tigera · ctauchen · Dec 1, 2023 · Mar 4, 2024 · Mar 5, 2024 · Mar 7, 2024
@@ -59,7 +59,7 @@ serve: build
 full: clean build
 
 .PHONY: netlify
-netlify: build test
+netlify: full test
 
 .PHONY: all
 all: full test

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 1. Create a service account
 
    ```bash

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 If you are not sure which IPAM your cluster is using, the way to tell depends on install method.
 
 The IPAM plugin can be queried on the default Installation resource.

@@ -1,30 +1,33 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 import NonClusterReadOnlyStep from '@site/calico-cloud/_includes/content/_non-cluster-read-only-step.mdx';
 
-This section describes how to run `{{nodecontainer}}` as a Docker container.
+This section describes how to run `{variables.nodecontainer}` as a Docker container.
 
 <NonClusterReadOnlyStep />
 
 ### Step 2: Create environment file
 
-<EnvironmentFile nodecontainer='{{nodecontainer}}' />
+<EnvironmentFile nodecontainer='{variables.nodecontainer}' />
 
 ### Step 3: Configure the init system
 
-Use an init daemon (like systemd or upstart) to start the {{nodecontainer}} image as a service using the EnvironmentFile values.
+Use an init daemon (like systemd or upstart) to start the {variables.nodecontainer} image as a service using the EnvironmentFile values.
 
-Sample systemd service file: `{{noderunning}}.service`
+Sample systemd service file: `{variables.noderunning}.service`
 
 ```shell
 [Unit]
-Description={{noderunning}}
+Description={variables.noderunning}
 After=docker.service
 Requires=docker.service
 
 [Service]
 EnvironmentFile=/etc/calico/calico.env
-ExecStartPre=-/usr/bin/docker rm -f {{noderunning}}
+ExecStartPre=-/usr/bin/docker rm -f {variables.noderunning}
 ExecStart=/usr/bin/docker run --net=host --privileged \
- --name={{noderunning}} \
+ --name={variables.noderunning} \
  -e NODENAME=${CALICO_NODENAME} \
  -e IP=${CALICO_IP} \
  -e IP6=${CALICO_IP6} \
@@ -39,9 +42,9 @@ ExecStart=/usr/bin/docker run --net=host --privileged \
  -v /run/docker/plugins:/run/docker/plugins \
  -v /lib/modules:/lib/modules \
  -v /etc/pki:/pki \
- {{registry}}%% component_image("cnx-node") %% /bin/calico-node -felix
+ {variables.registry}%% component_image("cnx-node") %% /bin/calico-node -felix
 
-ExecStop=-/usr/bin/docker stop {{noderunning}}
+ExecStop=-/usr/bin/docker stop {variables.noderunning}
 
 Restart=on-failure
 StartLimitBurst=3
@@ -55,10 +58,10 @@ Upon start, the systemd service:
 
 - Confirms Docker is installed under the `[Unit]` section
 - Gets environment variables from the environment file above
-- Removes existing `{{nodecontainer}}` container (if it exists)
-- Starts `{{nodecontainer}}`
+- Removes existing `{variables.nodecontainer}` container (if it exists)
+- Starts `{variables.nodecontainer}`
 
-The script also stops the `{{nodecontainer}}` container when the service is stopped.
+The script also stops the `{variables.nodecontainer}` container when the service is stopped.
 
 :::note
 

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 When a configured domain name has no wildcard (`*`), it matches exactly that domain name. For example:
 
 - `microsoft.com`

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 The eBPF dataplane mode has several advantages over standard Linux networking pipeline mode:
 
 - It scales to higher throughput.

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 An EndpointPort associates a name with a particular TCP/UDP/SCTP port of the endpoint, allowing it to
 be referenced as a named port in [policy rules](../../reference/resources/networkpolicy.mdx#entityrule).
 

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 import DomainNames from '@site/calico-cloud/_includes/content/_domain-names.mdx';
 
 Entity rules specify the attributes of the source or destination of a packet that must match for the rule as a whole
@@ -33,7 +36,7 @@ You cannot mix IPv4 and IPv6 CIDRs in a single rule using `nets` or `notNets`. I
 
 #### Selector performance in EntityRules
 
-When rendering policy into the dataplane, {{prodname}} must identify the endpoints that match the selectors
+When rendering policy into the dataplane, {variables.prodname} must identify the endpoints that match the selectors
 in all active rules.  This calculation is optimized for certain common selector types.
 Using the optimized selector types reduces CPU usage (and policy rendering time) by orders of magnitude.
 This becomes important at high scale (hundreds of active rules, hundreds of thousands of endpoints).
@@ -74,7 +77,7 @@ parent [Rule](#rule)'s `action` must be `Allow`, and `nets` and `selector` must
 
 :::note
 
-{{prodname}} implements policy for domain names by learning the
+{variables.prodname} implements policy for domain names by learning the
 corresponding IPs from DNS, then programming rules to allow those IPs. This means that
 if multiple domain names A, B and C all map to the same IP, and there is domain-based
 policy to allow A, traffic to B and C will be allowed as well.

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 | Field | Description         | Accepted Values      | Schema  | Default |
 | ----- | ------------------- | -------------------- | ------- | ------- |
 | type  | Match on ICMP type. | Can be integer 0-254 | integer |

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 IPNAT contains a single NAT mapping for a WorkloadEndpoint resource.
 
 | Field      | Description                                 | Accepted Values    | Schema | Default |

@@ -1,4 +1,7 @@
-**How long does it take to get a new {{prodname}} license?**  
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
+**How long does it take to get a new {variables.prodname} license?**  
  After you submit a sales purchase order to Tigera, 1-2 days.
 
 **Is there a grace period?**  
@@ -10,12 +13,12 @@ Yes. The license indicator in Manager UI (top right banner) turns red when the l
 ![expiration](/img/calico-cloud/expiration.png)
 
 **What happens when a license expires or is invalid?**  
- Users can log in to Manager UI with read/access for all previously-created resources, but they cannot create any new {{prodname}} resources. The Manager UI may appear to function, but actions will not be applied; so it is important to proactively managed your license.
+ Users can log in to Manager UI with read/access for all previously-created resources, but they cannot create any new {variables.prodname} resources. The Manager UI may appear to function, but actions will not be applied; so it is important to proactively managed your license.
 
 **What happens if I add nodes beyond what I'm licensed for?**
 
 - Node limits are not currently enforced
-- All {{prodname}} features still work
+- All {variables.prodname} features still work
 
 **How do I get information about my license? Monitor the expiration date?**
 

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 import NonClusterReadOnlyStep from '@site/calico-cloud/_includes/content/_non-cluster-read-only-step.mdx';
 
 import Tabs from '@theme/Tabs';
@@ -9,30 +12,30 @@ import TabItem from '@theme/TabItem';
 
 This step requires Docker, but it can be run from any machine with Docker installed. It doesn't have to be the host you will run it on (i.e your laptop is fine).
 
-1. Use the following command to download the {{nodecontainer}} image.
+1. Use the following command to download the {variables.nodecontainer} image.
 
-   ```bash
-   docker pull {{registry}}%% component_image("cnx-node") %%
-   ```
+   <CodeBlock language='bash'>
+   docker pull {variables.registry}%% component_image("cnx-node") %%
+   </CodeBlock>
 
 1. Confirm that the image has loaded by typing `docker images`.
 
    ```
    REPOSITORY       TAG           IMAGE ID       CREATED         SIZE
-   {{registry}}{{ releases.0.components.cnx-node.image }}      {{ releases.0.components.cnx-node.version }}        e07d59b0eb8a   2 minutes ago   42MB
+   {variables.registry}{variables.releases[0].components.cnx-node.image}      {variables.releases[0].components.cnx-node.version}        e07d59b0eb8a   2 minutes ago   42MB
    ```
 
-1. Create a temporary {{nodecontainer}} container.
+1. Create a temporary {variables.nodecontainer} container.
 
-   ```bash
-   docker create --name container {{registry}}%% component_image("cnx-node") %%
-   ```
+   <CodeBlock language='bash'>
+   docker create --name container {variables.registry}%% component_image("cnx-node") %%
+   </CodeBlock>
 
 1. Copy the calico-node binary from the container to the local file system.
 
-   ```bash
-   docker cp container:/bin/calico-node {{nodecontainer}}
-   ```
+   <CodeBlock language='bash'>
+   docker cp container:/bin/calico-node {variables.nodecontainer}
+   </CodeBlock>
 
 1. Delete the temporary container.
 
@@ -43,8 +46,8 @@ This step requires Docker, but it can be run from any machine with Docker instal
 1. Set the extracted binary file to be executable.
 
    ```bash
-   chmod +x {{nodecontainer}}
-   chown root:root {{nodecontainer}}
+   chmod +x {variables.nodecontainer}
+   chown root:root {variables.nodecontainer}
    ```
 
 ### Step 3: Copy the `calico-node` binary
@@ -53,7 +56,7 @@ Copy the binary from Step 2 to the target machine, using any means (`scp`, `ftp`
 
 ### Step 4: Create environment file
 
-<EnvironmentFile nodecontainer='{{nodecontainer}}' />
+<EnvironmentFile nodecontainer='{variables.nodecontainer}' />
 
 ### Step 5: Start Felix
 
@@ -77,7 +80,7 @@ After=syslog.target network.target
 User=root
 EnvironmentFile=/etc/calico/calico.env
 ExecStartPre=/usr/bin/mkdir -p /var/run/calico
-ExecStart=/usr/local/bin/{{nodecontainer}} -felix
+ExecStart=/usr/local/bin/{variables.nodecontainer} -felix
 KillMode=process
 Restart=on-failure
 LimitNOFILE=32000
@@ -107,7 +110,7 @@ pre-start script
    chown root:root /var/run/calico
 end script
 
-exec /usr/local/bin/{{nodecontainer}} -felix
+exec /usr/local/bin/{variables.nodecontainer} -felix
 ```
 
 **Start Felix**

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 import CreateKubeconfig from '@site/calico-cloud/_includes/content/_create-kubeconfig.mdx';
 
 ### Step 1: (Optional) Configure access for the non-cluster-host
@@ -9,7 +12,7 @@ To run Calico Node as a container, it will need a kubeconfig. You can skip this
 Run the following two commands to create a cluster role with read-only access and a corresponding cluster role binding.
 
 ```bash
-kubectl apply -f {{filesUrl_CE}}/manifests/non-cluster-host-clusterrole.yaml
+kubectl apply -f {variables.filesUrl_CE}/manifests/non-cluster-host-clusterrole.yaml
 kubectl create clusterrolebinding $SA_NAME --serviceaccount=calico-system:$SA_NAME --clusterrole=non-cluster-host-read-only
 ```
 

@@ -1,4 +1,7 @@
-{{prodname}} supports the following syntaxes for expressing ports.
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
+{variables.prodname} supports the following syntaxes for expressing ports.
 
 | Syntax    | Example    | Description                                                         |
 | --------- | ---------- | ------------------------------------------------------------------- |
@@ -25,7 +28,7 @@ port on port 80 and others on port 8080. In each workload, you could create a na
 
 :::note
 
-Since each named port may refer to many endpoints (and {{prodname}} has to expand a named port into
+Since each named port may refer to many endpoints (and {variables.prodname} has to expand a named port into
 a set of endpoint/port combinations), using a named port is considerably more expensive in terms
 of CPU than using a simple numeric port. We recommend that they are used sparingly, only where
 the extra indirection is required.

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 A single rule matches a set of packets and applies some action to them. When multiple rules are specified, they
 are executed in order.
 
@@ -24,7 +27,7 @@ profile; if there are no Profiles configured for the endpoint the default applie
 ### RuleMetadata
 
 Metadata associated with a specific rule (rather than the policy as a whole). The contents of the metadata does not affect how a rule is interpreted or enforced; it is
-simply a way to store additional information for use by operators or applications that interact with {{prodname}}.
+simply a way to store additional information for use by operators or applications that interact with {variables.prodname}.
 
 | Field       | Description                         | Schema                  | Default |
 | ----------- | ----------------------------------- | ----------------------- | ------- |
@@ -43,4 +46,4 @@ Annotations follow the
 [same rules as Kubernetes for valid syntax and character set](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set).
 
 On Linux with the iptables dataplane, rule annotations are rendered as comments in the form `-m comment --comment "<key>=<value>"` on the iptables rule(s) that correspond
-to the {{prodname}} rule.
+to the {variables.prodname} rule.
@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 Understanding scopes and the `all()` and `global()` operators: selectors have a scope of resources
 that they are matched against, which depends on the context in which they are used. For example:
 

@@ -1,6 +1,9 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 A label selector is an expression which either matches or does not match a resource based on its labels.
 
-{{prodname}} label selectors support a number of operators, which can be combined into larger expressions
+{variables.prodname} label selectors support a number of operators, which can be combined into larger expressions
 using the boolean operators and parentheses.
 
 | Expression                                              | Meaning                                                                                                                                                                                                      |

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 A ServiceAccountMatch matches service accounts in an EntityRule.
 
 | Field    | Description                     | Schema                |

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 A ServiceMatch matches a service in an EntityRule.
 
 | Field     | Description              | Schema |

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 _Dateline_
 
 ## Undefined feature X
@@ -0,0 +1,3 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 05 Mar 2020
 
 ### New eBPF dataplane technology preview

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 12 Mar 2020
 
 ### Bug fixes

@@ -1,3 +1,6 @@
+import variables from '@site/calico-cloud/variables';
+import CodeBlock from '@theme/CodeBlock';
+
 ### [WIP] Other changes
 
 - Fix incorrect check of CIDR block size in node startup script. [node #468](https://github.com/projectcalico/node/pull/468) (@tmjd)