From 8404266438206f199627f454f13d99807fb13131 Mon Sep 17 00:00:00 2001 From: Waleed Hammam Date: Tue, 10 Oct 2023 15:27:36 +0300 Subject: [PATCH 1/7] add cli user documentation --- .../install-enterprise-cli.mdx | 138 ++++++++++++++++++ website/sidebars.js | 1 + 2 files changed, 139 insertions(+) create mode 100644 website/docs/enterprise/getting-started/install-enterprise-cli.mdx diff --git a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx new file mode 100644 index 0000000000..f50bb6a78a --- /dev/null +++ b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx @@ -0,0 +1,138 @@ +--- +title: Install Weave GitOps Enterprise via CLI +hide_title: true +toc_max_heading_level: 4 +--- + +import TierLabel from "../../_components/TierLabel"; + +# Install Weave GitOps Enterprise via CLI + +## Prerequisites + +#### Git Repository + +To be used as the repository of the WeaveGitOps Enterprise repo. + +#### Flux Installed Locally (binary) + +To be used in reconciling sources, Kustomizations, HelmReleases + +#### Kubectl binary + +To be used in port-forwarding + +#### A Kubernetes Cluster + +To install weave gitops enterprise. We also require a kubeconfig with admin permissions to create resources. + +#### Entitlments File + +To get the entitlement secret please contact *sales@weave.works*, then apply it on your management cluster with the name `weave-gitops-enterprise-credentials` under `flux-system` namespace. + +#### Flux bootstrapped via SSH + +To boostrap Weave Gitops we require flux to be bootstrapped using the configuration repo specified earlier via SSH [here](https://fluxcd.io/flux/cmd/flux_bootstrap_git/) + +#### SSH private key for Git Repo + +Bootstrap command writes manifests to the git repo via ssh. + +#### [Phase 1] Flux on Management Cluster + +On the management cluster, Flux (>v1.x.x) needs to be installed on the management cluster. There are different ways to bootstrap flux on your Kubernetes clusters, please follow the instructions found on flux bootstrap documentation [here](https://fluxcd.io/flux/installation/bootstrap/) + +#### [Phase 2] Flux on Management Cluster (Optional) + +If your cluster doesn’t have flux installed on the management cluster, `gitops-ee bootstrap` offer a way to bootstrap flux using the git generic approach. If you need more tailored or advanced configurations for the installed flux binary installed on your cluster, please follow the instructions found on flux bootstrap documentation [here](https://fluxcd.io/flux/installation/bootstrap/). + +#### `gitops-ee` CLI v.?.? + +Weave GitOps Enterprise Bootstrap functionality is available on Weave GitOps Enterprise CLI starting from version x.x.x. Use the following command to install the latest `gitops-ee` CLI. +`brew install weaveworks/tap/gitops-ee` + +## Installing Weave GitOps Enterprise via CLI + +Please use the following command to start the installation wizard of Weave GitOps Enterprise. + +```bash +gitops-ee bootstrap +``` + +The bootstrap wizard will take you step-by-step into configuring Weave GitOps Enterprise. To understand more about the CLI configurations experience, check the below sections [here](#cli-configurations). + +## Understanding `gitops-ee bootstrap` + +### Overview + +`gitops-ee bootstrap` command is a wizard-like command line that helps you to install Weave GitOps Enterprise on their management cluster by guiding them step by step to configure it. + +The following are the steps the wizard will take you through it. + +1. [Verifying Entitlement](#verifying-entitlement): Verify entitlement secret content (username, password, entitlement) +2. [Verifying flux](#verifying-flux): Verify flux installation on management cluster +3. [Adding private key path and private key password](#adding-private-key-path-and-private-key-password): to push WGE resources to the cluster's repository +4. [Selecting WGE version](#selecting-wge-version): from the latest 3 available releases +5. [Create admin credentials](#create-admin-credentials): create admin secret with username and password to be able to access the dashboard +6. [Select the domain](#select-the-domain): choose between 2 methods to access the dashboard either locally or via external domain +7. [Configure OIDC](#configure-oidc): to enable login to dashboard via OIDC providers. +8. [Access the dashboard](#access-the-dashboard): via the link from the installation success message + +### Verifying Entitlement + +Weave GitOps Enterprise Entitlement is your obtained license to use our product. The entitlement file is a kubernetes secret that contains your licence. The bootstrap CLI will check if the entitlement manifest exists on the management cluster, and it will check if it has valid content and the entitlement is not expired. +To get the entitlement secret please contact *sales@weave.works*, then apply it on your management cluster with the name `weave-gitops-enterprise-credentials` under `flux-system` namespace. + +### Verifying flux + +Weave GitOps Enterprise runs on top of flux, the bootstrap CLI will check if flux is installed on the management cluster, and it will verify that it has the right version with valid git repository setup, and it is able to reconcile flux components properly. +If flux is installed, but doesn't have a valid installation, the bootstrap CLI will terminate pending the fix or uninstall of current flux installation. +If flux is not installed at all, the bootstrap CLI offers the option to bootstrap flux. + +### Adding private key path and private key password + +Private key will be used to push WGE resources to the cluster's git repository. +Priave key password is not optional if the private key is encrypted with it + +### Selecting WGE version + +The bootstrap CLI will prompt you to choose from the latest 3 versions of Weave GitOps Enterprise. + +### Create admin credentials + +Creates admin secret with username and password to be able to access the dashboard. If you already have previous admin credentials on your cluster, the installation will prompt you if you want to continue with the old credentials or exit and revoke them and re-run the installation. + +### Select the domain + +choose between 2 methods to access the dashboard either locally or via external domain +Localhost can be useful in air-gapped environments or testing on local-host +External Domain will provide you with a domain to access your dashboard UI. +It will need to be configured by your service provider for example in AWS you need to configure your route 53: https://aws.amazon.com/route53/ + +{/* TODO: @waleedhammam to add more information about external dns */} + +### Configure OIDC + +OIDC configuration will enable you to login with OIDC provider beside admin credentials. +Add your OIDC `DiscoveryUrl` this will verify that OIDC is accessible and get the issuerUrl from the OIDC settings. +Then add the `clientID` & `clientSecret` that you have configured on your OIDC static-clients. +Note: don't forget to add a new static-client on your OIDC provider settings with the redirectURI `your-domain/oauth2/callback` for example `http://localhost:3000/oauth2/callback` +Also you can configure the OIDC later by running the following command `bootstrap auth --type=oidc` + +### Access the dashboard + +Via the link from the installation success message + +## Appendix + +### CLI configurations + +- `--kube-config`: allows to choose the kubeconfig for your cluster, default would be ~/.kube/config +- `-d`, `--domain externaldns`: indicate the domain to use in case of using externaldns +- `-t`, `--domain-type`: dashboard domain type: could be 'localhost' or 'externaldns' +- `-h`, `--help`: help for bootstrap +- `-p`, `--password`: Dashboard admin password +- `-k`, `--private-key`: Private key path. This key will be used to push the Weave GitOps Enterprise's resources to the default cluster repository +- `-c`, `--private-key-password`: Private key password. If the private key is encrypted using password +- `-u`, `--username`: Dashboard admin username +- `-v`, `--version`: Weave GitOps Enterprise version to install diff --git a/website/sidebars.js b/website/sidebars.js index a2d50166dc..3b6e301392 100644 --- a/website/sidebars.js +++ b/website/sidebars.js @@ -41,6 +41,7 @@ }, items: [ 'enterprise/getting-started/install-enterprise', + 'enterprise/getting-started/install-enterprise-cli', 'enterprise/getting-started/install-enterprise-airgap', 'enterprise/getting-started/releases-enterprise', 'enterprise/getting-started/install-enterprise-azure', From c95e0d62d02d9f3ef0e30590104328c74a6a8c43 Mon Sep 17 00:00:00 2001 From: Waleed Hammam Date: Sun, 15 Oct 2023 15:00:30 +0300 Subject: [PATCH 2/7] add docs about external DNS --- .../install-enterprise-cli.mdx | 229 +++++++++++++++++- 1 file changed, 227 insertions(+), 2 deletions(-) diff --git a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx index f50bb6a78a..0bff987922 100644 --- a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx +++ b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx @@ -107,9 +107,234 @@ Creates admin secret with username and password to be able to access the dashboa choose between 2 methods to access the dashboard either locally or via external domain Localhost can be useful in air-gapped environments or testing on local-host External Domain will provide you with a domain to access your dashboard UI. -It will need to be configured by your service provider for example in AWS you need to configure your route 53: https://aws.amazon.com/route53/ -{/* TODO: @waleedhammam to add more information about external dns */} +#### External DNS + +[External DNS](https://github.com/kubernetes-sigs/external-dns) for Kubernetes is a tool that automates the management of external DNS records. +It allows Kubernetes services to be exposed to the internet with a DNS entry that corresponds to the service's name. + +There are several implementations of External DNS available with specific DNS providers (e.g., AWS Route 53, Google Cloud DNS, Azure DNS, etc.). + +Some popular implementations include: +- kube-dns: Integrates with CoreDNS and is a common choice for Kubernetes clusters. +- AWS Route 53 External DNS: Specifically for AWS Route 53. +- GCP External DNS: For Google Cloud DNS. +- Azure External DNS: For Azure DNS. + +Learn how to deploy External DNS into your cluster [here](https://github.com/kubernetes-sigs/external-dns?tab=readme-ov-file#deploying-to-a-cluster) + +[Full tutorial to use External DNS with AWS Route 53](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.5/guide/integrations/external_dns/) + +After configuring your provider to use ExternalDNS, The following example is a follow-up on the previous tutorial is the manifests that need to be deployed to the cluster with the following structure: + +
Expand to see the files structure + +```bash +. +├── cluster-role-binding.yaml +├── cluster-role.yaml +├── deployment.yaml +├── kustomization.yaml +├── ingress-nginx.yaml +└── namespace.yaml +``` + +
+ +1- Kustomization file + +
Expand to see example Kustomization file content + +```yaml +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- namespace.yaml +- deployment.yaml +- cluster-role.yaml +- cluster-role-binding.yaml +- ingress-nginx.yaml +``` +
+ +2- Namespace: `external-dns` + +
Expand to see example `namespace.yaml` file content + +```yaml +apiVersion: v1 +kind: Namespace +metadata: + name: external-dns +``` +
+ +3- ClusterRole + +
Expand to see example `cluster-role.yaml` file content + +```yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: external-dns + labels: + app.kubernetes.io/name: external-dns +rules: + - apiGroups: [""] + resources: ["services","endpoints","pods","nodes"] + verbs: ["get","watch","list"] + - apiGroups: ["extensions","networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get","watch","list"] +``` + +
+ +4- ClusterRoleBinding + +
Expand to see example `cluster-role-binding.yaml` file content + +```yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: external-dns-viewer + labels: + app.kubernetes.io/name: external-dns +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: external-dns +subjects: + - kind: ServiceAccount + name: external-dns + namespace: external-dns +``` + +
+ +5- External DNS Deployment + +
Expand to see example `deployment.yaml` file content + +```yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: external-dns + namespace: external-dns + labels: + app.kubernetes.io/name: external-dns +spec: + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/name: external-dns + template: + metadata: + labels: + app.kubernetes.io/name: external-dns + spec: + serviceAccountName: external-dns + containers: + - name: external-dns + image: k8s.gcr.io/external-dns/external-dns:v0.11.0 + args: + - --source=service + - --source=ingress + - --domain-filter= # will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones. example (mydomain.com) + - --provider=aws + - --policy=sync # would allow ExternalDNS to delete records, use upsert-only to prevent ExternalDNS from deleting any records + - --aws-zone-type=public # only look at public hosted zones (valid values are public, private or no value for both) + - --registry=txt + - --txt-owner-id=cluster-${CLUSTER_NAME} + env: + - name: AWS_DEFAULT_REGION + value: # select the default aws-region (example: eu-north-1) +``` + +
+ +6- Ingress-nginx + +
Expand to see example `ingress-nginx.yaml` file content + +```yaml +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: ingress-nginx + namespace: flux-system +spec: + interval: 1m0s + timeout: 1m0s + url: "https://kubernetes.github.io/ingress-nginx" +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + labels: + weave.works/applied-layer: layer-1 + name: ingress-nginx + namespace: flux-system +spec: + chart: + spec: + chart: ingress-nginx + sourceRef: + apiVersion: source.toolkit.fluxcd.io/v1beta2 + kind: HelmRepository + name: ingress-nginx + namespace: flux-system + version: 4.2.5 + install: + crds: CreateReplace + createNamespace: true + interval: 1m0s + targetNamespace: flux-system + upgrade: + crds: CreateReplace + values: + controller: + ingressClassResource: + enabled: true + name: public-nginx + default: false + controllerValue: "k8s.io/public-ingress-nginx" + ingressClass: public-nginx + service: + annotations: + service.beta.kubernetes.io/aws-load-balancer-ssl-cert: ${SSL_CERTIFICATE_ARN} + service.beta.kubernetes.io/aws-load-balancer-type: nlb + service.beta.kubernetes.io/aws-load-balancer-internal: "false" + targetPorts: + http: http + https: http +``` + +
+ +The corresponding Ingress configurations in WGE helmrelease that will be generated is like the following: + +
Expand to see ingress configurations + +```yaml +ingress: + annotations: + external-dns.alpha.kubernetes.io/hostname: mydomain.com + className: public-nginx + enabled: true + hosts: + - host: mydomain.com + paths: + - path: / + pathType: ImplementationSpecific +``` + +
+ ### Configure OIDC From 399509e7f13b5efc3614896f936e55d5d8489cdd Mon Sep 17 00:00:00 2001 From: Mostafa Megahid Date: Thu, 19 Oct 2023 19:52:12 +0300 Subject: [PATCH 3/7] rephrase parts of the CLI documentation --- .../install-enterprise-cli.mdx | 142 ++++++++---------- 1 file changed, 66 insertions(+), 76 deletions(-) diff --git a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx index 0bff987922..060f3760a1 100644 --- a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx +++ b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx @@ -8,51 +8,35 @@ import TierLabel from "../../_components/TierLabel"; # Install Weave GitOps Enterprise via CLI -## Prerequisites - -#### Git Repository - -To be used as the repository of the WeaveGitOps Enterprise repo. - -#### Flux Installed Locally (binary) +Weave GitOps Enterprise provides a streamlined method for its installation, employing the `gitops-ee bootstrap` command. This command acts as a wizard-like interface, simplifying the installation process by guiding users through each step of the configuration. For those seeking advanced customization, the flexibility to fine-tune the Weave GitOps Enterprise Helm release directly is also available. -To be used in reconciling sources, Kustomizations, HelmReleases - -#### Kubectl binary - -To be used in port-forwarding - -#### A Kubernetes Cluster +## Prerequisites -To install weave gitops enterprise. We also require a kubeconfig with admin permissions to create resources. +Before you start with the installation process, please make sure the following pre-requisites are there and available. -#### Entitlments File +* Management Cluster, a kubernetes cluster with a kubeconfig that has admin permissions to be able to create resources. +* Git Repository to be used as the repository of the WeaveGitOps Enterprise repo. At this point, we require that you have ssh access to your git repository. +* Flux binary to be installed locally to be used in reconciling sources, Kustomizations, HelmReleases +* Flux installed on the Management cluster using `flux bootstrap`. +:::info +Please follow flux guide here: [https://fluxcd.io/flux/installation/bootstrap/](https://fluxcd.io/flux/installation/bootstrap/) +::: +* Entitlment installed in the management cluster. +:::info To get the entitlement secret please contact *sales@weave.works*, then apply it on your management cluster with the name `weave-gitops-enterprise-credentials` under `flux-system` namespace. +::: -#### Flux bootstrapped via SSH - -To boostrap Weave Gitops we require flux to be bootstrapped using the configuration repo specified earlier via SSH [here](https://fluxcd.io/flux/cmd/flux_bootstrap_git/) - -#### SSH private key for Git Repo - -Bootstrap command writes manifests to the git repo via ssh. - -#### [Phase 1] Flux on Management Cluster - -On the management cluster, Flux (>v1.x.x) needs to be installed on the management cluster. There are different ways to bootstrap flux on your Kubernetes clusters, please follow the instructions found on flux bootstrap documentation [here](https://fluxcd.io/flux/installation/bootstrap/) - -#### [Phase 2] Flux on Management Cluster (Optional) - -If your cluster doesn’t have flux installed on the management cluster, `gitops-ee bootstrap` offer a way to bootstrap flux using the git generic approach. If you need more tailored or advanced configurations for the installed flux binary installed on your cluster, please follow the instructions found on flux bootstrap documentation [here](https://fluxcd.io/flux/installation/bootstrap/). - -#### `gitops-ee` CLI v.?.? +## Getting Started -Weave GitOps Enterprise Bootstrap functionality is available on Weave GitOps Enterprise CLI starting from version x.x.x. Use the following command to install the latest `gitops-ee` CLI. -`brew install weaveworks/tap/gitops-ee` +#### Install `gitops-ee` CLI (> v0.35) -## Installing Weave GitOps Enterprise via CLI +Weave GitOps Enterprise Bootstrap functionality is available on Weave GitOps Enterprise CLI starting from version x.x.x. If you haven't already, please install the latest `gitops-ee` CLI using this command. +```bash +brew install weaveworks/tap/gitops-ee +``` +#### Bootstrap Weave GitOps Enterprise Please use the following command to start the installation wizard of Weave GitOps Enterprise. ```bash @@ -71,12 +55,11 @@ The following are the steps the wizard will take you through it. 1. [Verifying Entitlement](#verifying-entitlement): Verify entitlement secret content (username, password, entitlement) 2. [Verifying flux](#verifying-flux): Verify flux installation on management cluster -3. [Adding private key path and private key password](#adding-private-key-path-and-private-key-password): to push WGE resources to the cluster's repository 4. [Selecting WGE version](#selecting-wge-version): from the latest 3 available releases 5. [Create admin credentials](#create-admin-credentials): create admin secret with username and password to be able to access the dashboard 6. [Select the domain](#select-the-domain): choose between 2 methods to access the dashboard either locally or via external domain -7. [Configure OIDC](#configure-oidc): to enable login to dashboard via OIDC providers. -8. [Access the dashboard](#access-the-dashboard): via the link from the installation success message +7. [Access the dashboard](#access-the-dashboard): via the link from the installation success message +8. (Optional) [Configure OIDC](#configure-oidc): to enable login to dashboard via OIDC providers. ### Verifying Entitlement @@ -89,24 +72,58 @@ Weave GitOps Enterprise runs on top of flux, the bootstrap CLI will check if flu If flux is installed, but doesn't have a valid installation, the bootstrap CLI will terminate pending the fix or uninstall of current flux installation. If flux is not installed at all, the bootstrap CLI offers the option to bootstrap flux. -### Adding private key path and private key password - -Private key will be used to push WGE resources to the cluster's git repository. -Priave key password is not optional if the private key is encrypted with it +### Providing GitRepository Authentication +In order for `gitops-ee bootstrap` to push WGE resources to the management cluster's git repository, you will be prompted to provide the private key used to access your repo via ssh. If the private key is encrypted, you will also be asked to provide the private key password. +:::info +Disclaimer: The bootstrap CLI will ONLY use the private key to push WGE resources to your repo, and won't use it in any other way that can comprimise your repo or clusters security. +::: ### Selecting WGE version - The bootstrap CLI will prompt you to choose from the latest 3 versions of Weave GitOps Enterprise. ### Create admin credentials - -Creates admin secret with username and password to be able to access the dashboard. If you already have previous admin credentials on your cluster, the installation will prompt you if you want to continue with the old credentials or exit and revoke them and re-run the installation. +You will be prompt to provide admin username and password, which will be used to access the dashboard. This will create admin secret with the credentials. If you already have previous admin credentials on your cluster, the installation will prompt you if you want to continue with the old credentials or exit and revoke them and re-run the installation. ### Select the domain +To access Weave GitOps Enterprise dashboard, you have one of 2 options: +##### via localhost +This requires no pre-requisites and more suitable for testing on your local or development environment, or air-gapped environments. + + +##### via External Domain +This is more suitable for production environments where multiple users are going to access the dashboard. However, this will require extrnal dns to be set up and configured for the domain to be accessible. +:::tip +While there are multiple ways to setup and configure external dns. You can find a full example on how to setup it for multiple cloud providers [here](#external-dns) +::: + +### Access the dashboard +After installation is successful. The CLI will print out the URL where you can access the dashboard. + +### (Optional) Configure OIDC +OIDC configuration will enable you to login with OIDC provider beside, or instead of the admin credentials. Afte the installation is complete, you will be prompt if you want to configure OIDC access. If you don't want to set it up right away, you can do it later by running `gitops-ee bootstrap auth --type=oidc` command. + +To configure OIDC access, you will be asked to provide the following values: +`DiscoveryUrl` this will verify that OIDC is accessible and get the issuerUrl from the OIDC settings. +`clientID` & `clientSecret` that you have configured on your OIDC static-clients. + +:::note +Please don't forget to add a new static-client on your OIDC provider settings with the redirectURI `your-domain/oauth2/callback` for example `http://localhost:3000/oauth2/callback` +::: + +## Appendix + +### CLI configurations + +- `--kube-config`: allows to choose the kubeconfig for your cluster, default would be ~/.kube/config +- `-d`, `--domain externaldns`: indicate the domain to use in case of using externaldns +- `-t`, `--domain-type`: dashboard domain type: could be 'localhost' or 'externaldns' +- `-h`, `--help`: help for bootstrap +- `-p`, `--password`: Dashboard admin password +- `-k`, `--private-key`: Private key path. This key will be used to push the Weave GitOps Enterprise's resources to the default cluster repository +- `-c`, `--private-key-password`: Private key password. If the private key is encrypted using password +- `-u`, `--username`: Dashboard admin username +- `-v`, `--version`: Weave GitOps Enterprise version to install -choose between 2 methods to access the dashboard either locally or via external domain -Localhost can be useful in air-gapped environments or testing on local-host -External Domain will provide you with a domain to access your dashboard UI. #### External DNS @@ -334,30 +351,3 @@ ingress: ``` - - -### Configure OIDC - -OIDC configuration will enable you to login with OIDC provider beside admin credentials. -Add your OIDC `DiscoveryUrl` this will verify that OIDC is accessible and get the issuerUrl from the OIDC settings. -Then add the `clientID` & `clientSecret` that you have configured on your OIDC static-clients. -Note: don't forget to add a new static-client on your OIDC provider settings with the redirectURI `your-domain/oauth2/callback` for example `http://localhost:3000/oauth2/callback` -Also you can configure the OIDC later by running the following command `bootstrap auth --type=oidc` - -### Access the dashboard - -Via the link from the installation success message - -## Appendix - -### CLI configurations - -- `--kube-config`: allows to choose the kubeconfig for your cluster, default would be ~/.kube/config -- `-d`, `--domain externaldns`: indicate the domain to use in case of using externaldns -- `-t`, `--domain-type`: dashboard domain type: could be 'localhost' or 'externaldns' -- `-h`, `--help`: help for bootstrap -- `-p`, `--password`: Dashboard admin password -- `-k`, `--private-key`: Private key path. This key will be used to push the Weave GitOps Enterprise's resources to the default cluster repository -- `-c`, `--private-key-password`: Private key password. If the private key is encrypted using password -- `-u`, `--username`: Dashboard admin username -- `-v`, `--version`: Weave GitOps Enterprise version to install From 41779bb4767e04f6d3d8b9bd5636df680483f1bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eneko=20Fern=C3=A1ndez?= <12957664+enekofb@users.noreply.github.com> Date: Thu, 2 Nov 2023 15:58:41 +0000 Subject: [PATCH 4/7] Add cli docs eneko (#4115) * reviewed heading and pre-requirements * added initial review * refactoring dashboard access * ready for a second review * added externalDNS link --- .../install-enterprise-cli.mdx | 364 +++++------------- 1 file changed, 86 insertions(+), 278 deletions(-) diff --git a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx index 060f3760a1..2462527f22 100644 --- a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx +++ b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx @@ -5,101 +5,139 @@ toc_max_heading_level: 4 --- import TierLabel from "../../_components/TierLabel"; +import AlphaWarning from "../../_components/_alpha_warning.mdx"; +import Tabs from "@theme/Tabs"; +import TabItem from "@theme/TabItem"; + # Install Weave GitOps Enterprise via CLI -Weave GitOps Enterprise provides a streamlined method for its installation, employing the `gitops-ee bootstrap` command. This command acts as a wizard-like interface, simplifying the installation process by guiding users through each step of the configuration. For those seeking advanced customization, the flexibility to fine-tune the Weave GitOps Enterprise Helm release directly is also available. + -## Prerequisites +You could install Weave GitOps Enterprise `gitops-ee bootstrap` which streamlines the installation process. It has two main modes: -Before you start with the installation process, please make sure the following pre-requisites are there and available. +1. `Interactive` or Wizard mode for guiding you step-by-step through the process until Weave GitOps Enterprise is up and running. Ideal for your first installation. +2. `Non-interactive` or automated mode where the process will be executed via configuration. Ideal for your automated workflows. -* Management Cluster, a kubernetes cluster with a kubeconfig that has admin permissions to be able to create resources. -* Git Repository to be used as the repository of the WeaveGitOps Enterprise repo. At this point, we require that you have ssh access to your git repository. -* Flux binary to be installed locally to be used in reconciling sources, Kustomizations, HelmReleases -* Flux installed on the Management cluster using `flux bootstrap`. -:::info -Please follow flux guide here: [https://fluxcd.io/flux/installation/bootstrap/](https://fluxcd.io/flux/installation/bootstrap/) -::: +For those seeking advanced customization, the flexibility to fine-tune [Weave GitOps Enterprise manual install](../install-enterprise) is also available. -* Entitlment installed in the management cluster. -:::info -To get the entitlement secret please contact *sales@weave.works*, then apply it on your management cluster with the name `weave-gitops-enterprise-credentials` under `flux-system` namespace. -::: +## Prerequisites + +Before you start make sure the following requirements are met: + +- [ ] **Management Cluster**: a Kubernetes cluster with a Kubeconfig that has Admin permissions to be able to create resources. +- [ ] **Git Repository with SSH access**: this is the configuration repo that WeaveGitOps will use to sync configuration manifests from. +- [ ] **Flux CLI**: is [installed](https://fluxcd.io/flux/installation/#install-the-flux-cli) locally. It will be used for reconciling Flux resources. +- [ ] **Flux Bootstrapped** in your Management cluster via ssh. See [Flux Bootstrap](https://fluxcd.io/flux/installation/bootstrap/generic-git-server/) for more info. +- [ ] **Weave GitOps Enterprise Entitlements** are installed in the management cluster. Contact [Sales](../help-and-support/) for help on getting them. ## Getting Started #### Install `gitops-ee` CLI (> v0.35) -Weave GitOps Enterprise Bootstrap functionality is available on Weave GitOps Enterprise CLI starting from version x.x.x. If you haven't already, please install the latest `gitops-ee` CLI using this command. +Weave GitOps Enterprise Bootstrap functionality is available on Weave GitOps Enterprise CLI starting from version v0.35. If you haven't already, please install the latest `gitops-ee` CLI using this command. + ```bash brew install weaveworks/tap/gitops-ee ``` #### Bootstrap Weave GitOps Enterprise + Please use the following command to start the installation wizard of Weave GitOps Enterprise. -```bash -gitops-ee bootstrap -``` + + + + + + ```bash + + gitops-ee bootstrap -The bootstrap wizard will take you step-by-step into configuring Weave GitOps Enterprise. To understand more about the CLI configurations experience, check the below sections [here](#cli-configurations). + ``` -## Understanding `gitops-ee bootstrap` -### Overview + The bootstrap wizard will take you step-by-step into configuring Weave GitOps Enterprise. To understand more about the CLI configurations experience, check the below sections [here](#cli-configurations). -`gitops-ee bootstrap` command is a wizard-like command line that helps you to install Weave GitOps Enterprise on their management cluster by guiding them step by step to configure it. + -The following are the steps the wizard will take you through it. + -1. [Verifying Entitlement](#verifying-entitlement): Verify entitlement secret content (username, password, entitlement) -2. [Verifying flux](#verifying-flux): Verify flux installation on management cluster -4. [Selecting WGE version](#selecting-wge-version): from the latest 3 available releases -5. [Create admin credentials](#create-admin-credentials): create admin secret with username and password to be able to access the dashboard -6. [Select the domain](#select-the-domain): choose between 2 methods to access the dashboard either locally or via external domain -7. [Access the dashboard](#access-the-dashboard): via the link from the installation success message + You could run the bootstrap command in non-interactive mode by providing the required configurations as flags. The following gives you an example to get started that you could adapt to your own context + + ```bash + gitops-ee bootstrap \ + --kubeconfig="~/.kube/config" \ # (optional) Management cluster configuration. If not set default kubeconfig resolution is used. + --private-key="~/.ssh/id_rsa" --private-key-password="" \ # Git repository SSH configuration + --version="0.33.0" \ # version to install + --domain-type="localhost" \ # how to expose the dashboard + --username=wego-admin --password=admin123 \ # emergency user configuration + --discovery-url="" --client-id="weave-gitops-enterprise" --client-secret="changeme" \ # (optional) OIDC configuration + ``` + For more information about the CLI configurations, check the below sections [here](#cli-configurations) + + + + + + +## Appendix + +### Appendix I: Understanding `gitops-ee bootstrap` + +`gitops-ee bootstrap` is a workflow that will take you through the following stages: + +1. [Verify Flux](#verifying-flux): verify Flux installation on the Management cluster. +2. [Verify Entitlement](#verifying-entitlement): verify the Entitlements secret content (username, password, entitlement). +3. [Configure Git Access](#configure-git-access): configure the access to your configuration repo. +4. [Select WGE version](#selecting-wge-version): from the latest 3 available releases. +5. [Create Cluster User](#create-cluster-user): create a Secret with the username and password for the emergency cluster user. +6. [Configure Dashboard Access](#configure-dashboard-access): choose between 2 methods to access the dashboard either local or external. +7. [Access the dashboard](#access-the-dashboard): via the link from the installation success message. 8. (Optional) [Configure OIDC](#configure-oidc): to enable login to dashboard via OIDC providers. -### Verifying Entitlement +#### Verify Entitlement -Weave GitOps Enterprise Entitlement is your obtained license to use our product. The entitlement file is a kubernetes secret that contains your licence. The bootstrap CLI will check if the entitlement manifest exists on the management cluster, and it will check if it has valid content and the entitlement is not expired. +Weave GitOps Enterprise Entitlement is your obtained license to use our product. The Entitlements file is a Kubernetes secret that contains your licence. +`Bootstrapping` checks that the secret exists on the management cluster, and that it is valid will check if it has valid content and the entitlement is not expired. To get the entitlement secret please contact *sales@weave.works*, then apply it on your management cluster with the name `weave-gitops-enterprise-credentials` under `flux-system` namespace. -### Verifying flux +#### Verify Flux Weave GitOps Enterprise runs on top of flux, the bootstrap CLI will check if flux is installed on the management cluster, and it will verify that it has the right version with valid git repository setup, and it is able to reconcile flux components properly. If flux is installed, but doesn't have a valid installation, the bootstrap CLI will terminate pending the fix or uninstall of current flux installation. If flux is not installed at all, the bootstrap CLI offers the option to bootstrap flux. -### Providing GitRepository Authentication +#### Configure Git Access + In order for `gitops-ee bootstrap` to push WGE resources to the management cluster's git repository, you will be prompted to provide the private key used to access your repo via ssh. If the private key is encrypted, you will also be asked to provide the private key password. :::info Disclaimer: The bootstrap CLI will ONLY use the private key to push WGE resources to your repo, and won't use it in any other way that can comprimise your repo or clusters security. ::: -### Selecting WGE version +#### Select WGE version + The bootstrap CLI will prompt you to choose from the latest 3 versions of Weave GitOps Enterprise. -### Create admin credentials +#### Create Cluster User + You will be prompt to provide admin username and password, which will be used to access the dashboard. This will create admin secret with the credentials. If you already have previous admin credentials on your cluster, the installation will prompt you if you want to continue with the old credentials or exit and revoke them and re-run the installation. -### Select the domain -To access Weave GitOps Enterprise dashboard, you have one of 2 options: -##### via localhost -This requires no pre-requisites and more suitable for testing on your local or development environment, or air-gapped environments. +#### Configure Dashboard Access +To access Weave GitOps Enterprise dashboard, you have the two following options available: +1. **Service**: this option is called `localhost` in the cli and the dashboard will be available through a [ClusterIP Service](https://kubernetes.io/docs/concepts/services-networking/service/#type-clusterip). +2. **Ingress**: this option is called `externaldns` the dashboard will be available through an [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) with the following considerations: + - An Ingress controller needs to exist. + - A host-based ingress will be created of the ingress class `public-nginx`. + - An [ExternalDNS](https://github.com/kubernetes-sigs/external-dns) annotation will be added with the value of the provided domain. -##### via External Domain -This is more suitable for production environments where multiple users are going to access the dashboard. However, this will require extrnal dns to be set up and configured for the domain to be accessible. -:::tip -While there are multiple ways to setup and configure external dns. You can find a full example on how to setup it for multiple cloud providers [here](#external-dns) -::: +#### Access the dashboard -### Access the dashboard After installation is successful. The CLI will print out the URL where you can access the dashboard. -### (Optional) Configure OIDC +#### (Optional) Configure OIDC + OIDC configuration will enable you to login with OIDC provider beside, or instead of the admin credentials. Afte the installation is complete, you will be prompt if you want to configure OIDC access. If you don't want to set it up right away, you can do it later by running `gitops-ee bootstrap auth --type=oidc` command. To configure OIDC access, you will be asked to provide the following values: @@ -110,11 +148,9 @@ To configure OIDC access, you will be asked to provide the following values: Please don't forget to add a new static-client on your OIDC provider settings with the redirectURI `your-domain/oauth2/callback` for example `http://localhost:3000/oauth2/callback` ::: -## Appendix - -### CLI configurations +### Appendix II: CLI configurations -- `--kube-config`: allows to choose the kubeconfig for your cluster, default would be ~/.kube/config +- `--kube-config`: allows to choose the Kubeconfig for your cluster, default would be ~/.kube/config - `-d`, `--domain externaldns`: indicate the domain to use in case of using externaldns - `-t`, `--domain-type`: dashboard domain type: could be 'localhost' or 'externaldns' - `-h`, `--help`: help for bootstrap @@ -123,231 +159,3 @@ Please don't forget to add a new static-client on your OIDC provider settings wi - `-c`, `--private-key-password`: Private key password. If the private key is encrypted using password - `-u`, `--username`: Dashboard admin username - `-v`, `--version`: Weave GitOps Enterprise version to install - - -#### External DNS - -[External DNS](https://github.com/kubernetes-sigs/external-dns) for Kubernetes is a tool that automates the management of external DNS records. -It allows Kubernetes services to be exposed to the internet with a DNS entry that corresponds to the service's name. - -There are several implementations of External DNS available with specific DNS providers (e.g., AWS Route 53, Google Cloud DNS, Azure DNS, etc.). - -Some popular implementations include: -- kube-dns: Integrates with CoreDNS and is a common choice for Kubernetes clusters. -- AWS Route 53 External DNS: Specifically for AWS Route 53. -- GCP External DNS: For Google Cloud DNS. -- Azure External DNS: For Azure DNS. - -Learn how to deploy External DNS into your cluster [here](https://github.com/kubernetes-sigs/external-dns?tab=readme-ov-file#deploying-to-a-cluster) - -[Full tutorial to use External DNS with AWS Route 53](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.5/guide/integrations/external_dns/) - -After configuring your provider to use ExternalDNS, The following example is a follow-up on the previous tutorial is the manifests that need to be deployed to the cluster with the following structure: - -
Expand to see the files structure - -```bash -. -├── cluster-role-binding.yaml -├── cluster-role.yaml -├── deployment.yaml -├── kustomization.yaml -├── ingress-nginx.yaml -└── namespace.yaml -``` - -
- -1- Kustomization file - -
Expand to see example Kustomization file content - -```yaml -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- namespace.yaml -- deployment.yaml -- cluster-role.yaml -- cluster-role-binding.yaml -- ingress-nginx.yaml -``` -
- -2- Namespace: `external-dns` - -
Expand to see example `namespace.yaml` file content - -```yaml -apiVersion: v1 -kind: Namespace -metadata: - name: external-dns -``` -
- -3- ClusterRole - -
Expand to see example `cluster-role.yaml` file content - -```yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: external-dns - labels: - app.kubernetes.io/name: external-dns -rules: - - apiGroups: [""] - resources: ["services","endpoints","pods","nodes"] - verbs: ["get","watch","list"] - - apiGroups: ["extensions","networking.k8s.io"] - resources: ["ingresses"] - verbs: ["get","watch","list"] -``` - -
- -4- ClusterRoleBinding - -
Expand to see example `cluster-role-binding.yaml` file content - -```yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: external-dns-viewer - labels: - app.kubernetes.io/name: external-dns -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: external-dns -subjects: - - kind: ServiceAccount - name: external-dns - namespace: external-dns -``` - -
- -5- External DNS Deployment - -
Expand to see example `deployment.yaml` file content - -```yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: external-dns - namespace: external-dns - labels: - app.kubernetes.io/name: external-dns -spec: - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/name: external-dns - template: - metadata: - labels: - app.kubernetes.io/name: external-dns - spec: - serviceAccountName: external-dns - containers: - - name: external-dns - image: k8s.gcr.io/external-dns/external-dns:v0.11.0 - args: - - --source=service - - --source=ingress - - --domain-filter= # will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones. example (mydomain.com) - - --provider=aws - - --policy=sync # would allow ExternalDNS to delete records, use upsert-only to prevent ExternalDNS from deleting any records - - --aws-zone-type=public # only look at public hosted zones (valid values are public, private or no value for both) - - --registry=txt - - --txt-owner-id=cluster-${CLUSTER_NAME} - env: - - name: AWS_DEFAULT_REGION - value: # select the default aws-region (example: eu-north-1) -``` - -
- -6- Ingress-nginx - -
Expand to see example `ingress-nginx.yaml` file content - -```yaml -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: ingress-nginx - namespace: flux-system -spec: - interval: 1m0s - timeout: 1m0s - url: "https://kubernetes.github.io/ingress-nginx" ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - labels: - weave.works/applied-layer: layer-1 - name: ingress-nginx - namespace: flux-system -spec: - chart: - spec: - chart: ingress-nginx - sourceRef: - apiVersion: source.toolkit.fluxcd.io/v1beta2 - kind: HelmRepository - name: ingress-nginx - namespace: flux-system - version: 4.2.5 - install: - crds: CreateReplace - createNamespace: true - interval: 1m0s - targetNamespace: flux-system - upgrade: - crds: CreateReplace - values: - controller: - ingressClassResource: - enabled: true - name: public-nginx - default: false - controllerValue: "k8s.io/public-ingress-nginx" - ingressClass: public-nginx - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-ssl-cert: ${SSL_CERTIFICATE_ARN} - service.beta.kubernetes.io/aws-load-balancer-type: nlb - service.beta.kubernetes.io/aws-load-balancer-internal: "false" - targetPorts: - http: http - https: http -``` - -
- -The corresponding Ingress configurations in WGE helmrelease that will be generated is like the following: - -
Expand to see ingress configurations - -```yaml -ingress: - annotations: - external-dns.alpha.kubernetes.io/hostname: mydomain.com - className: public-nginx - enabled: true - hosts: - - host: mydomain.com - paths: - - path: / - pathType: ImplementationSpecific -``` - -
From a86e9468ef2d18971821c8aef931a9791673df87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eneko=20Fern=C3=A1ndez?= <12957664+enekofb@users.noreply.github.com> Date: Mon, 6 Nov 2023 08:36:30 +0000 Subject: [PATCH 5/7] Add cli docs eneko2 (#4121) * added persona and outcome * might be redundant * basic setup * basic setup * small fix for link --- .../install-enterprise-cli.mdx | 47 +++++++++---------- 1 file changed, 22 insertions(+), 25 deletions(-) diff --git a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx index 2462527f22..31747bb3f6 100644 --- a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx +++ b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx @@ -14,14 +14,21 @@ import TabItem from "@theme/TabItem"; -You could install Weave GitOps Enterprise `gitops-ee bootstrap` which streamlines the installation process. It has two main modes: +You could install Weave GitOps Enterprise via `gitops-ee bootstrap` CLI command which is suitable for two main scenarios: -1. `Interactive` or Wizard mode for guiding you step-by-step through the process until Weave GitOps Enterprise is up and running. Ideal for your first installation. -2. `Non-interactive` or automated mode where the process will be executed via configuration. Ideal for your automated workflows. +1. **Day 0**: you want to get started quickly for discovery with the less knowledge possible. +2. **Day 1**: you have done discovery and want to set it up in your organisation. -For those seeking advanced customization, the flexibility to fine-tune [Weave GitOps Enterprise manual install](../install-enterprise) is also available. +Each scenario is supported by an operation modes: -## Prerequisites +1. **Interactive:** guides you step-by-step through the process until Weave GitOps Enterprise is up and running. +2. **Non-interactive:** for your automated workflows where you are already familiar with install process and have the configuration. + +For those seeking other scenarios or fine-grain customisation [Weave GitOps Enterprise manual install](../install-enterprise) would be the recommended. + +## Getting Started + +### Prerequisites Before you start make sure the following requirements are met: @@ -29,9 +36,7 @@ Before you start make sure the following requirements are met: - [ ] **Git Repository with SSH access**: this is the configuration repo that WeaveGitOps will use to sync configuration manifests from. - [ ] **Flux CLI**: is [installed](https://fluxcd.io/flux/installation/#install-the-flux-cli) locally. It will be used for reconciling Flux resources. - [ ] **Flux Bootstrapped** in your Management cluster via ssh. See [Flux Bootstrap](https://fluxcd.io/flux/installation/bootstrap/generic-git-server/) for more info. -- [ ] **Weave GitOps Enterprise Entitlements** are installed in the management cluster. Contact [Sales](../help-and-support/) for help on getting them. - -## Getting Started +- [ ] **Weave GitOps Enterprise Entitlements** are installed in the management cluster. Contact [Sales](../../../../help-and-support/) for help on getting them. #### Install `gitops-ee` CLI (> v0.35) @@ -46,44 +51,36 @@ brew install weaveworks/tap/gitops-ee Please use the following command to start the installation wizard of Weave GitOps Enterprise. - - ```bash - - gitops-ee bootstrap - + gitops bootstrap ``` - The bootstrap wizard will take you step-by-step into configuring Weave GitOps Enterprise. To understand more about the CLI configurations experience, check the below sections [here](#cli-configurations). - You could run the bootstrap command in non-interactive mode by providing the required configurations as flags. The following gives you an example to get started that you could adapt to your own context ```bash - gitops-ee bootstrap \ - --kubeconfig="~/.kube/config" \ # (optional) Management cluster configuration. If not set default kubeconfig resolution is used. - --private-key="~/.ssh/id_rsa" --private-key-password="" \ # Git repository SSH configuration - --version="0.33.0" \ # version to install - --domain-type="localhost" \ # how to expose the dashboard - --username=wego-admin --password=admin123 \ # emergency user configuration - --discovery-url="" --client-id="weave-gitops-enterprise" --client-secret="changeme" \ # (optional) OIDC configuration + gitops bootstrap \ + --kubeconfig=$HOME/.kube/config \ + --private-key=$HOME/.ssh/id_rsa --private-key-password="" \ + --version="0.35.0" \ + --domain-type="localhost" \ + --password="admin123" ``` For more information about the CLI configurations, check the below sections [here](#cli-configurations) - ## Appendix -### Appendix I: Understanding `gitops-ee bootstrap` +### Understanding `gitops-ee bootstrap` `gitops-ee bootstrap` is a workflow that will take you through the following stages: @@ -148,7 +145,7 @@ To configure OIDC access, you will be asked to provide the following values: Please don't forget to add a new static-client on your OIDC provider settings with the redirectURI `your-domain/oauth2/callback` for example `http://localhost:3000/oauth2/callback` ::: -### Appendix II: CLI configurations +### CLI configurations - `--kube-config`: allows to choose the Kubeconfig for your cluster, default would be ~/.kube/config - `-d`, `--domain externaldns`: indicate the domain to use in case of using externaldns From ff88b6d01d3d806346ebb04248946b4926a654cc Mon Sep 17 00:00:00 2001 From: Mostafa Megahid Date: Wed, 8 Nov 2023 11:37:27 +0200 Subject: [PATCH 6/7] correct appendix steps order flux<>entitlement --- .../getting-started/install-enterprise-cli.mdx | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx index 31747bb3f6..0a74f1ae26 100644 --- a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx +++ b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx @@ -93,18 +93,17 @@ Please use the following command to start the installation wizard of Weave GitOp 7. [Access the dashboard](#access-the-dashboard): via the link from the installation success message. 8. (Optional) [Configure OIDC](#configure-oidc): to enable login to dashboard via OIDC providers. +#### Verify Flux + +Weave GitOps Enterprise runs on top of flux, the bootstrap CLI will check if flux is installed on the management cluster, and it will verify that it has the right version with valid git repository setup, and it is able to reconcile flux components properly. +If flux is installed, but doesn't have a valid installation, the bootstrap CLI will terminate pending the fix or uninstall of current flux installation. + #### Verify Entitlement Weave GitOps Enterprise Entitlement is your obtained license to use our product. The Entitlements file is a Kubernetes secret that contains your licence. `Bootstrapping` checks that the secret exists on the management cluster, and that it is valid will check if it has valid content and the entitlement is not expired. To get the entitlement secret please contact *sales@weave.works*, then apply it on your management cluster with the name `weave-gitops-enterprise-credentials` under `flux-system` namespace. -#### Verify Flux - -Weave GitOps Enterprise runs on top of flux, the bootstrap CLI will check if flux is installed on the management cluster, and it will verify that it has the right version with valid git repository setup, and it is able to reconcile flux components properly. -If flux is installed, but doesn't have a valid installation, the bootstrap CLI will terminate pending the fix or uninstall of current flux installation. -If flux is not installed at all, the bootstrap CLI offers the option to bootstrap flux. - #### Configure Git Access In order for `gitops-ee bootstrap` to push WGE resources to the management cluster's git repository, you will be prompted to provide the private key used to access your repo via ssh. If the private key is encrypted, you will also be asked to provide the private key password. From 13c21c7e921076c8ab9a91ab931302e7254dc61b Mon Sep 17 00:00:00 2001 From: Waleed Hammam Date: Wed, 8 Nov 2023 11:49:11 +0200 Subject: [PATCH 7/7] fix help link --- .../docs/enterprise/getting-started/install-enterprise-cli.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx index 0a74f1ae26..15d4aeb713 100644 --- a/website/docs/enterprise/getting-started/install-enterprise-cli.mdx +++ b/website/docs/enterprise/getting-started/install-enterprise-cli.mdx @@ -36,7 +36,7 @@ Before you start make sure the following requirements are met: - [ ] **Git Repository with SSH access**: this is the configuration repo that WeaveGitOps will use to sync configuration manifests from. - [ ] **Flux CLI**: is [installed](https://fluxcd.io/flux/installation/#install-the-flux-cli) locally. It will be used for reconciling Flux resources. - [ ] **Flux Bootstrapped** in your Management cluster via ssh. See [Flux Bootstrap](https://fluxcd.io/flux/installation/bootstrap/generic-git-server/) for more info. -- [ ] **Weave GitOps Enterprise Entitlements** are installed in the management cluster. Contact [Sales](../../../../help-and-support/) for help on getting them. +- [ ] **Weave GitOps Enterprise Entitlements** are installed in the management cluster. Contact [Sales](/help-and-support/) for help on getting them. #### Install `gitops-ee` CLI (> v0.35)