](https://en.wikipedia.org/wiki/Group_identifier), is specified in the `Dockerfile` for the component with command `USER`. Read [more details](https://www.radix.equinor.com/topic-docker/#running-as-non-root) about specifying user within `Dockerfile`. It is recommended to use because Blobfuse driver do [not honor fsGroup securityContext settings](https://github.com/kubernetes-sigs/blob-csi-driver/blob/master/docs/driver-parameters.md). +- `uid` and/or `gid` - User ID and/or group ID (numbers) of a [mounted volume owner](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#podsecuritycontext-v1-core). It is a User ID and Group ID of a user in the running container within component replicas. Usually a user, which is a member of one or multiple [groups](https://en.wikipedia.org/wiki/Group_identifier), is specified in the `Dockerfile` for the component with command `USER`. Read [more details](../docs/topic-docker/index.md#running-as-non-root) about specifying user within `Dockerfile`. It is recommended to use because Blobfuse driver do [not honor fsGroup securityContext settings](https://github.com/kubernetes-sigs/blob-csi-driver/blob/master/docs/driver-parameters.md). - `useAdls` - (optional) enables blobfuse to access Azure DataLake storage account. When set to false, blobfuse will access Azure Block Blob storage account, hierarchical file system is not supported. Default `false`. This must be set `true` when [HNS enabled account](https://learn.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-namespace) is mounted. - `streaming` - (optional) defines a file streaming. When it is turned on (it is by default), files, opened by a container in its volume mount are not cached on a node, but read directly from a blob storage. It is recommended to use. When it is turned off, files are cached on a node, but it may cause a problem with a limited node disk available space. @@ -1692,9 +1692,9 @@ spec: component: frontend ``` -As a convenience for nicer URLs, `dnsAppAlias` creates a DNS alias in the form of `.app.radix.equinor.com` for the specified environment and component. +As a convenience for nicer URLs, `dnsAppAlias` creates a DNS alias in the form of `.app.` (`` depends on which [Radix cluster](../start/radix-clusters/) is hosting the application) for the specified environment and component. -In the example above, the component **frontend** hosted in environment **prod** will be accessible from `myapp.app.radix.equinor.com`, in addition to the default endpoint provided for the frontend component, `frontend-myapp-prod..radix.equinor.com`. +In the example above, if the application is host in the **Platform (North Europe)** cluster, the component **frontend** in environment **prod** will be accessible from `myapp.app.radix.equinor.com`, in addition to automatically allocated [domain names](../docs/topic-domain-names/). ## `dnsAlias` @@ -1706,11 +1706,11 @@ spec: component: frontend ``` -`dnsAlias` creates one or several DNS aliases in the form of `.radix.equinor.com` for the specified environment and component. There are few reserved aliases which cannot be used: +`dnsAlias` creates one or several DNS aliases in the form of `.` (`` depends on which [Radix cluster](../start/radix-clusters/) is hosting the application) for the specified environment and component. There are few reserved aliases which cannot be used: `www`, `app`, `api`, `console`, `webhook`, `playground`, `dev`, `grafana`, `prometheus`, `canary`, `cost-api`. -In the example above, the component **frontend** hosted in environment **prod** will be accessible from `myapp.radix.equinor.com` (or for the Playground: `myapp.playground.radix.equinor.com`), in addition to the default endpoint provided for the frontend component `frontend-myapp-prod.radix.equinor.com` (or for the Playground: `frontend-myapp-prod.playground.radix.equinor.com`). +In the example above, if the application is host in the **Platform (North Europe)** cluster, the component **frontend** in environment **prod** will be accessible from `myapp.radix.equinor.com`, in addition to automatically allocated [domain names](../docs/topic-domain-names/). ## `dnsExternalAlias` diff --git a/public-site/docs/start/config-your-app/create-application.png b/public-site/docs/start/config-your-app/create-application.png deleted file mode 100644 index f5170449..00000000 Binary files a/public-site/docs/start/config-your-app/create-application.png and /dev/null differ diff --git a/public-site/docs/start/getting-access/index.md b/public-site/docs/start/getting-access/index.md index 1301c861..98413341 100644 --- a/public-site/docs/start/getting-access/index.md +++ b/public-site/docs/start/getting-access/index.md @@ -4,10 +4,16 @@ title: Getting access ## Getting access -Access to Radix is managed in Access IT. To get started, decide if you want to try the Playground cluster or go straight to the Radix Platform cluster. You will have access to register, build, deploy and maintain applications in that cluster. +Access to Radix is managed in Access IT. To get started, decide if you want to try the Playground cluster or go straight to one of the Platform clusters. You will have access to register, build, deploy and maintain applications in that cluster. -- :circus_tent: Playground cluster: request the role "[Radix Playground Users](https://accessit.equinor.com/Search/Search?term=Radix+Playground+Users+%28OMNIA+RADIX%29)" +- :circus_tent: **Playground cluster**: Request the role "[Radix Playground Users](https://accessit.equinor.com/Search/Search?term=Radix+Playground+Users+%28OMNIA+RADIX%29)" -- :100: Radix Platform clusters: request the role "[Radix Platform Users](https://accessit.equinor.com/Search/Search?term=Radix+Platform+Users+%28OMNIA+RADIX%29)" +- :100: **Platform clusters**: Request the role "[Radix Platform Users](https://accessit.equinor.com/Search/Search?term=Radix+Platform+Users+%28OMNIA+RADIX%29)" + +When the request is approved, you can access the clusters using Radix Web Console, Radix API or [Radix CLI](../../docs/topic-radix-cli/). You can register your app in Playground first, and then again in Platform; there is no special "migrate to platform" process. If you have questions, [speak with us on Slack](https://equinor.slack.com/messages/CBKM6N2JY) and we'll help. + +:::tip +Refer to [Radix clusters](../radix-clusters/) for a list of available clusters. +::: \ No newline at end of file diff --git a/public-site/docs/start/onboarding/index.md b/public-site/docs/start/onboarding/index.md index b9e6c912..3791dabe 100644 --- a/public-site/docs/start/onboarding/index.md +++ b/public-site/docs/start/onboarding/index.md @@ -18,11 +18,11 @@ A basic understanding of Git and GitHub is required to use Radix. [git - the sim Even if your not using Radix, we would still recommend you to learn how to use Docker for containerization, and use it for hosting. It has many benefits when utilizing cloud. -[What is a container](https://www.youtube.com/watch?v=EnJ7qX9fkcU) and [Benefits of containers](https://www.youtube.com/watch?v=cCTLjAdIQho) are both good videos to explain what and why containers. [Best practice](https://radix.equinor.com/topic-docker/) contains references to other relevant resources. +[What is a container](https://www.youtube.com/watch?v=EnJ7qX9fkcU) and [Benefits of containers](https://www.youtube.com/watch?v=cCTLjAdIQho) are both good videos to explain what and why containers. [Best practice](../../docs/topic-docker/) contains references to other relevant resources. ## OAuth 2.0 - Authentication and Authorization -If your API needs to be protected and only accessible for a group of users, understanding of OAuth 2.0 is required. Again this is not bound to Radix, but general knowledge needed when hosting applications in Azure (and cloud). [Radix authentication service](https://radix.equinor.com/guides/authentication/) can be a good place to start. +If your API needs to be protected and only accessible for a group of users, understanding of OAuth 2.0 is required. Again this is not bound to Radix, but general knowledge needed when hosting applications in Azure (and cloud). [Radix authentication service](../../guides/authentication/) can be a good place to start. ## Azure services diff --git a/public-site/docs/start/radix-clusters/index.md b/public-site/docs/start/radix-clusters/index.md index 8906e4fb..a935b9e4 100644 --- a/public-site/docs/start/radix-clusters/index.md +++ b/public-site/docs/start/radix-clusters/index.md @@ -3,6 +3,17 @@ title: Radix clusters --- # The Radix clusters -Your application(s) will run in a *Kubernetes cluster*. Radix currently have two: **Radix Platform** and **Playground**. Use Playground for testing Radix and see if it's a good fit for your needs. When your project and team are happy with Radix, you should register your application in the Radix Platform cluster, which provides [specific guarantees](/docs/topic-uptime/). +Your application(s) will run in a *Kubernetes cluster*. Radix currently have three clusters: **Platform (North Europe)**, **Platform 2 (West Europe)** and **Playground**. Use Playground for testing Radix and see if it's a good fit for your needs. When your project and team are happy with Radix, you should register your application to one of the **Platform** clusters, which provides [specific guarantees](/docs/topic-uptime/). -**Radix Platform** and **Playground** clusters are hosted on Azure North Europe region. +| Cluster | Azure Region | DNS Zone | Web Console | Radix API (Swagger UI) | +| ---------------------------- | -------------| ---------------------------- | :--------------------------------------------------: | :---------------------------------------------------------: | +| **Platform (North Europe)** | North Europe | radix.equinor.com | [Link](https://console.radix.equinor.com) | [Link](https://api.radix.equinor.com/swaggerui/) | +| **Platform 2 (West Europe)** | West Europe | c2.radix.equinor.com | [Link](https://console.c2.radix.equinor.com) | [Link](https://api.c2.radix.equinor.com/swaggerui/) | +| **Playground** | North Europe | playground.radix.equinor.com | [Link](https://console.playground.radix.equinor.com) | [Link](https://api.playground.radix.equinor.com/swaggerui/) | + + +:::info Moving applications between clusters + +Currently, there is no automated process of moving an application between clusters. To move an application, you must manually register it in the new cluster, run pipeline jobs to deploy the application, and reconfigure any secrets, workload identities, external DNS entries, network settings on external resources etc. + +::: \ No newline at end of file diff --git a/public-site/docs/start/radix-concepts/index.md b/public-site/docs/start/radix-concepts/index.md index 97c236e5..987b5301 100644 --- a/public-site/docs/start/radix-concepts/index.md +++ b/public-site/docs/start/radix-concepts/index.md @@ -42,11 +42,7 @@ A component represents a standalone process running within an [environment](inde Familiar with Docker or containers? A Radix component can be thought of as Docker image, and replicas as containers running that image. ::: -If a component's `publicPort` is defined, endpoints are made available on the public Internet for each environment the component is deployed to. This allows connections via HTTPS into Radix, which are routed internally to an HTTP endpoint on the component. The domain name for the public endpoint is auto-generated from the component, environment, and application names: `https://[component]-[application]-[environment].[cluster-name].radix.equinor.com`. - -:::tip -The `[cluster-name]` part of the domain refers to the current Radix cluster. This should become a static name in the future. -::: +If a component's [`publicPort`](../../radix-config/index.md#publicport) is defined, [endpoints](../../docs/topic-domain-names/) are made available on the public Internet for each environment the component is deployed to. This allows connections via HTTPS into Radix, which are routed internally to an HTTP endpoint on the component. Components can further be configured independently on each environment. Besides [environment variables](index.md#environment-variable) and [secrets](index.md#secret), a component can have different resource usage and monitoring settings. @@ -122,7 +118,7 @@ Number of pipeline jobs may accumulate in time for a Radix application, clutteri ### Scanning images for security issues -Before the deployment is done, after a build, the image is scanned for security-related issues using the tool [Snyk](https://snyk.io/). This scan will be a seperate step in the pipeline and the result will be logged in the step. Please note that the job will not fail if the result contains CRITICAL, HIGH and/or SEVERE issues. However every developer should investigate and fix any security issues. +After a successful deployment, and on a daily schedule, component and job images are scanned for security related issues using [Snyk](https://snyk.io/). Refer to the [Vulnerability Scanning](../../docs/topic-vulnerabilities/) documentation for more information. ### Sub-pipeline @@ -137,16 +133,3 @@ Deployments are created by some types of [job](/start/radix-concepts/#job). A de :::tip See [this](/guides/deploy-only/) guide on how to set up your application to only use the continuous deployment (CD) on Radix ::: -## Publishing applications - -### Default alias - -Each application can have one specific component in one specific environment set as the _default alias_. This component is assigned a domain name in the format `[application].app.radix.equinor.com` and assigned a certificate. This domain can be used as the public URL for accessing the application. - -The default alias is configured by the [`dnsAppAlias` setting](/radix-config/index.md#dnsappalias) in the `radixconfig.yaml`. - -### External (custom) alias - -It is possible to have multiple custom DNS aliases (i.e. to choose your own custom domain) for the application. The _external alias_ needs to point to a component [marked as public](/radix-config/index.md#publicport). This external alias can be any domain name, which can be used as the public URL for accessing the application, as long as a valid certificate for the domain is applied. - -The external alias is configured by the [`dnsExternalAlias` setting](/radix-config/index.md#dnsexternalalias) in the `radixconfig.yaml`. diff --git a/public-site/docs/start/registering-app/create-application.png b/public-site/docs/start/registering-app/create-application.png index bdab2cb0..865b7b53 100644 Binary files a/public-site/docs/start/registering-app/create-application.png and b/public-site/docs/start/registering-app/create-application.png differ diff --git a/public-site/docs/start/registering-app/index.md b/public-site/docs/start/registering-app/index.md index 8be81f4e..6d797be4 100644 --- a/public-site/docs/start/registering-app/index.md +++ b/public-site/docs/start/registering-app/index.md @@ -4,13 +4,14 @@ title: Registering your application # Registering your application -We are now ready to register our application using the Radix Web Console. Load the console for the [Radix cluster](../radix-clusters) that you want to use: [Radix Playground](https://console.playground.radix.equinor.com/applications/) or [Radix Platform](https://console.radix.equinor.com/applications/). Click "Create new app" in the top right of the page and follow the instructions there to integrate the GitHub repository with Radix. +We are now ready to register our application using the Web Console. Load the console for the [Radix cluster](../radix-clusters) that you want to use. Click "Create new app" in the top right of the page and follow the instructions there to integrate the GitHub repository with Radix. Remember that we can always change the 📖 [`radixconfig.yaml`](/radix-config/index.md) file and the `Dockerfile`(s) after registration to change how the application builds and deploys. Here is an example of how a new application registration could look like -:::tip -For the Playground cluster a Configuration Item is not mandatory. -::: ![CreateApplication](./create-application.png) + +:::tip +The **Configuration Item** and **Administrators** fields are optional in the Playground cluster. +::: diff --git a/public-site/docusaurus.config.ts b/public-site/docusaurus.config.ts index c22e47e4..b5d91692 100644 --- a/public-site/docusaurus.config.ts +++ b/public-site/docusaurus.config.ts @@ -55,13 +55,13 @@ const config: Config = { src: 'images/logos/logo.svg', }, items: [ - {to: '/start', label: 'Getting started', position: 'right'}, - {to: '/docs', label: 'Docs', position: 'right'}, - {to: '/radix-config', label: 'Radix Config', position: 'right'}, - {to: '/guides', label: 'Guides', position: 'right'}, - {to: '/features', label: 'Features', position: 'right'}, - {to: '/community', label: 'Community', position: 'right'}, - {href: 'https://console.radix.equinor.com/', label: 'Web Console', position: 'right'}, + {to: '/start', label: 'Getting started', position: 'left'}, + {to: '/docs', label: 'Docs', position: 'left'}, + {to: '/radix-config', label: 'Radix Config', position: 'left'}, + {to: '/guides', label: 'Guides', position: 'left'}, + {to: '/features', label: 'Features', position: 'left'}, + {to: '/community', label: 'Community', position: 'left'}, + {label: 'Web Console', href: 'https://console.radix.equinor.com/', position: 'right'}, ], }, footer: { diff --git a/radixconfig.yaml b/radixconfig.yaml index 333e1a7f..2cc37207 100644 --- a/radixconfig.yaml +++ b/radixconfig.yaml @@ -21,20 +21,17 @@ spec: publicPort: http runtime: architecture: arm64 + resources: + requests: + memory: 25M + cpu: 10m + volumeMounts: + - name: tmp + path: /tmp + emptyDir: + sizeLimit: 10M environmentConfig: - environment: qa - resources: - requests: - memory: "150Mi" - cpu: "10m" - limits: - memory: "150Mi" - cpu: "1000m" # docusaurus use a lot of cpu during startup/init - volumeMounts: - - name: tmp - path: /tmp - emptyDir: - sizeLimit: 10M horizontalScaling: maxReplicas: 1 minReplicas: 0 @@ -47,16 +44,3 @@ spec: desiredReplicas: 1 - environment: prod replicas: 2 - resources: - requests: - memory: "150Mi" - cpu: "10m" - limits: - memory: "150Mi" - cpu: "1000m" # docusaurus use a lot of cpu during startup/init - volumeMounts: - - name: tmp - path: /tmp - emptyDir: - sizeLimit: 10M -