diff --git a/docs/operations/multi-cluster-connectivity.mdx b/docs/operations/multi-cluster-connectivity.mdx index 153c6d4..f6ef8bd 100644 --- a/docs/operations/multi-cluster-connectivity.mdx +++ b/docs/operations/multi-cluster-connectivity.mdx @@ -176,8 +176,7 @@ metadata: name: production-us-east namespace: default # Or your organization's namespace spec: - agent: - enabled: true + clusterAgent: clientCA: value: | $(echo "$AGENT_CERT" | sed 's/^/ /') @@ -297,4 +296,4 @@ If the Control Plane rejects the agent's connection: kubectl logs -n openchoreo-control-plane deployment/controller-manager ``` -Ensure the DataPlane/BuildPlane/ObservabilityPlane CRD has the correct agent certificate in `spec.agent.clientCA.value` +Ensure the DataPlane/BuildPlane/ObservabilityPlane CRD has the correct agent certificate in `spec.clusterAgent.clientCA.value` diff --git a/docs/reference/configuration-schema.md b/docs/reference/configuration-schema.md index 23e81c7..ef4696b 100644 --- a/docs/reference/configuration-schema.md +++ b/docs/reference/configuration-schema.md @@ -88,32 +88,37 @@ metadata: name: string # Required: DataPlane name namespace: string # Required: Organization namespace spec: + # Plane identifier for multi-tenancy scenarios + planeID: string # Optional: Defaults to CR name. Max 63 chars, lowercase alphanumeric with hyphens. + + # Cluster Agent Configuration (mandatory for secure communication) + clusterAgent: # Required: Cluster agent communication config + clientCA: # Required: CA certificate for verifying agent's client cert + secretRef: # Optional: Reference to secret containing CA cert + name: string # Required: Secret name + namespace: string # Optional: Secret namespace (defaults to parent's namespace) + key: string # Required: Key within the secret + value: string # Optional: Inline CA certificate value + # API Gateway Configuration gateway: # Required: Gateway configuration - organizationVirtualHost: string # Required: Organization virtual host publicVirtualHost: string # Required: Public virtual host - - # Kubernetes Cluster Configuration - kubernetesCluster: # Required: Target cluster - name: string # Required: Cluster name - credentials: # Required: Authentication details - apiServerURL: string # Required: Kubernetes API server URL - caCert: string # Required: Base64-encoded CA certificate - clientCert: string # Required: Base64-encoded client certificate - clientKey: string # Required: Base64-encoded client private key - - # Container Registry Configuration - registry: # Required: Registry configuration - prefix: string # Required: Registry domain and namespace - secretRef: string # Optional: Registry credentials secret - - # Observer API Integration - observer: # Optional: Observer API - url: string # Required: Observer API base URL - authentication: # Required: Authentication - basicAuth: # Required: Basic auth credentials - username: string # Required: Username - password: string # Required: Password + organizationVirtualHost: string # Required: Organization virtual host + publicHTTPPort: integer # Optional: Default 19080 + publicHTTPSPort: integer # Optional: Default 19443 + organizationHTTPPort: integer # Optional: Default 19081 + organizationHTTPSPort: integer # Optional: Default 19444 + + # Image Pull Secrets + imagePullSecretRefs: # Optional: References to SecretReference resources + - string + + # External Secrets Operator Integration + secretStoreRef: # Optional: ESO ClusterSecretStore reference + name: string # Required: ClusterSecretStore name + + # Observability Integration + observabilityPlaneRef: string # Optional: Reference to ObservabilityPlane status: conditions: # Standard Kubernetes conditions @@ -134,22 +139,24 @@ metadata: name: string # Required: BuildPlane name namespace: string # Required: Organization namespace spec: - # Kubernetes Cluster for Build Workloads - kubernetesCluster: # Required: Build cluster - name: string # Required: Cluster name - credentials: # Required: Same structure as DataPlane - apiServerURL: string - caCert: string - clientCert: string - clientKey: string - - # Observer API Integration (Optional) - observer: # Optional: Same structure as DataPlane - url: string - authentication: - basicAuth: - username: string - password: string + # Plane identifier for multi-tenancy scenarios + planeID: string # Optional: Defaults to CR name. Max 63 chars, lowercase alphanumeric with hyphens. + + # Cluster Agent Configuration (mandatory for secure communication) + clusterAgent: # Required: Cluster agent communication config + clientCA: # Required: CA certificate for verifying agent's client cert + secretRef: # Optional: Reference to secret containing CA cert + name: string # Required: Secret name + namespace: string # Optional: Secret namespace + key: string # Required: Key within the secret + value: string # Optional: Inline CA certificate value + + # External Secrets Operator Integration + secretStoreRef: # Optional: ESO ClusterSecretStore reference + name: string # Required: ClusterSecretStore name + + # Observability Integration + observabilityPlaneRef: string # Optional: Reference to ObservabilityPlane status: {} # Minimal status implementation ``` diff --git a/versioned_docs/version-v0.11.x/operations/multi-cluster-connectivity.mdx b/versioned_docs/version-v0.11.x/operations/multi-cluster-connectivity.mdx index 153c6d4..f6ef8bd 100644 --- a/versioned_docs/version-v0.11.x/operations/multi-cluster-connectivity.mdx +++ b/versioned_docs/version-v0.11.x/operations/multi-cluster-connectivity.mdx @@ -176,8 +176,7 @@ metadata: name: production-us-east namespace: default # Or your organization's namespace spec: - agent: - enabled: true + clusterAgent: clientCA: value: | $(echo "$AGENT_CERT" | sed 's/^/ /') @@ -297,4 +296,4 @@ If the Control Plane rejects the agent's connection: kubectl logs -n openchoreo-control-plane deployment/controller-manager ``` -Ensure the DataPlane/BuildPlane/ObservabilityPlane CRD has the correct agent certificate in `spec.agent.clientCA.value` +Ensure the DataPlane/BuildPlane/ObservabilityPlane CRD has the correct agent certificate in `spec.clusterAgent.clientCA.value`