From abd4855b3e081a5742e8032e48ad25254b8e1bcd Mon Sep 17 00:00:00 2001 From: Joel McCoy Date: Thu, 20 Jun 2024 11:24:51 -0500 Subject: [PATCH] docs: fixed wrong link in zarf site nerd notes page (#2639) ## Description Link in nerd notes points to the wrong issue. 375 currently points to 376. Fixed it so it points to the right issue that has the discussion mentioned in the bullet. ... ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://github.com/defenseunicorns/zarf/blob/main/.github/CONTRIBUTING.md#developer-workflow) followed --- site/src/content/docs/contribute/nerd-notes.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/site/src/content/docs/contribute/nerd-notes.mdx b/site/src/content/docs/contribute/nerd-notes.mdx index d7fd44d15c..6264dd5266 100644 --- a/site/src/content/docs/contribute/nerd-notes.mdx +++ b/site/src/content/docs/contribute/nerd-notes.mdx @@ -10,7 +10,7 @@ Zarf is written entirely in [go](https://go.dev/), except for a single 868Kb bin - All workloads are installed in the cluster via the [Helm SDK](https://helm.sh/docs/topics/advanced/#go-sdk) - The OCI Registries used are both from [Docker](https://github.com/distribution/distribution) -- Currently, the Registry and Git servers _are not HA_, see [#375](https://github.com/defenseunicorns/zarf/issues/376) and [#376](https://github.com/defenseunicorns/zarf/issues/376) for discussion on this +- Currently, the Registry and Git servers _are not HA_, see [#375](https://github.com/defenseunicorns/zarf/issues/375) and [#376](https://github.com/defenseunicorns/zarf/issues/376) for discussion on this - To avoid TLS issues, Zarf binds to `127.0.0.1:31999` on each node as a [NodePort](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) to allow all nodes to access the pod(s) in the cluster - Zarf utilizes a [mutating admission webhook](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#mutatingadmissionwebhook) called the [`zarf-agent`](https://github.com/defenseunicorns/zarf/tree/main/src/internal/agent) to modify the image property within the `PodSpec`. The purpose is to redirect it to Zarf's configured registry instead of the the original registry (such as DockerHub, GCR, or Quay). Additionally, the webhook attaches the appropriate [ImagePullSecret](https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod) for the seed registry to the pod. This configuration allows the pod to successfully retrieve the image from the seed registry, even when operating in an air-gapped environment. - Zarf uses a custom injector system to bootstrap a new cluster. See the PR [#329](https://github.com/defenseunicorns/zarf/pull/329) and [ADR](https://github.com/defenseunicorns/zarf/blob/main/adr/0003-image-injection-into-remote-clusters-without-native-support.md) for more details on how we came to this solution. The general steps are listed below: