From ca7c2497c466697109079de2117ce3a5742a6187 Mon Sep 17 00:00:00 2001 From: gardener-robot-ci-3 Date: Wed, 20 Nov 2024 16:37:46 +0000 Subject: [PATCH] Automatic build triggered by last commit --- docs/404.html | 2 +- docs/_print/adopter/index.html | 2 +- docs/_print/community/index.html | 2 +- docs/_print/contribute/docs/index.html | 2 +- docs/_print/docs/contribute/code/index.html | 2 +- docs/adopter/index.html | 2 +- docs/blog/2018/06.11-anti-patterns/index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../2018/06.11-namespace-isolation/index.html | 2 +- .../2018/06.11-namespace-scope/index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../12.22-cookies-are-dangerous/index.html | 2 +- .../2018/12.25-gardener_cookies/index.html | 2 +- docs/blog/2018/_print/index.html | 2 +- docs/blog/2018/index.html | 2 +- docs/blog/2018/page/2/index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- docs/blog/2019/_print/index.html | 2 +- docs/blog/2019/index.html | 2 +- .../index.html | 2 +- .../2020/05.27-pingcaps-experience/index.html | 2 +- .../08.06-gardener-v1.8.0-released/index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../11.23-gardener-v1.13-released/index.html | 2 +- .../index.html | 2 +- docs/blog/2020/_print/index.html | 2 +- docs/blog/2020/index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- docs/blog/2021/_print/index.html | 2 +- docs/blog/2021/index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- docs/blog/2022/_print/index.html | 2 +- docs/blog/2022/index.html | 2 +- .../index.html | 2 +- docs/blog/2023/_print/index.html | 2 +- docs/blog/2023/index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../index.html | 2 +- .../2024/11-06-promcon-eu-2024/index.html | 2 +- docs/blog/2024/11-09-demo/index.html | 2 +- docs/blog/2024/_print/index.html | 2 +- docs/blog/2024/index.html | 2 +- docs/blog/_print/index.html | 2 +- docs/blog/index.html | 2 +- docs/blog/page/2/index.html | 2 +- docs/blog/page/3/index.html | 2 +- docs/blog/page/4/index.html | 2 +- docs/community/index.html | 2 +- docs/contribute/docs/index.html | 6 +- docs/curated-links/index.html | 6 +- docs/docs/_print/index.html | 91 +- docs/docs/contribute/_print/index.html | 6 +- docs/docs/contribute/code/cicd/index.html | 6 +- .../contributing-bigger-changes/index.html | 6 +- .../contribute/code/dependencies/index.html | 6 +- docs/docs/contribute/code/index.html | 6 +- .../code/security-guide/_print/index.html | 2 +- .../contribute/code/security-guide/index.html | 6 +- .../adding-existing-documentation/index.html | 6 +- .../documentation/formatting-guide/index.html | 6 +- .../documentation/images/index.html | 6 +- .../documentation/markup/index.html | 6 +- .../documentation/organization/index.html | 6 +- .../documentation/pr-description/index.html | 6 +- .../documentation/shortcodes/index.html | 6 +- .../style-guide/_print/index.html | 2 +- .../style-guide/concept_template/index.html | 6 +- .../documentation/style-guide/index.html | 6 +- .../style-guide/reference_template/index.html | 6 +- .../style-guide/task_template/index.html | 6 +- docs/docs/contribute/index.html | 10 +- docs/docs/dashboard/_print/index.html | 2 +- .../dashboard/access-restrictions/index.html | 6 +- docs/docs/dashboard/architecture/index.html | 6 +- .../automated-resource-management/index.html | 6 +- .../docs/dashboard/connect-kubectl/index.html | 6 +- docs/docs/dashboard/custom-fields/index.html | 6 +- docs/docs/dashboard/customization/index.html | 6 +- docs/docs/dashboard/index.html | 6 +- docs/docs/dashboard/local-setup/index.html | 6 +- docs/docs/dashboard/process/index.html | 6 +- .../dashboard/project-operations/index.html | 6 +- .../dashboard/terminal-shortcuts/index.html | 6 +- docs/docs/dashboard/testing/index.html | 6 +- docs/docs/dashboard/using-terminal/index.html | 6 +- docs/docs/dashboard/webterminals/index.html | 6 +- .../working-with-projects/index.html | 6 +- docs/docs/extensions/_print/index.html | 89 +- .../_print/index.html | 2 +- .../_print/index.html | 2 +- .../index.html | 6 +- .../container-runtime-extensions/index.html | 6 +- docs/docs/extensions/index.html | 6 +- .../_print/index.html | 89 +- .../_print/index.html | 2 +- .../deployment/index.html | 6 +- .../index.html | 6 +- .../local-setup/index.html | 6 +- .../operations/index.html | 6 +- .../tutorials/_print/index.html | 2 +- .../tutorials/index.html | 6 +- .../index.html | 6 +- .../usage/index.html | 6 +- .../_print/index.html | 41 +- .../deployment/index.html | 6 +- .../dual-stack-ingress/index.html | 6 +- .../index.html | 6 +- .../local-setup/index.html | 6 +- .../operations/index.html | 6 +- .../index.html | 6 +- .../usage/index.html | 51 +- .../_print/index.html | 50 +- .../azure-permissions/index.html | 6 +- .../deployment/index.html | 6 +- .../index.html | 9 +- .../index.xml | 5 +- .../local-setup/index.html | 6 +- .../migrate-loadbalancer/index.html | 1022 ----------------- .../operations/index.html | 6 +- .../tutorials/_print/index.html | 2 +- .../tutorials/index.html | 6 +- .../index.html | 6 +- .../usage/index.html | 6 +- .../usage/migrate-loadbalancer/index.html | 2 - .../_print/index.html | 2 +- .../index.html | 6 +- .../operations/index.html | 6 +- .../usage/index.html | 6 +- .../_print/index.html | 2 +- .../deployment/index.html | 6 +- .../index.html | 6 +- .../local-setup/index.html | 6 +- .../operations/index.html | 6 +- .../datadisk-image-restore/index.html | 6 +- .../tutorials/_print/index.html | 2 +- .../tutorials/index.html | 6 +- .../index.html | 6 +- .../usage/index.html | 6 +- .../_print/index.html | 2 +- .../deployment/index.html | 6 +- .../index.html | 6 +- .../local-setup/index.html | 6 +- .../operations/index.html | 6 +- .../usage/index.html | 6 +- .../infrastructure-extensions/index.html | 6 +- .../network-extensions/_print/index.html | 2 +- .../_print/index.html | 2 +- .../deployment/index.html | 6 +- .../index.html | 6 +- .../operations/index.html | 6 +- .../shoot_overlay_network/index.html | 6 +- .../usage/index.html | 6 +- .../_print/index.html | 2 +- .../index.html | 6 +- .../usage/index.html | 6 +- .../extensions/network-extensions/index.html | 6 +- .../os-extensions/_print/index.html | 2 +- .../_print/index.html | 2 +- .../gardener-extension-os-coreos/index.html | 6 +- .../usage/index.html | 6 +- .../_print/index.html | 2 +- .../index.html | 6 +- .../_print/index.html | 2 +- .../index.html | 6 +- .../usage/index.html | 6 +- .../_print/index.html | 2 +- .../gardener-extension-os-ubuntu/index.html | 6 +- .../usage/index.html | 6 +- docs/docs/extensions/os-extensions/index.html | 6 +- docs/docs/extensions/others/_print/index.html | 2 +- .../_print/index.html | 2 +- .../extension-registry-cache/index.html | 6 +- .../getting-started-locally/index.html | 6 +- .../getting-started-remotely/index.html | 6 +- .../index.html | 6 +- .../registry-cache/configuration/index.html | 6 +- .../upstream-credentials/index.html | 6 +- .../registry-mirror/configuration/index.html | 6 +- .../_print/index.html | 2 +- .../alerting/index.html | 6 +- .../custom_shoot_issuer/index.html | 6 +- .../deployment/index.html | 6 +- .../index.html | 6 +- .../request_cert/index.html | 6 +- .../request_default_domain_cert/index.html | 6 +- .../tutorials/gateway-api-gateways/index.html | 6 +- .../tutorials/istio-gateways/index.html | 6 +- .../index.html | 6 +- .../_print/index.html | 2 +- .../configuration/index.html | 6 +- .../deployment/index.html | 6 +- .../dns_names/index.html | 6 +- .../dns_providers/index.html | 6 +- .../index.html | 6 +- .../tutorials/gateway-api-gateways/index.html | 6 +- .../tutorials/istio-gateways/index.html | 6 +- .../_print/index.html | 2 +- .../deployment/index.html | 6 +- .../index.html | 6 +- .../lakom/index.html | 6 +- .../shoot-extension/index.html | 6 +- .../_print/index.html | 2 +- .../deployment/index.html | 6 +- .../index.html | 6 +- .../shoot-networking-filter/index.html | 6 +- .../_print/index.html | 2 +- .../deployment/index.html | 6 +- .../index.html | 6 +- .../index.html | 6 +- .../_print/index.html | 2 +- .../deployment/index.html | 6 +- .../index.html | 6 +- .../openidconnects/index.html | 6 +- .../_print/index.html | 2 +- .../configuration/index.html | 6 +- .../getting-started-remotely/index.html | 6 +- .../getting-started/index.html | 6 +- .../index.html | 6 +- .../monitoring/index.html | 6 +- .../shoot-rsyslog-relp/index.html | 6 +- docs/docs/extensions/others/index.html | 6 +- docs/docs/faq/_print/index.html | 2 +- docs/docs/faq/add-feature-gates/index.html | 6 +- docs/docs/faq/automatic-migrate/index.html | 6 +- docs/docs/faq/automatic-upgrade/index.html | 6 +- docs/docs/faq/backup/index.html | 6 +- docs/docs/faq/clusterhealthz/index.html | 6 +- .../faq/configure-worker-pools/index.html | 6 +- docs/docs/faq/dns-config/index.html | 6 +- docs/docs/faq/index.html | 6 +- .../docs/faq/privileged-containers/index.html | 6 +- .../docs/faq/reconciliation-impact/index.html | 6 +- docs/docs/faq/rotate-iaas-keys/index.html | 6 +- docs/docs/gardenctl-v2/index.html | 6 +- docs/docs/gardener/_print/index.html | 2 +- docs/docs/gardener/advanced/_print/index.html | 2 +- .../index.html | 6 +- .../index.html | 6 +- .../advanced/csi_components/index.html | 6 +- .../custom-containerd-config/index.html | 6 +- docs/docs/gardener/advanced/index.html | 6 +- .../advanced/node-readiness/index.html | 6 +- .../advanced/shoot_cleanup/index.html | 6 +- .../gardener/advanced/tolerations/index.html | 6 +- .../gardener/api-reference/_print/index.html | 2 +- .../api-reference/authentication/index.html | 6 +- .../gardener/api-reference/core-v1/index.html | 6 +- .../gardener/api-reference/core/index.html | 6 +- .../api-reference/extensions/index.html | 6 +- docs/docs/gardener/api-reference/index.html | 6 +- .../api-reference/operations/index.html | 6 +- .../api-reference/operator/index.html | 6 +- .../api-reference/provider-local/index.html | 6 +- .../api-reference/resources/index.html | 6 +- .../api-reference/security/index.html | 6 +- .../api-reference/seedmanagement/index.html | 6 +- .../api-reference/settings/index.html | 6 +- .../index.html | 6 +- .../gardener/autoscaling/_print/index.html | 2 +- .../autoscaling/dns-autoscaling/index.html | 6 +- docs/docs/gardener/autoscaling/index.html | 6 +- .../autoscaling/shoot_autoscaling/index.html | 6 +- .../index.html | 6 +- .../docs/gardener/changing-the-api/index.html | 6 +- .../gardener/component-checklist/index.html | 6 +- docs/docs/gardener/concepts/_print/index.html | 2 +- .../concepts/admission-controller/index.html | 6 +- .../apiserver-admission-plugins/index.html | 6 +- .../gardener/concepts/apiserver/index.html | 6 +- .../gardener/concepts/architecture/index.html | 6 +- .../concepts/backup-restore/index.html | 6 +- .../gardener/concepts/cluster-api/index.html | 6 +- .../concepts/controller-manager/index.html | 6 +- docs/docs/gardener/concepts/etcd/index.html | 6 +- .../gardener/concepts/gardenadm/index.html | 6 +- .../gardener/concepts/gardenlet/index.html | 6 +- docs/docs/gardener/concepts/index.html | 6 +- .../gardener/concepts/node-agent/index.html | 6 +- .../gardener/concepts/operator/index.html | 6 +- .../concepts/resource-manager/index.html | 6 +- .../gardener/concepts/scheduler/index.html | 6 +- docs/docs/gardener/configuration/index.html | 6 +- .../control_plane_migration/index.html | 6 +- docs/docs/gardener/defaulting/index.html | 6 +- docs/docs/gardener/dependencies/index.html | 6 +- .../gardener/deployment/_print/index.html | 2 +- .../index.html | 6 +- .../deployment/configuring_logging/index.html | 6 +- .../deployment/deploy_gardenlet/index.html | 6 +- .../deploy_gardenlet_automatically/index.html | 6 +- .../deploy_gardenlet_manually/index.html | 6 +- .../deploy_gardenlet_via_operator/index.html | 6 +- .../deployment/feature_gates/index.html | 6 +- .../gardenlet_api_access/index.html | 6 +- .../getting_started_locally/index.html | 6 +- .../index.html | 6 +- .../deployment/image_vector/index.html | 6 +- docs/docs/gardener/deployment/index.html | 6 +- .../deployment/migration_v0_to_v1/index.html | 6 +- .../index.html | 6 +- .../deployment/setup_gardener/index.html | 6 +- .../deployment/version_skew_policy/index.html | 6 +- .../gardener/extensions/_print/index.html | 2 +- .../gardener/extensions/admission/index.html | 6 +- .../extensions/ca-rotation/index.html | 6 +- .../gardener/extensions/cluster/index.html | 6 +- .../controllerregistration/index.html | 6 +- .../controlplane-webhooks/index.html | 6 +- .../extensions/conventions/index.html | 6 +- .../extensions/force-deletion/index.html | 6 +- .../extensions/garden-api-access/index.html | 6 +- .../extensions/healthcheck-library/index.html | 6 +- .../gardener/extensions/heartbeat/index.html | 6 +- docs/docs/gardener/extensions/index.html | 6 +- .../logging-and-monitoring/index.html | 6 +- .../index.html | 6 +- .../extensions/managedresources/index.html | 6 +- .../gardener/extensions/migration/index.html | 6 +- .../gardener/extensions/overview/index.html | 6 +- .../extensions/project-roles/index.html | 6 +- .../extensions/provider-local/index.html | 6 +- .../extensions/reconcile-trigger/index.html | 6 +- .../referenced-resources/index.html | 6 +- .../extensions/resources/_print/index.html | 2 +- .../resources/backupbucket/index.html | 6 +- .../resources/backupentry/index.html | 6 +- .../extensions/resources/bastion/index.html | 6 +- .../resources/containerruntime/index.html | 6 +- .../controlplane-exposure/index.html | 6 +- .../resources/controlplane/index.html | 6 +- .../extensions/resources/dnsrecord/index.html | 6 +- .../extensions/resources/extension/index.html | 6 +- .../gardener/extensions/resources/index.html | 6 +- .../resources/infrastructure/index.html | 6 +- .../extensions/resources/network/index.html | 6 +- .../operatingsystemconfig/index.html | 6 +- .../extensions/resources/worker/index.html | 6 +- .../shoot-health-status-conditions/index.html | 6 +- .../extensions/shoot-maintenance/index.html | 6 +- .../extensions/shoot-webhooks/index.html | 6 +- .../getting_started_locally/index.html | 6 +- .../index.html | 6 +- .../high-availability/_print/index.html | 2 +- .../gardener/high-availability/index.html | 6 +- .../shoot_high_availability/index.html | 6 +- .../index.html | 6 +- docs/docs/gardener/index.html | 6 +- docs/docs/gardener/ipv6/index.html | 6 +- docs/docs/gardener/istio/index.html | 6 +- .../gardener/kubernetes-clients/index.html | 6 +- docs/docs/gardener/local_setup/index.html | 6 +- docs/docs/gardener/log_parsers/index.html | 6 +- docs/docs/gardener/logging/index.html | 6 +- docs/docs/gardener/managed_seed/index.html | 6 +- .../docs/gardener/monitoring-stack/index.html | 6 +- .../gardener/monitoring/_print/index.html | 2 +- .../gardener/monitoring/alerting/index.html | 6 +- .../monitoring/connectivity/index.html | 6 +- docs/docs/gardener/monitoring/index.html | 6 +- .../gardener/monitoring/profiling/index.html | 6 +- .../docs/gardener/network_policies/index.html | 6 +- .../gardener/networking/_print/index.html | 2 +- .../networking/custom-dns-config/index.html | 6 +- .../dns-search-path-optimization/index.html | 6 +- .../networking/exposureclasses/index.html | 6 +- docs/docs/gardener/networking/index.html | 6 +- .../networking/node-local-dns/index.html | 6 +- .../index.html | 6 +- .../networking/shoot_networking/index.html | 6 +- .../gardener/new-cloud-provider/index.html | 6 +- .../new-kubernetes-version/index.html | 6 +- .../gardener/observability/_print/index.html | 2 +- docs/docs/gardener/observability/index.html | 6 +- .../gardener/observability/logging/index.html | 6 +- .../docs/gardener/priority-classes/index.html | 6 +- docs/docs/gardener/process/index.html | 6 +- docs/docs/gardener/project/_print/index.html | 2 +- docs/docs/gardener/project/index.html | 6 +- .../namespaced-cloud-profiles/index.html | 6 +- .../docs/gardener/project/projects/index.html | 6 +- .../service-account-manager/index.html | 6 +- .../gardener/reversed-vpn-tunnel/index.html | 6 +- .../gardener/secrets_management/index.html | 6 +- docs/docs/gardener/security/_print/index.html | 2 +- .../default_seccomp_profile/index.html | 6 +- .../etcd_encryption_config/index.html | 6 +- docs/docs/gardener/security/index.html | 6 +- .../security/openidconnect-presets/index.html | 6 +- .../gardener/security/pod-security/index.html | 6 +- .../security/shoot_auditpolicy/index.html | 6 +- .../security/shoot_serviceaccounts/index.html | 6 +- .../gardener/seed_bootstrapping/index.html | 6 +- docs/docs/gardener/seed_settings/index.html | 6 +- .../shoot-operations/_print/index.html | 2 +- .../docs/gardener/shoot-operations/index.html | 6 +- .../shoot_credentials_rotation/index.html | 6 +- .../shoot_operations/index.html | 6 +- .../shoot-operations/shoot_updates/index.html | 6 +- .../shoot_versions/index.html | 6 +- .../supported_k8s_versions/index.html | 6 +- .../worker_pool_k8s_versions/index.html | 6 +- docs/docs/gardener/shoot/_print/index.html | 2 +- .../shoot/access_restrictions/index.html | 6 +- docs/docs/gardener/shoot/index.html | 6 +- .../gardener/shoot/shoot_access/index.html | 6 +- .../gardener/shoot/shoot_hibernate/index.html | 6 +- .../shoot/shoot_info_configmap/index.html | 6 +- .../shoot/shoot_maintenance/index.html | 6 +- .../gardener/shoot/shoot_purposes/index.html | 6 +- .../shoot_scheduling_profiles/index.html | 6 +- .../gardener/shoot/shoot_status/index.html | 6 +- .../shoot_supported_architectures/index.html | 6 +- .../shoot/shoot_workerless/index.html | 6 +- .../shoot/shoot_workers_settings/index.html | 6 +- docs/docs/gardener/testing/index.html | 6 +- .../gardener/testmachinery_tests/index.html | 6 +- .../topology_aware_routing/index.html | 6 +- .../trusted-tls-for-control-planes/index.html | 6 +- .../trusted-tls-for-garden-runtime/index.html | 6 +- docs/docs/getting-started/_print/index.html | 2 +- .../getting-started/architecture/index.html | 6 +- .../getting-started/ca-components/index.html | 6 +- .../common-pitfalls/index.html | 6 +- .../features/_print/index.html | 2 +- .../certificate-management/index.html | 6 +- .../features/cluster-autoscaler/index.html | 6 +- .../features/credential-rotation/index.html | 6 +- .../features/dns-management/index.html | 6 +- .../features/hibernation/index.html | 6 +- docs/docs/getting-started/features/index.html | 6 +- .../getting-started/features/vpa/index.html | 6 +- .../features/workerless-shoots/index.html | 6 +- docs/docs/getting-started/index.html | 6 +- .../getting-started/introduction/index.html | 6 +- .../docs/getting-started/lifecycle/index.html | 6 +- .../observability/_print/index.html | 2 +- .../observability/alerts/index.html | 6 +- .../observability/components/index.html | 6 +- .../getting-started/observability/index.html | 6 +- .../observability/shoot-status/index.html | 6 +- docs/docs/getting-started/project/index.html | 6 +- docs/docs/getting-started/shoots/index.html | 6 +- docs/docs/glossary/_print/index.html | 2 +- docs/docs/glossary/index.html | 6 +- docs/docs/guides/_print/index.html | 2 +- .../administer-shoots/_print/index.html | 2 +- .../backup-restore/index.html | 6 +- .../conversion-webhook/index.html | 6 +- .../create-delete-shoot/index.html | 6 +- .../index.html | 6 +- .../guides/administer-shoots/gpu/index.html | 6 +- docs/docs/guides/administer-shoots/index.html | 6 +- .../maintain-shoot/index.html | 6 +- .../administer-shoots/oidc-login/index.html | 6 +- .../administer-shoots/scalability/index.html | 6 +- .../administer-shoots/tailscale/index.html | 6 +- .../guides/applications/_print/index.html | 2 +- .../access-pod-from-local/index.html | 6 +- .../applications/antipattern/index.html | 6 +- .../commit-secret-fail/index.html | 6 +- .../applications/container-startup/index.html | 6 +- .../applications/content_trust/index.html | 6 +- .../dockerfile-pitfall/index.html | 6 +- .../applications/dynamic-pvc/index.html | 6 +- .../applications/image-pull-policy/index.html | 6 +- docs/docs/guides/applications/index.html | 6 +- .../insecure-configuration/index.html | 6 +- .../applications/knative-install/index.html | 6 +- .../missing-registry-permission/index.html | 6 +- .../applications/network-isolation/index.html | 6 +- .../pod-disruption-budget/index.html | 6 +- .../guides/applications/prometheus/index.html | 6 +- .../applications/secure-seccomp/index.html | 6 +- .../service-cache-control/index.html | 6 +- .../index.html | 6 +- .../guides/client-tools/_print/index.html | 2 +- .../client-tools/bash-kubeconfig/index.html | 6 +- .../guides/client-tools/bash-tips/index.html | 6 +- docs/docs/guides/client-tools/index.html | 6 +- .../working-with-kubeconfig/index.html | 6 +- .../high-availability/_print/index.html | 2 +- .../best-practices/index.html | 6 +- .../chaos-engineering/index.html | 6 +- .../control-plane/index.html | 6 +- docs/docs/guides/high-availability/index.html | 6 +- docs/docs/guides/index.html | 6 +- .../_print/index.html | 2 +- .../analysing-node-failures/index.html | 6 +- .../debug-a-pod/index.html | 6 +- .../monitoring-and-troubleshooting/index.html | 6 +- .../shell-to-node/index.html | 6 +- .../tail-logfile/index.html | 6 +- docs/docs/guides/networking/_print/index.html | 2 +- .../index.html | 6 +- .../certificate-extension/index.html | 6 +- .../networking/dns-extension/index.html | 6 +- .../index.html | 6 +- docs/docs/guides/networking/index.html | 6 +- docs/docs/index.html | 6 +- docs/docs/other-components/_print/index.html | 2 +- .../dependency-watchdog/_print/index.html | 2 +- .../concepts/_print/index.html | 2 +- .../dependency-watchdog/concepts/index.html | 6 +- .../concepts/prober/index.html | 6 +- .../concepts/weeder/index.html | 6 +- .../contribution/index.html | 6 +- .../deployment/_print/index.html | 2 +- .../deployment/configure/index.html | 6 +- .../dependency-watchdog/deployment/index.html | 6 +- .../deployment/monitor/index.html | 6 +- .../dependency-watchdog/index.html | 6 +- .../setup/dwd-using-local-garden/index.html | 6 +- .../dependency-watchdog/testing/index.html | 6 +- .../etcd-druid/_print/index.html | 2 +- .../add-new-etcd-cluster-component/index.html | 6 +- .../api-reference/etcd-druid-api/index.html | 6 +- .../etcd-druid/api-reference/index.html | 6 +- .../benchmark/etcd-network-latency/index.html | 6 +- .../etcd-druid/changing-api/index.html | 6 +- .../etcd-cluster-components/index.html | 6 +- .../index.html | 6 +- .../etcd-druid/contribution/index.html | 6 +- .../etcd-druid/controllers/index.html | 6 +- .../dependency-management/index.html | 6 +- .../configure-etcd-druid/index.html | 6 +- .../deployment/feature-gates/index.html | 6 +- .../getting-started-locally/index.html | 6 +- .../manage-azurite-emulator/index.html | 6 +- .../manage-s3-emulator/index.html | 6 +- .../index.html | 6 +- .../version-compatibility-matrix/index.html | 6 +- .../getting-started-locally/index.html | 6 +- .../other-components/etcd-druid/index.html | 6 +- .../managing-etcd-clusters/index.html | 6 +- .../etcd-druid/monitoring/metrics/index.html | 6 +- .../prepare-dev-environment/index.html | 6 +- .../proposals/00-template/index.html | 6 +- .../01-multi-node-etcd-clusters/index.html | 6 +- .../02-snapshot-compaction/index.html | 6 +- .../03-scaling-up-an-etcd-cluster/index.html | 6 +- .../04-etcd-member-custom-resource/index.html | 6 +- .../05-etcd-operator-tasks/index.html | 6 +- .../etcd-druid/raising-a-pr/index.html | 6 +- .../recovering-etcd-clusters/index.html | 6 +- .../etcd-druid/running-e2e-tests/index.html | 6 +- .../securing-etcd-clusters/index.html | 6 +- .../etcd-druid/testing/index.html | 6 +- .../updating-documentation/index.html | 6 +- docs/docs/other-components/index.html | 6 +- .../_print/index.html | 2 +- .../cp_support_new/index.html | 6 +- .../deployment/index.html | 6 +- .../documents/_print/index.html | 2 +- .../documents/apis/index.html | 6 +- .../documents/index.html | 6 +- .../machine-controller-manager/faq/index.html | 6 +- .../machine-controller-manager/index.html | 6 +- .../integration_tests/index.html | 6 +- .../local_setup/index.html | 6 +- .../machine/index.html | 6 +- .../machine_deployment/index.html | 6 +- .../machine_error_codes/index.html | 6 +- .../machine_set/index.html | 6 +- .../prerequisite/index.html | 6 +- .../proposals/_print/index.html | 2 +- .../excess_reserve_capacity/index.html | 6 +- .../external_providers_grpc/index.html | 6 +- .../proposals/hotupdate-instances/index.html | 6 +- .../proposals/index.html | 6 +- .../proposals/initialize-machine/index.html | 6 +- .../testing_and_dependencies/index.html | 6 +- .../todo/_print/index.html | 2 +- .../todo/index.html | 6 +- .../todo/outline/index.html | 6 +- docs/docs/resources/_print/index.html | 2 +- docs/docs/resources/index.html | 6 +- docs/docs/resources/videos/_print/index.html | 2 +- .../resources/videos/fairy-tail/index.html | 6 +- .../videos/gardener-teaser/index.html | 6 +- .../videos/in-out-networking/index.html | 6 +- docs/docs/resources/videos/index.html | 6 +- .../videos/livecheck-readiness/index.html | 6 +- .../microservices-in_kubernetes/index.html | 6 +- .../resources/videos/namespace/index.html | 6 +- .../videos/small-container/index.html | 6 +- .../videos/why-kubernetes/index.html | 6 +- .../security-and-compliance/_print/index.html | 2 +- docs/docs/security-and-compliance/index.html | 6 +- .../kubernetes-hardening/index.html | 6 +- .../partial-disa-k8s-stig-shoot/index.html | 6 +- .../regional-restrictions/index.html | 6 +- .../security-and-compliance/report/index.html | 6 +- docs/index.html | 2 +- docs/js/404.js | 794 +++++++------ ...ndex.8ddd77d9c747692c4bb69983683c5721.json | 1 + ...ndex.c7d8603962c4710ae8e3d97aa70cff05.json | 1 - docs/sitemap.xml | 2 +- docs/tags/task/index.html | 2 +- 617 files changed, 1687 insertions(+), 3630 deletions(-) delete mode 100644 docs/docs/extensions/infrastructure-extensions/gardener-extension-provider-azure/migrate-loadbalancer/index.html delete mode 100644 docs/docs/extensions/infrastructure-extensions/gardener-extension-provider-azure/usage/migrate-loadbalancer/index.html create mode 100644 docs/offline-search-index.8ddd77d9c747692c4bb69983683c5721.json delete mode 100644 docs/offline-search-index.c7d8603962c4710ae8e3d97aa70cff05.json diff --git a/docs/404.html b/docs/404.html index b271b701400..f3b6ef4e690 100644 --- a/docs/404.html +++ b/docs/404.html @@ -2,5 +2,5 @@

Page Not Found

We dug around, but couldn't find the page that you were looking for.

You could go back to our home page or use the search bar to find what you were looking for.

  • Blogs
  • Community

    • Page Not Found

    We dug around, but couldn't find the page that you were looking for.

    You could go back to our home page or use the search bar to find what you were looking for.

    \ No newline at end of file diff --git a/docs/_print/adopter/index.html b/docs/_print/adopter/index.html index f12cf5cd202..2b6a6f20796 100644 --- a/docs/_print/adopter/index.html +++ b/docs/_print/adopter/index.html @@ -2,5 +2,5 @@

    See who is using Gardener

    Gardener adopters in production environments that have publicly shared details of their usage.

    teaser

    SAPSAP uses Gardener to deploy and manage Kubernetes clusters at scale in a uniform way across infrastructures (AWS, Azure, GCP, Alicloud, as well as generic interfaces to OpenStack and vSphere). Workloads include Databases (SAP HANA Cloud), Big Data (SAP Data Intelligence), Kyma, many other cloud native applications, and diverse business workloads.
    OVHcloudGardener can now be run by customers on the Public Cloud Platform of the leading European Cloud Provider OVHcloud.
    ScaleUp TechnologiesScaleUp Technologies runs Gardener within their public Openstack Clouds (Hamburg, Berlin, Düsseldorf). Their clients run all kinds of workloads on top of Gardener maintained Kubernetes clusters ranging from databases to Software-as-a-Service applications.
    Finanz Informatik Technologie Services GmbHFinanz Informatik Technologie Services GmbH uses Gardener to offer k8s as a service for customers in the financial industry in Germany. It is built on top of a “metal as a service” infrastructure implemented from scratch for k8s workloads in mind. The result is k8s on top of bare metal in minutes.
    PingCAPPingCAP TiDB, is a cloud-native distributed SQL database with MySQL compatibility, and one of the most popular open-source database projects - with 23.5K+ stars and 400+ contributors. Its sister project TiKV is a Cloud Native Interactive Landscape project. PingCAP envisioned their managed TiDB service, known as TiDB Cloud, to be multi-tenant, secure, cost-efficient, and to be compatible with different cloud providers and they chose Gardener.
    BeezlabsBeezlabs uses Gardener to deliver Intelligent Process Automation platform, on multiple cloud providers and reduce costs and lock-in risks.
    b’nerdb’nerd uses Gardener as the core technology for its own managed Kubernetes as a Service solution and operates multiple Gardener installations for several cloud hosting service providers.
    STACKITSTACKIT is a digital brand of Europe’s biggest retailer, the Schwarz Group, which includes Lidl, Kaufland, but also production and recycling companies. It uses Gardener to offer public and private Kubernetes as a service in own data centers in Europe and targets to become the cloud provider for German and European small and mid-sized companies.
    T-SystemsSupporting and managing multiple application landscapes on-premises and across different hyperscaler infrastructures can be painful. At T-Systems we use Gardener both for internal usage and to manage clusters for our customers. We love the openness of the project, the flexibility and the architecture that allows us to manage clusters around the world with only one team from one single pane of glass and to meet industry specific certification standards. The sovereignty by design is another great value, the technology implicitly brings along.
    23 TechnologiesThe German-based company 23 Technologies uses Gardener to offer an enterprise-class Kubernetes engine for industrial use cases as well as cloud service providers and offers managed and professional services for it. 23T is also the team behind okeanos.dev, a public service that can be used by anyone to try out Gardener.
    B1 Systems GmbHB1 Systems GmbH is a international provider of Linux & Open Source consulting, training, managed service & support. We are founded in 2004 and based in Germany. Our team of 140 Linux experts offers tailor-made solutions based on cloud & container technologies, virtualization & high availability as well as monitoring, system & configuration management. B1 is using Gardener internally and also set up solutions/environments for customers.
    finleap connect GmbHfinleap connect GmbH is the leading independent Open Banking platform provider in Europe. It enables companies across a multitude of industries to provide the next generation of financial services by understanding how customers transact and interact. With its “full-stack” platform of solutions, finleap connect makes it possible for its clients to compliantly access the financial transactions data of customers, enrich said data with analytics tools, provide digital banking services and deliver high-quality, digital financial services products and services to customers. Gardener uniquly enables us to deploy our platform in Europe and across the globe in a uniform way on the providers preferred by our customers.
    CodesphereCodesphere is a Cloud IDE with integrated and automated deployment of web apps. It uses Gardener internally to manage clusters that host customer deployments and internal systems all over the world.
    plusserverplusserver combines its own cloud offerings with hyperscaler platforms to provide individually tailored multi-cloud solutions. The plusserver Kubernetes Engine (PSKE) based on Gardener reduces the complexity in managing multi-cloud environments and enables companies to orchestrate their containers and cloud-native applications across a variety of platforms such as plusserver’s pluscloud open or hyperscalers such as AWS, either by mouseclick or via an API. With PSKE, companies remain vendor-independent and profit from guaranteed data sovereignty and data security due to GDPR-compliant cloud platforms in the certified plusserver data centers in Germany.
    Fuga CloudFuga Cloud uses Gardener as the basis for its Enterprise Managed Kubernetes (EMK), a platform that simplifies the management of your k8s and provides insight into usage and performance. The other Fuga Cloud services can be added with a mouse click, and the choice of another cloud provider is a negotiable option. Fuga Cloud stands for Digital Sovereignty, Data Portability and GDPR compatibility.
    Metalstack Cloudmetalstack.cloud uses Gardener and is based on the open-source software metal-stack.io, which is developed for regulated financial institutions. The focus here is on the highest possible security and compliance conformity. This makes metalstack.cloud perfect for running enterprise-grade container applications and provides your workloads with the highest possible performance.
    CleuraCleura uses Gardener to power its Container Orchestration Engine for Cleura Public Cloud and Cleura Compliant Cloud. Cleura Container Orchestration Engine simplifies the creation and management of Kubernetes clusters through their user-friendly Cleura Cloud Management Panel or API, allowing users to focus on deploying applications instead of maintaining the underlying infrastructure.
    PITS Globale DatenrettungsdienstePITS Globale Datenrettungsdienste is a data recovery company located in Germany specializing in recovering lost or damaged files from hard drives, solid-state drives, flash drives, and other storage media. Gardener is used to handle highly-loaded internal infrastructure and provide reliable, fully-managed K8 cluster solutions.

    If you’re using Gardener and you aren’t on this list, submit a pull request!

  • Blogs
  • Community

    • See who is using Gardener

    Gardener adopters in production environments that have publicly shared details of their usage.

    teaser

    SAPSAP uses Gardener to deploy and manage Kubernetes clusters at scale in a uniform way across infrastructures (AWS, Azure, GCP, Alicloud, as well as generic interfaces to OpenStack and vSphere). Workloads include Databases (SAP HANA Cloud), Big Data (SAP Data Intelligence), Kyma, many other cloud native applications, and diverse business workloads.
    OVHcloudGardener can now be run by customers on the Public Cloud Platform of the leading European Cloud Provider OVHcloud.
    ScaleUp TechnologiesScaleUp Technologies runs Gardener within their public Openstack Clouds (Hamburg, Berlin, Düsseldorf). Their clients run all kinds of workloads on top of Gardener maintained Kubernetes clusters ranging from databases to Software-as-a-Service applications.
    Finanz Informatik Technologie Services GmbHFinanz Informatik Technologie Services GmbH uses Gardener to offer k8s as a service for customers in the financial industry in Germany. It is built on top of a “metal as a service” infrastructure implemented from scratch for k8s workloads in mind. The result is k8s on top of bare metal in minutes.
    PingCAPPingCAP TiDB, is a cloud-native distributed SQL database with MySQL compatibility, and one of the most popular open-source database projects - with 23.5K+ stars and 400+ contributors. Its sister project TiKV is a Cloud Native Interactive Landscape project. PingCAP envisioned their managed TiDB service, known as TiDB Cloud, to be multi-tenant, secure, cost-efficient, and to be compatible with different cloud providers and they chose Gardener.
    BeezlabsBeezlabs uses Gardener to deliver Intelligent Process Automation platform, on multiple cloud providers and reduce costs and lock-in risks.
    b’nerdb’nerd uses Gardener as the core technology for its own managed Kubernetes as a Service solution and operates multiple Gardener installations for several cloud hosting service providers.
    STACKITSTACKIT is a digital brand of Europe’s biggest retailer, the Schwarz Group, which includes Lidl, Kaufland, but also production and recycling companies. It uses Gardener to offer public and private Kubernetes as a service in own data centers in Europe and targets to become the cloud provider for German and European small and mid-sized companies.
    T-SystemsSupporting and managing multiple application landscapes on-premises and across different hyperscaler infrastructures can be painful. At T-Systems we use Gardener both for internal usage and to manage clusters for our customers. We love the openness of the project, the flexibility and the architecture that allows us to manage clusters around the world with only one team from one single pane of glass and to meet industry specific certification standards. The sovereignty by design is another great value, the technology implicitly brings along.
    23 TechnologiesThe German-based company 23 Technologies uses Gardener to offer an enterprise-class Kubernetes engine for industrial use cases as well as cloud service providers and offers managed and professional services for it. 23T is also the team behind okeanos.dev, a public service that can be used by anyone to try out Gardener.
    B1 Systems GmbHB1 Systems GmbH is a international provider of Linux & Open Source consulting, training, managed service & support. We are founded in 2004 and based in Germany. Our team of 140 Linux experts offers tailor-made solutions based on cloud & container technologies, virtualization & high availability as well as monitoring, system & configuration management. B1 is using Gardener internally and also set up solutions/environments for customers.
    finleap connect GmbHfinleap connect GmbH is the leading independent Open Banking platform provider in Europe. It enables companies across a multitude of industries to provide the next generation of financial services by understanding how customers transact and interact. With its “full-stack” platform of solutions, finleap connect makes it possible for its clients to compliantly access the financial transactions data of customers, enrich said data with analytics tools, provide digital banking services and deliver high-quality, digital financial services products and services to customers. Gardener uniquly enables us to deploy our platform in Europe and across the globe in a uniform way on the providers preferred by our customers.
    CodesphereCodesphere is a Cloud IDE with integrated and automated deployment of web apps. It uses Gardener internally to manage clusters that host customer deployments and internal systems all over the world.
    plusserverplusserver combines its own cloud offerings with hyperscaler platforms to provide individually tailored multi-cloud solutions. The plusserver Kubernetes Engine (PSKE) based on Gardener reduces the complexity in managing multi-cloud environments and enables companies to orchestrate their containers and cloud-native applications across a variety of platforms such as plusserver’s pluscloud open or hyperscalers such as AWS, either by mouseclick or via an API. With PSKE, companies remain vendor-independent and profit from guaranteed data sovereignty and data security due to GDPR-compliant cloud platforms in the certified plusserver data centers in Germany.
    Fuga CloudFuga Cloud uses Gardener as the basis for its Enterprise Managed Kubernetes (EMK), a platform that simplifies the management of your k8s and provides insight into usage and performance. The other Fuga Cloud services can be added with a mouse click, and the choice of another cloud provider is a negotiable option. Fuga Cloud stands for Digital Sovereignty, Data Portability and GDPR compatibility.
    Metalstack Cloudmetalstack.cloud uses Gardener and is based on the open-source software metal-stack.io, which is developed for regulated financial institutions. The focus here is on the highest possible security and compliance conformity. This makes metalstack.cloud perfect for running enterprise-grade container applications and provides your workloads with the highest possible performance.
    CleuraCleura uses Gardener to power its Container Orchestration Engine for Cleura Public Cloud and Cleura Compliant Cloud. Cleura Container Orchestration Engine simplifies the creation and management of Kubernetes clusters through their user-friendly Cleura Cloud Management Panel or API, allowing users to focus on deploying applications instead of maintaining the underlying infrastructure.
    PITS Globale DatenrettungsdienstePITS Globale Datenrettungsdienste is a data recovery company located in Germany specializing in recovering lost or damaged files from hard drives, solid-state drives, flash drives, and other storage media. Gardener is used to handle highly-loaded internal infrastructure and provide reliable, fully-managed K8 cluster solutions.

    If you’re using Gardener and you aren’t on this list, submit a pull request!

    \ No newline at end of file diff --git a/docs/_print/community/index.html b/docs/_print/community/index.html index e74fc7dd2cc..9137b773039 100644 --- a/docs/_print/community/index.html +++ b/docs/_print/community/index.html @@ -14,7 +14,7 @@ Gardener Google Group The recordings are published on the Gardener Project YouTube channel. Topic Speaker Date and Time Link Get more computing power in Gardener by overcoming Kubelet limitations with CRI-resource-manager Pawel Palucki, Alexander D. Kanevskiy October 20, 2022 Recording Summary Cilium / Isovalent Presentation Raymond de Jong October 6, 2022 Recording Summary Gardener Extension Development - From scratch to the gardener-extension-shoot-flux Jens Schneider, Lothar Gesslein June 9, 2022 Recording Summary Deploying and Developing Gardener Locally (Without Any External Infrastructure!) Tim Ebert, Rafael Franzke March 17, 2022 Recording Summary Gardenctl-v2 Holger Kosser, Lukas Gross, Peter Sutter February 17, 2022 Recording Summary Google Calendar">

    Gardener Community

    Follow - Engage - Contribute

    Community Calls

    Join our community calls to connect with other Gardener enthusiasts and watch cool presentations.

    What content can you expect?

    • Gardener core developers roll out new information, share knowledge with the members and demonstrate new service capabilities.
    • Adopters and contributors share their use-cases, experience and exchange on future requirements.

    If you want to receive updates, sign up here:

    TopicSpeakerDate and TimeLink
    Get more computing power in Gardener by overcoming Kubelet limitations with CRI-resource-managerPawel Palucki, Alexander D. KanevskiyOctober 20, 2022Recording
    Summary
    Cilium / Isovalent PresentationRaymond de JongOctober 6, 2022Recording
    Summary
    Gardener Extension Development - From scratch to the gardener-extension-shoot-fluxJens Schneider, Lothar GessleinJune 9, 2022Recording
    Summary
    Deploying and Developing Gardener Locally (Without Any External Infrastructure!)Tim Ebert, Rafael FranzkeMarch 17, 2022Recording
    Summary
    Gardenctl-v2Holger Kosser, Lukas Gross, Peter SutterFebruary 17, 2022Recording
    Summary

    Google Calendar

    Presenting a Topic

    If there is a topic you would like to present, message us in our #gardener slack channel or get in touch with Jessica Katz.

    Get in Touch

    +All
  • Blogs
  • Community

    • Gardener Community

    Follow - Engage - Contribute

    Community Calls

    Join our community calls to connect with other Gardener enthusiasts and watch cool presentations.

    What content can you expect?

    • Gardener core developers roll out new information, share knowledge with the members and demonstrate new service capabilities.
    • Adopters and contributors share their use-cases, experience and exchange on future requirements.

    If you want to receive updates, sign up here:

    TopicSpeakerDate and TimeLink
    Get more computing power in Gardener by overcoming Kubelet limitations with CRI-resource-managerPawel Palucki, Alexander D. KanevskiyOctober 20, 2022Recording
    Summary
    Cilium / Isovalent PresentationRaymond de JongOctober 6, 2022Recording
    Summary
    Gardener Extension Development - From scratch to the gardener-extension-shoot-fluxJens Schneider, Lothar GessleinJune 9, 2022Recording
    Summary
    Deploying and Developing Gardener Locally (Without Any External Infrastructure!)Tim Ebert, Rafael FranzkeMarch 17, 2022Recording
    Summary
    Gardenctl-v2Holger Kosser, Lukas Gross, Peter SutterFebruary 17, 2022Recording
    Summary

    Google Calendar

    Presenting a Topic

    If there is a topic you would like to present, message us in our #gardener slack channel or get in touch with Jessica Katz.

    Get in Touch

    @GardenerProject Follow the latest project updates on Twitter
    GitHub diff --git a/docs/_print/contribute/docs/index.html b/docs/_print/contribute/docs/index.html index 233795cde0d..6c75231c539 100644 --- a/docs/_print/contribute/docs/index.html +++ b/docs/_print/contribute/docs/index.html @@ -10,7 +10,7 @@ Contributions must be licensed under the Creative Commons Attribution 4.0 International License You need to sign the Contributor License Agreement. We are using CLA assistant providing a click-through workflow for accepting the CLA. For company contributors additionally the company needs to sign a corporate license agreement. See the following sections for details.">

    This is the multi-page printable view of this section. +All

  • Blogs
  • Community

    • This is the multi-page printable view of this section. Click here to print.

    Return to the regular view of this page.

    Contributing Documentation

    You are welcome to contribute documentation to Gardener.

    The following rules govern documentation contributions:

    • Contributions must be licensed under the Creative Commons Attribution 4.0 International License
    • You need to sign the Contributor License Agreement. We are using CLA assistant providing a click-through workflow for accepting the CLA. For company contributors additionally the company needs to sign a corporate license agreement. See the following sections for details.

    1 - Working with Images

    Using images on the website has to contribute to the aesthetics and comprehensibility of the materials, with uncompromised experience when loading and browsing pages. That concerns crisp clear images, their consistent layout and color scheme, dimensions and aspect ratios, flicker-free and fast loading or the feeling of it, even on unreliable mobile networks and devices.

    Image Production Guidelines

    A good, detailed reference for optimal use of images for the web can be found at web.dev’s Fast Load Times topic. The following summarizes some key points plus suggestions for tools support.

    You are strongly encouraged to use vector images (SVG) as much as possible. They scale seamlessly without compromising the quality and are easier to maintain.

    If you are just now starting with SVG authoring, here are some tools suggestions: Figma (online/Win/Mac), Sketch (Mac only).

    For raster images (JPG, PNG, GIF), consider the following requirements and choose a tool that enables you to conform to them:

    • Be mindful about image size, the total page size and loading times.
    • Larger images (>10K) need to support progressive rendering. Consult with your favorite authoring tool’s documentation to find out if and how it supports that.
    • The site delivers the optimal media content format and size depending on the device screen size. You need to provide several variants (large screen, laptop, tablet, phone). Your authoring tool should be able to resize and resample images. Always save the largest size first and then downscale from it to avoid image quality loss.

    If you are looking for a tool that conforms to those guidelines, IrfanView is a very good option.

    Screenshots can be taken with whatever tool you have available. A simple Alt+PrtSc (Win) and paste into an image processing tool to save it does the job. If you need to add emphasized steps (1,2,3) when you describe a process on a screeshot, you can use Snaggit. Use red color and numbers. Mind the requirements for raster images laid out above.

    Diagrams can be exported as PNG/JPG from a diagraming tool such as Visio or even PowerPoint. Pick whichever you are comfortable with to design the diagram and make sure you comply with the requirements for the raster images production above. Diagrams produced as SVG are welcome too if your authoring tool supports exporting in that format. In any case, ensure that your diagrams “blend” with the content on the site - use the same color scheme and geometry style. Do not complicate diagrams too much. The site also supports Mermaid diagrams produced with markdown and rendered as SVG. You don’t need special tools for them, but for more complex ones you might want to prototype your diagram wth Mermaid’s online live editor, before encoding it in your markdown. More tips on using Mermaid can be found in the Shortcodes documentation.

    Using Images in Markdown

    The standard for adding images to a topic is to use markdown’s ![caption](image-path). If the image is not showing properly, or if you wish to serve images close to their natural size and avoid scaling, then you can use HTML5’s <picture> tag.

    Example:

    <picture>
     <!-- default, laptop-width-L max 1200px -->
     <source srcset="https://github.tools.sap/kubernetes/documentation/tree/master/website/documentation/015-tutorials/my-guide/images/overview-XL.png"
diff --git a/docs/_print/docs/contribute/code/index.html b/docs/_print/docs/contribute/code/index.html
index 03e673969e1..3b3a26ecc03 100644
--- a/docs/_print/docs/contribute/code/index.html
+++ b/docs/_print/docs/contribute/code/index.html
@@ -10,7 +10,7 @@
 Contributions must be licensed under the Apache 2.0 License You need to sign the Contributor License Agreement. We are using CLA assistant providing a click-through workflow for accepting the CLA. For company contributors additionally the company needs to sign a corporate license agreement. See the following sections for details.">
    This is the multi-page printable view of this section.
+All
  • Blogs
  • Community
    • This is the multi-page printable view of this section.
 Click here to print.
    Return to the regular view of this page.
    Contributing Code
    You are welcome to contribute code to Gardener in order to fix a bug or to implement a new feature.
    The following rules govern code contributions:
    • Contributions must be licensed under the Apache 2.0 License
    • You need to sign the Contributor License Agreement. We are using CLA assistant providing a click-through workflow for accepting the CLA. For company contributors additionally the company needs to sign a corporate license agreement. See the following sections for details.
    1 - Contributing Bigger Changes
    Contributing Bigger Changes
    Here are the guidelines you should follow when contributing larger changes to Gardener:
    • We strongly recommend to write a Gardener Enhancement Proposal (GEP) to get a common understanding what you want to achieve. This makes it easier for reviewers to understand the big picture.
    • Avoid proposing a big change in one single PR. Instead, split your work into multiple stages which are independently mergeable and create one PR for each stage. For example, if introducing a new API resource and its controller, these stages could be:
      • API resource types, including defaults and generated code.
      • API resource validation.
      • API server storage.
      • Admission plugin(s), if any.
      • Controller(s), including changes to existing controllers. Split this phase further into different functional subsets if appropriate.
    • If you realize later that changes to artifacts introduced in a previous stage are required, by all means make them and explain in the PR why they were needed.
    • Consider splitting a big PR further into multiple commits to allow for more focused reviews. For example, you could add unit tests / documentation in separate commits from the rest of the code. If you have to adapt your PR to review feedback, prefer doing that also in a separate commit to make it easier for reviewers to check how their feedback has been addressed.
    • To make the review process more efficient and avoid too many long discussions in the PR itself, ask for a “main reviewer” to be assigned to your change, then work with this person to make sure he or she understands it in detail, and agree together on any improvements that may be needed. If you can’t reach an agreement on certain topics, comment on the PR and invite other people to join the discussion.
    • Even if you have a “main reviewer” assigned, you may still get feedback from other reviewers. In general, these “non-main reviewers” are advised to focus more on the design and overall approach rather than the implementation details. Make sure that you address any concerns on this level appropriately.
    2 - CI/CD
    CI/CD
    As an execution environment for CI/CD workloads, we use Concourse.
 We however abstract from the underlying “build executor” and instead offer a
 Pipeline Definition Contract, through which components declare their build pipelines as
diff --git a/docs/adopter/index.html b/docs/adopter/index.html
index 8625f29acce..cfb7adaf4e9 100644
--- a/docs/adopter/index.html
+++ b/docs/adopter/index.html
@@ -2,5 +2,5 @@
 
    See who is using Gardener
    Gardener adopters in production environments that have publicly shared details of their usage.
    teaser
    SAPSAP uses Gardener to deploy and manage Kubernetes clusters at scale in a uniform way across infrastructures (AWS, Azure, GCP, Alicloud, as well as generic interfaces to OpenStack and vSphere). Workloads include Databases (SAP HANA Cloud), Big Data (SAP Data Intelligence), Kyma, many other cloud native applications, and diverse business workloads.
    OVHcloudGardener can now be run by customers on the Public Cloud Platform of the leading European Cloud Provider OVHcloud.
    ScaleUp TechnologiesScaleUp Technologies runs Gardener within their public Openstack Clouds (Hamburg, Berlin, Düsseldorf). Their clients run all kinds of workloads on top of Gardener maintained Kubernetes clusters ranging from databases to Software-as-a-Service applications.
    Finanz Informatik Technologie Services GmbHFinanz Informatik Technologie Services GmbH uses Gardener to offer k8s as a service for customers in the financial industry in Germany. It is built on top of a “metal as a service” infrastructure implemented from scratch for k8s workloads in mind. The result is k8s on top of bare metal in minutes.
    PingCAPPingCAP TiDB, is a cloud-native distributed SQL database with MySQL compatibility, and one of the most popular open-source database projects - with 23.5K+ stars and 400+ contributors. Its sister project TiKV is a Cloud Native Interactive Landscape project. PingCAP envisioned their managed TiDB service, known as TiDB Cloud, to be multi-tenant, secure, cost-efficient, and to be compatible with different cloud providers and they chose Gardener.
    BeezlabsBeezlabs uses Gardener to deliver Intelligent Process Automation platform, on multiple cloud providers and reduce costs and lock-in risks.
    b’nerdb’nerd uses Gardener as the core technology for its own managed Kubernetes as a Service solution and operates multiple Gardener installations for several cloud hosting service providers.
    STACKITSTACKIT is a digital brand of Europe’s biggest retailer, the Schwarz Group, which includes Lidl, Kaufland, but also production and recycling companies. It uses Gardener to offer public and private Kubernetes as a service in own data centers in Europe and targets to become the cloud provider for German and European small and mid-sized companies.
    T-SystemsSupporting and managing multiple application landscapes on-premises and across different hyperscaler infrastructures can be painful. At T-Systems we use Gardener both for internal usage and to manage clusters for our customers. We love the openness of the project, the flexibility and the architecture that allows us to manage clusters around the world with only one team from one single pane of glass and to meet industry specific certification standards. The sovereignty by design is another great value, the technology implicitly brings along.
    23 TechnologiesThe German-based company 23 Technologies uses Gardener to offer an enterprise-class Kubernetes engine for industrial use cases as well as cloud service providers and offers managed and professional services for it. 23T is also the team behind okeanos.dev, a public service that can be used by anyone to try out Gardener.
    B1 Systems GmbHB1 Systems GmbH is a international provider of Linux & Open Source consulting, training, managed service & support. We are founded in 2004 and based in Germany. Our team of 140 Linux experts offers tailor-made solutions based on cloud & container technologies, virtualization & high availability as well as monitoring, system & configuration management. B1 is using Gardener internally and also set up solutions/environments for customers.
    finleap connect GmbHfinleap connect GmbH is the leading independent Open Banking platform provider in Europe. It enables companies across a multitude of industries to provide the next generation of financial services by understanding how customers transact and interact. With its “full-stack” platform of solutions, finleap connect makes it possible for its clients to compliantly access the financial transactions data of customers, enrich said data with analytics tools, provide digital banking services and deliver high-quality, digital financial services products and services to customers. Gardener uniquly enables us to deploy our platform in Europe and across the globe in a uniform way on the providers preferred by our customers.
    CodesphereCodesphere is a Cloud IDE with integrated and automated deployment of web apps. It uses Gardener internally to manage clusters that host customer deployments and internal systems all over the world.
    plusserverplusserver combines its own cloud offerings with hyperscaler platforms to provide individually tailored multi-cloud solutions. The plusserver Kubernetes Engine (PSKE) based on Gardener reduces the complexity in managing multi-cloud environments and enables companies to orchestrate their containers and cloud-native applications across a variety of platforms such as plusserver’s pluscloud open or hyperscalers such as AWS, either by mouseclick or via an API. With PSKE, companies remain vendor-independent and profit from guaranteed data sovereignty and data security due to GDPR-compliant cloud platforms in the certified plusserver data centers in Germany.
    Fuga CloudFuga Cloud uses Gardener as the basis for its Enterprise Managed Kubernetes (EMK), a platform that simplifies the management of your k8s and provides insight into usage and performance. The other Fuga Cloud services can be added with a mouse click, and the choice of another cloud provider is a negotiable option. Fuga Cloud stands for Digital Sovereignty, Data Portability and GDPR compatibility.
    Metalstack Cloudmetalstack.cloud uses Gardener and is based on the open-source software metal-stack.io, which is developed for regulated financial institutions. The focus here is on the highest possible security and compliance conformity. This makes metalstack.cloud perfect for running enterprise-grade container applications and provides your workloads with the highest possible performance.
    CleuraCleura uses Gardener to power its Container Orchestration Engine for Cleura Public Cloud and Cleura Compliant Cloud. Cleura Container Orchestration Engine simplifies the creation and management of Kubernetes clusters through their user-friendly Cleura Cloud Management Panel or API, allowing users to focus on deploying applications instead of maintaining the underlying infrastructure.
    PITS Globale DatenrettungsdienstePITS Globale Datenrettungsdienste is a data recovery company located in Germany specializing in recovering lost or damaged files from hard drives, solid-state drives, flash drives, and other storage media. Gardener is used to handle highly-loaded internal infrastructure and provide reliable, fully-managed K8 cluster solutions.
    If you’re using Gardener and you aren’t on this list, submit a pull request!
  • Blogs
  • Community
    • See who is using Gardener
    Gardener adopters in production environments that have publicly shared details of their usage.
    teaser
    SAPSAP uses Gardener to deploy and manage Kubernetes clusters at scale in a uniform way across infrastructures (AWS, Azure, GCP, Alicloud, as well as generic interfaces to OpenStack and vSphere). Workloads include Databases (SAP HANA Cloud), Big Data (SAP Data Intelligence), Kyma, many other cloud native applications, and diverse business workloads.
    OVHcloudGardener can now be run by customers on the Public Cloud Platform of the leading European Cloud Provider OVHcloud.
    ScaleUp TechnologiesScaleUp Technologies runs Gardener within their public Openstack Clouds (Hamburg, Berlin, Düsseldorf). Their clients run all kinds of workloads on top of Gardener maintained Kubernetes clusters ranging from databases to Software-as-a-Service applications.
    Finanz Informatik Technologie Services GmbHFinanz Informatik Technologie Services GmbH uses Gardener to offer k8s as a service for customers in the financial industry in Germany. It is built on top of a “metal as a service” infrastructure implemented from scratch for k8s workloads in mind. The result is k8s on top of bare metal in minutes.
    PingCAPPingCAP TiDB, is a cloud-native distributed SQL database with MySQL compatibility, and one of the most popular open-source database projects - with 23.5K+ stars and 400+ contributors. Its sister project TiKV is a Cloud Native Interactive Landscape project. PingCAP envisioned their managed TiDB service, known as TiDB Cloud, to be multi-tenant, secure, cost-efficient, and to be compatible with different cloud providers and they chose Gardener.
    BeezlabsBeezlabs uses Gardener to deliver Intelligent Process Automation platform, on multiple cloud providers and reduce costs and lock-in risks.
    b’nerdb’nerd uses Gardener as the core technology for its own managed Kubernetes as a Service solution and operates multiple Gardener installations for several cloud hosting service providers.
    STACKITSTACKIT is a digital brand of Europe’s biggest retailer, the Schwarz Group, which includes Lidl, Kaufland, but also production and recycling companies. It uses Gardener to offer public and private Kubernetes as a service in own data centers in Europe and targets to become the cloud provider for German and European small and mid-sized companies.
    T-SystemsSupporting and managing multiple application landscapes on-premises and across different hyperscaler infrastructures can be painful. At T-Systems we use Gardener both for internal usage and to manage clusters for our customers. We love the openness of the project, the flexibility and the architecture that allows us to manage clusters around the world with only one team from one single pane of glass and to meet industry specific certification standards. The sovereignty by design is another great value, the technology implicitly brings along.
    23 TechnologiesThe German-based company 23 Technologies uses Gardener to offer an enterprise-class Kubernetes engine for industrial use cases as well as cloud service providers and offers managed and professional services for it. 23T is also the team behind okeanos.dev, a public service that can be used by anyone to try out Gardener.
    B1 Systems GmbHB1 Systems GmbH is a international provider of Linux & Open Source consulting, training, managed service & support. We are founded in 2004 and based in Germany. Our team of 140 Linux experts offers tailor-made solutions based on cloud & container technologies, virtualization & high availability as well as monitoring, system & configuration management. B1 is using Gardener internally and also set up solutions/environments for customers.
    finleap connect GmbHfinleap connect GmbH is the leading independent Open Banking platform provider in Europe. It enables companies across a multitude of industries to provide the next generation of financial services by understanding how customers transact and interact. With its “full-stack” platform of solutions, finleap connect makes it possible for its clients to compliantly access the financial transactions data of customers, enrich said data with analytics tools, provide digital banking services and deliver high-quality, digital financial services products and services to customers. Gardener uniquly enables us to deploy our platform in Europe and across the globe in a uniform way on the providers preferred by our customers.
    CodesphereCodesphere is a Cloud IDE with integrated and automated deployment of web apps. It uses Gardener internally to manage clusters that host customer deployments and internal systems all over the world.
    plusserverplusserver combines its own cloud offerings with hyperscaler platforms to provide individually tailored multi-cloud solutions. The plusserver Kubernetes Engine (PSKE) based on Gardener reduces the complexity in managing multi-cloud environments and enables companies to orchestrate their containers and cloud-native applications across a variety of platforms such as plusserver’s pluscloud open or hyperscalers such as AWS, either by mouseclick or via an API. With PSKE, companies remain vendor-independent and profit from guaranteed data sovereignty and data security due to GDPR-compliant cloud platforms in the certified plusserver data centers in Germany.
    Fuga CloudFuga Cloud uses Gardener as the basis for its Enterprise Managed Kubernetes (EMK), a platform that simplifies the management of your k8s and provides insight into usage and performance. The other Fuga Cloud services can be added with a mouse click, and the choice of another cloud provider is a negotiable option. Fuga Cloud stands for Digital Sovereignty, Data Portability and GDPR compatibility.
    Metalstack Cloudmetalstack.cloud uses Gardener and is based on the open-source software metal-stack.io, which is developed for regulated financial institutions. The focus here is on the highest possible security and compliance conformity. This makes metalstack.cloud perfect for running enterprise-grade container applications and provides your workloads with the highest possible performance.
    CleuraCleura uses Gardener to power its Container Orchestration Engine for Cleura Public Cloud and Cleura Compliant Cloud. Cleura Container Orchestration Engine simplifies the creation and management of Kubernetes clusters through their user-friendly Cleura Cloud Management Panel or API, allowing users to focus on deploying applications instead of maintaining the underlying infrastructure.
    PITS Globale DatenrettungsdienstePITS Globale Datenrettungsdienste is a data recovery company located in Germany specializing in recovering lost or damaged files from hard drives, solid-state drives, flash drives, and other storage media. Gardener is used to handle highly-loaded internal infrastructure and provide reliable, fully-managed K8 cluster solutions.
    If you’re using Gardener and you aren’t on this list, submit a pull request!
    
\ No newline at end of file
diff --git a/docs/blog/2018/06.11-anti-patterns/index.html b/docs/blog/2018/06.11-anti-patterns/index.html
index a9d2ba9122c..6c8b1e1c081 100644
--- a/docs/blog/2018/06.11-anti-patterns/index.html
+++ b/docs/blog/2018/06.11-anti-patterns/index.html
@@ -6,7 +6,7 @@
 Instead of running a root user, use RUN groupadd -r anygroup && useradd -r -g anygroup myuser to create a group and a user in it. Use the USER command to switch to this user.">
  • Blogs
  • Community

    • 5.1.3.4 - Local Setup

    admission-azure

    admission-azure is an admission webhook server which is responsible for the validation of the cloud provider (Azure in this case) specific fields and resources. The Gardener API server is cloud provider agnostic and it wouldn’t be able to perform similar validation.

    Follow the steps below to run the admission webhook server locally.

    1. Start the Gardener API server.

      For details, check the Gardener local setup.

    2. Start the webhook server

      Make sure that the KUBECONFIG environment variable is pointing to the local garden cluster.

      make start-admission

    3. Setup the ValidatingWebhookConfiguration.

      hack/dev-setup-admission-azure.sh will configure the webhook Service which will allow the kube-apiserver of your local cluster to reach the webhook server. It will also apply the ValidatingWebhookConfiguration manifest.

      ./hack/dev-setup-admission-azure.sh
-

    You are now ready to experiment with the admission-azure webhook server locally.

    5.1.3.5 - Migrate Loadbalancer

    Migrate Azure Shoot Load Balancer from basic to standard SKU

    This guide descibes how to migrate the Load Balancer of an Azure Shoot cluster from the basic SKU to the standard SKU.
    Be aware: You need to delete and recreate all services of type Load Balancer, which means that the public ip addresses of your service endpoints will change.
    Please do this only if the Stakeholder really needs to migrate this Shoot to use standard Load Balancers. All new Shoot clusters will automatically use Azure Standard Load Balancers.

    1. Disable temporarily Gardeners reconciliation.
      The Gardener Controller Manager need to be configured to allow ignoring Shoot clusters. -This can be configured in its the ControllerManagerConfiguration via the field .controllers.shoot.respectSyncPeriodOverwrite="true".
    # In the Garden cluster.
-kubectl annotate shoot <shoot-name> shoot.garden.sapcloud.io/ignore="true"
-
-# In the Seed cluster.
-kubectl -n <shoot-namespace> scale deployment gardener-resource-manager --replicas=0
-
    1. Backup all Kubernetes services of type Load Balancer.
    # In the Shoot cluster.
-# Determine all Load Balancer services.
-kubectl get service --all-namespaces | grep LoadBalancer
-
-# Backup each Load Balancer service.
-echo "---" >> service-backup.yaml && kubectl -n <namespace> get service <service-name> -o yaml >> service-backup.yaml
-
    1. Delete all Load Balancer services.
    # In the Shoot cluster.
-kubectl -n <namespace> delete service <service-name>
-
    1. Wait until until Load Balancer is deleted. -Wait until all services of type Load Balancer are deleted and the Azure Load Balancer resource is also deleted. -Check via the Azure Portal if the Load Balancer within the Shoot Resource Group has been deleted. -This should happen automatically after all Kubernetes Load Balancer service are gone within a few minutes.

    Alternatively the Azure cli can be used to check the Load Balancer in the Shoot Resource Group. -The credentials to configure the cli are available on the Seed cluster in the Shoot namespace.

    # In the Seed cluster.
-# Fetch the credentials from cloudprovider secret.
-kubectl -n <shoot-namespace> get secret cloudprovider -o yaml
-
-# Configure the Azure cli, with the base64 decoded values of the cloudprovider secret.
-az login --service-principal --username <clientID> --password <clientSecret> --tenant <tenantID>
-az account set -s <subscriptionID>
-
-# Fetch the constantly the Shoot Load Balancer in the Shoot Resource Group. Wait until the resource is gone.
-watch 'az network lb show -g shoot--<project-name>--<shoot-name> -n shoot--<project-name>--<shoot-name>'
-
-# Logout.
-az logout
-
    1. Modify the cloud-povider-config configmap in the Seed namespace of the Shoot.
      The key cloudprovider.conf contains the Kubernetes cloud-provider configuration. -The value is a multiline string. Please change the value of the field loadBalancerSku from basic to standard. -Iff the field does not exists then append loadBalancerSku: \"standard\"\n to the value/string.
    # In the Seed cluster.
-kubectl -n <shoot-namespace> edit cm cloud-provider-config
-
    1. Enable Gardeners reconcilation and trigger a reconciliation.
    # In the Garden cluster
-# Enable reconcilation
-kubectl annotate shoot <shoot-name> shoot.garden.sapcloud.io/ignore-
-
-# Trigger reconcilation
-kubectl annotate shoot <shoot-name> shoot.garden.sapcloud.io/operation="reconcile"
-

    Wait until the cluster has been reconciled.

    1. Recreate the services from the backup file.
      Probably you need to remove some fields from the service defintions e.g. .spec.clusterIP, .metadata.uid or .status etc.
    kubectl apply -f service-backup.yaml
-
    1. If successful remove backup file.
    # Delete the backup file.
-rm -f service-backup.yaml
-

    5.1.3.6 - Operations

    Using the Azure provider extension with Gardener as an operator

    The core.gardener.cloud/v1beta1.CloudProfile resource declares a providerConfig field that is meant to contain provider-specific configuration. +

    You are now ready to experiment with the admission-azure webhook server locally.

    5.1.3.5 - Operations

    Using the Azure provider extension with Gardener as an operator

    The core.gardener.cloud/v1beta1.CloudProfile resource declares a providerConfig field that is meant to contain provider-specific configuration. The core.gardener.cloud/v1beta1.Seed resource is structured similarly. Additionally, it allows configuring settings for the backups of the main etcds’ data of shoot clusters control planes running in this seed cluster.

    This document explains the necessary configuration for the Azure provider extension.

    CloudProfile resource

    This section describes, how the configuration for CloudProfiles looks like for Azure by providing an example CloudProfile manifest with minimal configuration that can be used to allow the creation of Azure shoot clusters.

    CloudProfileConfig

    The cloud profile configuration contains information about the real machine image IDs in the Azure environment (image urn, id, communityGalleryImageID or sharedGalleryImageID). You have to map every version that you specify in .spec.machineImages[].versions to an available VM image in your subscription. @@ -12681,7 +12676,7 @@ type: Opaque

    The user needs to provide in its Shoot secret a tenantID and subscriptionID.

    The managed service principal will be assigned based on the tenantID. In case there is a managed service principal secret with a matching tenantID, this one will be used for the Shoot. -If there is no matching managed service principal secret then the next Shoot operation will fail.

    One of the benefits of having managed service principals is that the operator controls the lifecycle of the service principal and can rotate its secrets.

    After the service principal secret has been rotated and the corresponding secret is updated, all Shoot clusters using it need to be reconciled or the last operation to be retried.

    5.1.3.7 - Usage

    Using the Azure provider extension with Gardener as end-user

    The core.gardener.cloud/v1beta1.Shoot resource declares a few fields that are meant to contain provider-specific configuration.

    This document describes the configurable options for Azure and provides an example Shoot manifest with minimal configuration that can be used to create an Azure cluster (modulo the landscape-specific information like cloud profile names, secret binding names, etc.).

    Azure Provider Credentials

    In order for Gardener to create a Kubernetes cluster using Azure infrastructure components, a Shoot has to provide credentials with sufficient permissions to the desired Azure subscription. +If there is no matching managed service principal secret then the next Shoot operation will fail.

    One of the benefits of having managed service principals is that the operator controls the lifecycle of the service principal and can rotate its secrets.

    After the service principal secret has been rotated and the corresponding secret is updated, all Shoot clusters using it need to be reconciled or the last operation to be retried.

    5.1.3.6 - Usage

    Using the Azure provider extension with Gardener as end-user

    The core.gardener.cloud/v1beta1.Shoot resource declares a few fields that are meant to contain provider-specific configuration.

    This document describes the configurable options for Azure and provides an example Shoot manifest with minimal configuration that can be used to create an Azure cluster (modulo the landscape-specific information like cloud profile names, secret binding names, etc.).

    Azure Provider Credentials

    In order for Gardener to create a Kubernetes cluster using Azure infrastructure components, a Shoot has to provide credentials with sufficient permissions to the desired Azure subscription. Every shoot cluster references a SecretBinding or a CredentialsBinding which itself references a Secret, and this Secret contains the provider credentials of the Azure subscription. The SecretBinding/CredentialsBinding is configurable in the Shoot cluster with the field secretBindingName/credentialsBindingName.

    Create an Azure Application and Service Principle and obtain its credentials.

    Please ensure that the Azure application (spn) has the IAM actions defined here assigned. If no fine-grained permissions/actions required then simply assign the Contributor role.

    The example below demonstrates how the secret containing the client credentials of the Azure Application has to look like:

    apiVersion: v1
@@ -18991,7 +18986,7 @@
 This will avoid unnecessary work and surely give you and us a good deal
 of inspiration.
  • Relevant coding style guidelines are the Go Code Review
 Comments
-and the Formatting and style section of Peter Bourgon’s Go: Best Practices for Production Environments.
    • Steps to Contribute
    Should you wish to work on an issue, please claim it first by commenting on the GitHub issue that you want to work on it. This is to prevent duplicated efforts from contributors on the same issue.
    If you have questions about one of the issues, with or without the tag, please comment on them and one of the maintainers will clarify it.
    We kindly ask you to follow the Pull Request Checklist to ensure reviews can happen accordingly.
    Pull Request Checklist
    • Branch from the master branch and, if needed, rebase to the current master branch before submitting your pull request. If it doesn’t merge cleanly with master you may be asked to rebase your changes.
    • Commits should be as small as possible, while ensuring that each commit is correct independently (i.e., each commit should compile and pass tests).
    • Test your changes as thoroughly as possible before your commit them. Preferably, automate your testing with unit / integration tests. If tested manually, provide information about the test scope in the PR description (e.g., “Test passed: Upgrade K8s version from 1.14.5 to 1.15.2 on AWS, Azure, GCP, Alicloud, Openstack.”).
    • When creating the PR, make your Pull Request description as detailed as possible to help out the reviewers.
    • Create Work In Progress [WIP] pull requests only if you need a clarification or an explicit review before you can continue your work item.
    • If your patch is not getting reviewed or you need a specific person to review it, you can @-reply a reviewer asking for a review in the pull request or a comment, or you can ask for a review on our mailing list.
    • If you add new features, make sure that they are documented in the Gardener documentation.
    • If your changes are relevant for operators, consider to update the ops toolbelt image.
    • Post review:
      • If a review requires you to change your commit(s), please test the changes again.
      • Amend the affected commit(s) and force push onto your branch.
      • Set respective comments in your GitHub review to resolved.
      • Create a general PR comment to notify the reviewers that your amendments are ready for another round of review.
    Contributing Bigger Changes
    If you want to contribute bigger changes to Gardener, such as when introducing new API resources and their corresponding controllers, or implementing an approved Gardener Enhancement Proposal, follow the guidelines outlined in Contributing Bigger Changes.
    Adding Already Existing Documentation
    If you want to add documentation that already exists on GitHub to the website, you should update the central manifest instead of duplicating the content. To find out how to do that, see Adding Already Existing Documentation.
    Issues and Planning
    We use GitHub issues to track bugs and enhancement requests. Please provide as much context as possible when you open an issue. The information you provide must be comprehensive enough to reproduce that issue for the assignee. Therefore, contributors may use but aren’t restricted to the issue template provided by the Gardener maintainers.
    ZenHub is used for planning:
    Security Release Process
    See Security Release Process.
    Community
    Slack Channel
    #gardener, sign up here.
    Mailing List
    gardener@googlegroups.com
    The mailing list is hosted through Google Groups. To receive the lists’ emails, join the group as you would any other Google Group.
    Other
    For additional channels where you can reach us, as well as links to our bi-weekly meetings, visit the Community page.

    12.1 - Contributing Code

    You are welcome to contribute code to Gardener in order to fix a bug or to implement a new feature.

    The following rules govern code contributions:

    • Contributions must be licensed under the Apache 2.0 License
    • You need to sign the Contributor License Agreement. We are using CLA assistant providing a click-through workflow for accepting the CLA. For company contributors additionally the company needs to sign a corporate license agreement. See the following sections for details.

    12.1.1 - Contributing Bigger Changes

    Contributing Bigger Changes

    Here are the guidelines you should follow when contributing larger changes to Gardener:

    • We strongly recommend to write a Gardener Enhancement Proposal (GEP) to get a common understanding what you want to achieve. This makes it easier for reviewers to understand the big picture.

    • Avoid proposing a big change in one single PR. Instead, split your work into multiple stages which are independently mergeable and create one PR for each stage. For example, if introducing a new API resource and its controller, these stages could be:

      • API resource types, including defaults and generated code.
      • API resource validation.
      • API server storage.
      • Admission plugin(s), if any.
      • Controller(s), including changes to existing controllers. Split this phase further into different functional subsets if appropriate.

    • If you realize later that changes to artifacts introduced in a previous stage are required, by all means make them and explain in the PR why they were needed.

    • Consider splitting a big PR further into multiple commits to allow for more focused reviews. For example, you could add unit tests / documentation in separate commits from the rest of the code. If you have to adapt your PR to review feedback, prefer doing that also in a separate commit to make it easier for reviewers to check how their feedback has been addressed.

    • To make the review process more efficient and avoid too many long discussions in the PR itself, ask for a “main reviewer” to be assigned to your change, then work with this person to make sure he or she understands it in detail, and agree together on any improvements that may be needed. If you can’t reach an agreement on certain topics, comment on the PR and invite other people to join the discussion.

    • Even if you have a “main reviewer” assigned, you may still get feedback from other reviewers. In general, these “non-main reviewers” are advised to focus more on the design and overall approach rather than the implementation details. Make sure that you address any concerns on this level appropriately.

    12.1.2 - CI/CD

    CI/CD

    As an execution environment for CI/CD workloads, we use Concourse. +and the Formatting and style section of Peter Bourgon’s Go: Best Practices for Production Environments.

    Steps to Contribute

    Should you wish to work on an issue, please claim it first by commenting on the GitHub issue that you want to work on it. This is to prevent duplicated efforts from contributors on the same issue.

    If you have questions about one of the issues, with or without the tag, please comment on them and one of the maintainers will clarify it.

    We kindly ask you to follow the Pull Request Checklist to ensure reviews can happen accordingly.

    Pull Request Checklist

    • Branch from the master branch and, if needed, rebase to the current master branch before submitting your pull request. If it doesn’t merge cleanly with master you may be asked to rebase your changes.

    • Commits should be as small as possible, while ensuring that each commit is correct independently (i.e., each commit should compile and pass tests).

    • Test your changes as thoroughly as possible before your commit them. Preferably, automate your testing with unit / integration tests. If tested manually, provide information about the test scope in the PR description (e.g., “Test passed: Upgrade K8s version from 1.14.5 to 1.15.2 on AWS, Azure, GCP, Alicloud, Openstack.”).

    • When creating the PR, make your Pull Request description as detailed as possible to help out the reviewers.

    • Create Work In Progress [WIP] pull requests only if you need a clarification or an explicit review before you can continue your work item.

    • If your patch is not getting reviewed or you need a specific person to review it, you can @-reply a reviewer asking for a review in the pull request or a comment, or you can ask for a review on our mailing list.

    • If you add new features, make sure that they are documented in the Gardener documentation.

    • If your changes are relevant for operators, consider to update the ops toolbelt image.

    • Post review:

      • If a review requires you to change your commit(s), please test the changes again.
      • Amend the affected commit(s) and force push onto your branch.
      • Set respective comments in your GitHub review to resolved.
      • Create a general PR comment to notify the reviewers that your amendments are ready for another round of review.

    Contributing Bigger Changes

    If you want to contribute bigger changes to Gardener, such as when introducing new API resources and their corresponding controllers, or implementing an approved Gardener Enhancement Proposal, follow the guidelines outlined in Contributing Bigger Changes.

    Adding Already Existing Documentation

    If you want to add documentation that already exists on GitHub to the website, you should update the central manifest instead of duplicating the content. To find out how to do that, see Adding Already Existing Documentation.

    Issues and Planning

    We use GitHub issues to track bugs and enhancement requests. Please provide as much context as possible when you open an issue. The information you provide must be comprehensive enough to reproduce that issue for the assignee. Therefore, contributors may use but aren’t restricted to the issue template provided by the Gardener maintainers.

    Security Release Process

    See Security Release Process.

    Community

    Slack Channel

    #gardener, sign up here.

    Mailing List

    gardener@googlegroups.com

    The mailing list is hosted through Google Groups. To receive the lists’ emails, join the group as you would any other Google Group.

    Other

    For additional channels where you can reach us, as well as links to our bi-weekly meetings, visit the Community page.

    12.1 - Contributing Code

    You are welcome to contribute code to Gardener in order to fix a bug or to implement a new feature.

    The following rules govern code contributions:

    • Contributions must be licensed under the Apache 2.0 License
    • You need to sign the Contributor License Agreement. We are using CLA assistant providing a click-through workflow for accepting the CLA. For company contributors additionally the company needs to sign a corporate license agreement. See the following sections for details.

    12.1.1 - Contributing Bigger Changes

    Contributing Bigger Changes

    Here are the guidelines you should follow when contributing larger changes to Gardener:

    • We strongly recommend to write a Gardener Enhancement Proposal (GEP) to get a common understanding what you want to achieve. This makes it easier for reviewers to understand the big picture.

    • Avoid proposing a big change in one single PR. Instead, split your work into multiple stages which are independently mergeable and create one PR for each stage. For example, if introducing a new API resource and its controller, these stages could be:

      • API resource types, including defaults and generated code.
      • API resource validation.
      • API server storage.
      • Admission plugin(s), if any.
      • Controller(s), including changes to existing controllers. Split this phase further into different functional subsets if appropriate.

    • If you realize later that changes to artifacts introduced in a previous stage are required, by all means make them and explain in the PR why they were needed.

    • Consider splitting a big PR further into multiple commits to allow for more focused reviews. For example, you could add unit tests / documentation in separate commits from the rest of the code. If you have to adapt your PR to review feedback, prefer doing that also in a separate commit to make it easier for reviewers to check how their feedback has been addressed.

    • To make the review process more efficient and avoid too many long discussions in the PR itself, ask for a “main reviewer” to be assigned to your change, then work with this person to make sure he or she understands it in detail, and agree together on any improvements that may be needed. If you can’t reach an agreement on certain topics, comment on the PR and invite other people to join the discussion.

    • Even if you have a “main reviewer” assigned, you may still get feedback from other reviewers. In general, these “non-main reviewers” are advised to focus more on the design and overall approach rather than the implementation details. Make sure that you address any concerns on this level appropriately.

    12.1.2 - CI/CD

    CI/CD

    As an execution environment for CI/CD workloads, we use Concourse. We however abstract from the underlying “build executor” and instead offer a Pipeline Definition Contract, through which components declare their build pipelines as required.

    Overview

    In order to run continuous delivery workloads for all components contributing to the diff --git a/docs/docs/contribute/_print/index.html b/docs/docs/contribute/_print/index.html index ffe6119428d..5a09b3d6dda 100644 --- a/docs/docs/contribute/_print/index.html +++ b/docs/docs/contribute/_print/index.html @@ -1,8 +1,8 @@ Contribute | Gardener -

    This is the multi-page printable view of this section. Click here to print.

    Return to the regular view of this page.

    Contribute

    Contributors guides for code and documentation

    Contributing to Gardener

    Welcome

    Welcome to the Contributor section of Gardener. Here you can learn how it is possible for you to contribute your ideas and expertise to the project and have it grow even more.

    Prerequisites

    Before you begin contributing to Gardener, there are a couple of things you should become familiar with and complete first.

    Code of Conduct

    All members of the Gardener community must abide by the Contributor Covenant. Only by respecting each other can we develop a productive, collaborative community. @@ -11,7 +11,7 @@ This will avoid unnecessary work and surely give you and us a good deal of inspiration.

  • Relevant coding style guidelines are the Go Code Review Comments -and the Formatting and style section of Peter Bourgon’s Go: Best Practices for Production Environments.

    • Steps to Contribute

    Should you wish to work on an issue, please claim it first by commenting on the GitHub issue that you want to work on it. This is to prevent duplicated efforts from contributors on the same issue.

    If you have questions about one of the issues, with or without the tag, please comment on them and one of the maintainers will clarify it.

    We kindly ask you to follow the Pull Request Checklist to ensure reviews can happen accordingly.

    Pull Request Checklist

    • Branch from the master branch and, if needed, rebase to the current master branch before submitting your pull request. If it doesn’t merge cleanly with master you may be asked to rebase your changes.

    • Commits should be as small as possible, while ensuring that each commit is correct independently (i.e., each commit should compile and pass tests).

    • Test your changes as thoroughly as possible before your commit them. Preferably, automate your testing with unit / integration tests. If tested manually, provide information about the test scope in the PR description (e.g., “Test passed: Upgrade K8s version from 1.14.5 to 1.15.2 on AWS, Azure, GCP, Alicloud, Openstack.”).

    • When creating the PR, make your Pull Request description as detailed as possible to help out the reviewers.

    • Create Work In Progress [WIP] pull requests only if you need a clarification or an explicit review before you can continue your work item.

    • If your patch is not getting reviewed or you need a specific person to review it, you can @-reply a reviewer asking for a review in the pull request or a comment, or you can ask for a review on our mailing list.

    • If you add new features, make sure that they are documented in the Gardener documentation.

    • If your changes are relevant for operators, consider to update the ops toolbelt image.

    • Post review:

      • If a review requires you to change your commit(s), please test the changes again.
      • Amend the affected commit(s) and force push onto your branch.
      • Set respective comments in your GitHub review to resolved.
      • Create a general PR comment to notify the reviewers that your amendments are ready for another round of review.

    Contributing Bigger Changes

    If you want to contribute bigger changes to Gardener, such as when introducing new API resources and their corresponding controllers, or implementing an approved Gardener Enhancement Proposal, follow the guidelines outlined in Contributing Bigger Changes.

    Adding Already Existing Documentation

    If you want to add documentation that already exists on GitHub to the website, you should update the central manifest instead of duplicating the content. To find out how to do that, see Adding Already Existing Documentation.

    Issues and Planning

    We use GitHub issues to track bugs and enhancement requests. Please provide as much context as possible when you open an issue. The information you provide must be comprehensive enough to reproduce that issue for the assignee. Therefore, contributors may use but aren’t restricted to the issue template provided by the Gardener maintainers.

    ZenHub is used for planning:

    Security Release Process

    See Security Release Process.

    Community

    Slack Channel

    #gardener, sign up here.

    Mailing List

    gardener@googlegroups.com

    The mailing list is hosted through Google Groups. To receive the lists’ emails, join the group as you would any other Google Group.

    Other

    For additional channels where you can reach us, as well as links to our bi-weekly meetings, visit the Community page.

    1 - Contributing Code

    You are welcome to contribute code to Gardener in order to fix a bug or to implement a new feature.

    The following rules govern code contributions:

    • Contributions must be licensed under the Apache 2.0 License
    • You need to sign the Contributor License Agreement. We are using CLA assistant providing a click-through workflow for accepting the CLA. For company contributors additionally the company needs to sign a corporate license agreement. See the following sections for details.

    1.1 - Contributing Bigger Changes

    Contributing Bigger Changes

    Here are the guidelines you should follow when contributing larger changes to Gardener:

    • We strongly recommend to write a Gardener Enhancement Proposal (GEP) to get a common understanding what you want to achieve. This makes it easier for reviewers to understand the big picture.

    • Avoid proposing a big change in one single PR. Instead, split your work into multiple stages which are independently mergeable and create one PR for each stage. For example, if introducing a new API resource and its controller, these stages could be:

      • API resource types, including defaults and generated code.
      • API resource validation.
      • API server storage.
      • Admission plugin(s), if any.
      • Controller(s), including changes to existing controllers. Split this phase further into different functional subsets if appropriate.

    • If you realize later that changes to artifacts introduced in a previous stage are required, by all means make them and explain in the PR why they were needed.

    • Consider splitting a big PR further into multiple commits to allow for more focused reviews. For example, you could add unit tests / documentation in separate commits from the rest of the code. If you have to adapt your PR to review feedback, prefer doing that also in a separate commit to make it easier for reviewers to check how their feedback has been addressed.

    • To make the review process more efficient and avoid too many long discussions in the PR itself, ask for a “main reviewer” to be assigned to your change, then work with this person to make sure he or she understands it in detail, and agree together on any improvements that may be needed. If you can’t reach an agreement on certain topics, comment on the PR and invite other people to join the discussion.

    • Even if you have a “main reviewer” assigned, you may still get feedback from other reviewers. In general, these “non-main reviewers” are advised to focus more on the design and overall approach rather than the implementation details. Make sure that you address any concerns on this level appropriately.

    1.2 - CI/CD

    CI/CD

    As an execution environment for CI/CD workloads, we use Concourse. +and the Formatting and style section of Peter Bourgon’s Go: Best Practices for Production Environments.

    Steps to Contribute

    Should you wish to work on an issue, please claim it first by commenting on the GitHub issue that you want to work on it. This is to prevent duplicated efforts from contributors on the same issue.

    If you have questions about one of the issues, with or without the tag, please comment on them and one of the maintainers will clarify it.

    We kindly ask you to follow the Pull Request Checklist to ensure reviews can happen accordingly.

    Pull Request Checklist

    • Branch from the master branch and, if needed, rebase to the current master branch before submitting your pull request. If it doesn’t merge cleanly with master you may be asked to rebase your changes.

    • Commits should be as small as possible, while ensuring that each commit is correct independently (i.e., each commit should compile and pass tests).

    • Test your changes as thoroughly as possible before your commit them. Preferably, automate your testing with unit / integration tests. If tested manually, provide information about the test scope in the PR description (e.g., “Test passed: Upgrade K8s version from 1.14.5 to 1.15.2 on AWS, Azure, GCP, Alicloud, Openstack.”).

    • When creating the PR, make your Pull Request description as detailed as possible to help out the reviewers.

    • Create Work In Progress [WIP] pull requests only if you need a clarification or an explicit review before you can continue your work item.

    • If your patch is not getting reviewed or you need a specific person to review it, you can @-reply a reviewer asking for a review in the pull request or a comment, or you can ask for a review on our mailing list.

    • If you add new features, make sure that they are documented in the Gardener documentation.

    • If your changes are relevant for operators, consider to update the ops toolbelt image.

    • Post review:

      • If a review requires you to change your commit(s), please test the changes again.
      • Amend the affected commit(s) and force push onto your branch.
      • Set respective comments in your GitHub review to resolved.
      • Create a general PR comment to notify the reviewers that your amendments are ready for another round of review.

    Contributing Bigger Changes

    If you want to contribute bigger changes to Gardener, such as when introducing new API resources and their corresponding controllers, or implementing an approved Gardener Enhancement Proposal, follow the guidelines outlined in Contributing Bigger Changes.

    Adding Already Existing Documentation

    If you want to add documentation that already exists on GitHub to the website, you should update the central manifest instead of duplicating the content. To find out how to do that, see Adding Already Existing Documentation.

    Issues and Planning

    We use GitHub issues to track bugs and enhancement requests. Please provide as much context as possible when you open an issue. The information you provide must be comprehensive enough to reproduce that issue for the assignee. Therefore, contributors may use but aren’t restricted to the issue template provided by the Gardener maintainers.

    Security Release Process

    See Security Release Process.

    Community

    Slack Channel

    #gardener, sign up here.

    Mailing List

    gardener@googlegroups.com

    The mailing list is hosted through Google Groups. To receive the lists’ emails, join the group as you would any other Google Group.

    Other

    For additional channels where you can reach us, as well as links to our bi-weekly meetings, visit the Community page.

    1 - Contributing Code

    You are welcome to contribute code to Gardener in order to fix a bug or to implement a new feature.

    The following rules govern code contributions:

    • Contributions must be licensed under the Apache 2.0 License
    • You need to sign the Contributor License Agreement. We are using CLA assistant providing a click-through workflow for accepting the CLA. For company contributors additionally the company needs to sign a corporate license agreement. See the following sections for details.

    1.1 - Contributing Bigger Changes

    Contributing Bigger Changes

    Here are the guidelines you should follow when contributing larger changes to Gardener:

    • We strongly recommend to write a Gardener Enhancement Proposal (GEP) to get a common understanding what you want to achieve. This makes it easier for reviewers to understand the big picture.

    • Avoid proposing a big change in one single PR. Instead, split your work into multiple stages which are independently mergeable and create one PR for each stage. For example, if introducing a new API resource and its controller, these stages could be:

      • API resource types, including defaults and generated code.
      • API resource validation.
      • API server storage.
      • Admission plugin(s), if any.
      • Controller(s), including changes to existing controllers. Split this phase further into different functional subsets if appropriate.

    • If you realize later that changes to artifacts introduced in a previous stage are required, by all means make them and explain in the PR why they were needed.

    • Consider splitting a big PR further into multiple commits to allow for more focused reviews. For example, you could add unit tests / documentation in separate commits from the rest of the code. If you have to adapt your PR to review feedback, prefer doing that also in a separate commit to make it easier for reviewers to check how their feedback has been addressed.

    • To make the review process more efficient and avoid too many long discussions in the PR itself, ask for a “main reviewer” to be assigned to your change, then work with this person to make sure he or she understands it in detail, and agree together on any improvements that may be needed. If you can’t reach an agreement on certain topics, comment on the PR and invite other people to join the discussion.

    • Even if you have a “main reviewer” assigned, you may still get feedback from other reviewers. In general, these “non-main reviewers” are advised to focus more on the design and overall approach rather than the implementation details. Make sure that you address any concerns on this level appropriately.

    1.2 - CI/CD

    CI/CD

    As an execution environment for CI/CD workloads, we use Concourse. We however abstract from the underlying “build executor” and instead offer a Pipeline Definition Contract, through which components declare their build pipelines as required.

    Overview

    In order to run continuous delivery workloads for all components contributing to the diff --git a/docs/docs/contribute/code/cicd/index.html b/docs/docs/contribute/code/cicd/index.html index 32045162c34..6e308a8f9cd 100644 --- a/docs/docs/contribute/code/cicd/index.html +++ b/docs/docs/contribute/code/cicd/index.html @@ -10,7 +10,7 @@ Typical workloads encompass the execution of tests and builds of a variety of technologies, as well as building and publishing container images, typically containing build results.">

  • Blogs
  • Community
    • \ No newline at end of file diff --git a/docs/docs/extensions/infrastructure-extensions/gardener-extension-provider-azure/_print/index.html b/docs/docs/extensions/infrastructure-extensions/gardener-extension-provider-azure/_print/index.html index 96cbb987f8e..6149ad56482 100644 --- a/docs/docs/extensions/infrastructure-extensions/gardener-extension-provider-azure/_print/index.html +++ b/docs/docs/extensions/infrastructure-extensions/gardener-extension-provider-azure/_print/index.html @@ -2,7 +2,7 @@

    This is the multi-page printable view of this section. +All

  • Blogs
  • Community

    • This is the multi-page printable view of this section. Click here to print.

    Return to the regular view of this page.

    Provider Azure

    Gardener extension controller for the Azure cloud provider

    Gardener Extension for Azure provider

    REUSE status CI Build status Go Report Card

    Project Gardener implements the automated management and operation of Kubernetes clusters as a service. @@ -157,51 +157,7 @@ tokenFile: /var/run/secrets/projected/serviceaccount/token

    4 - Local Setup

    admission-azure

    admission-azure is an admission webhook server which is responsible for the validation of the cloud provider (Azure in this case) specific fields and resources. The Gardener API server is cloud provider agnostic and it wouldn’t be able to perform similar validation.

    Follow the steps below to run the admission webhook server locally.

    1. Start the Gardener API server.

      For details, check the Gardener local setup.

    2. Start the webhook server

      Make sure that the KUBECONFIG environment variable is pointing to the local garden cluster.

      make start-admission

    3. Setup the ValidatingWebhookConfiguration.

      hack/dev-setup-admission-azure.sh will configure the webhook Service which will allow the kube-apiserver of your local cluster to reach the webhook server. It will also apply the ValidatingWebhookConfiguration manifest.

      ./hack/dev-setup-admission-azure.sh
-

    You are now ready to experiment with the admission-azure webhook server locally.

    5 - Migrate Loadbalancer

    Migrate Azure Shoot Load Balancer from basic to standard SKU

    This guide descibes how to migrate the Load Balancer of an Azure Shoot cluster from the basic SKU to the standard SKU.
    Be aware: You need to delete and recreate all services of type Load Balancer, which means that the public ip addresses of your service endpoints will change.
    Please do this only if the Stakeholder really needs to migrate this Shoot to use standard Load Balancers. All new Shoot clusters will automatically use Azure Standard Load Balancers.

    1. Disable temporarily Gardeners reconciliation.
      The Gardener Controller Manager need to be configured to allow ignoring Shoot clusters. -This can be configured in its the ControllerManagerConfiguration via the field .controllers.shoot.respectSyncPeriodOverwrite="true".
    # In the Garden cluster.
-kubectl annotate shoot <shoot-name> shoot.garden.sapcloud.io/ignore="true"
-
-# In the Seed cluster.
-kubectl -n <shoot-namespace> scale deployment gardener-resource-manager --replicas=0
-
    1. Backup all Kubernetes services of type Load Balancer.
    # In the Shoot cluster.
-# Determine all Load Balancer services.
-kubectl get service --all-namespaces | grep LoadBalancer
-
-# Backup each Load Balancer service.
-echo "---" >> service-backup.yaml && kubectl -n <namespace> get service <service-name> -o yaml >> service-backup.yaml
-
    1. Delete all Load Balancer services.
    # In the Shoot cluster.
-kubectl -n <namespace> delete service <service-name>
-
    1. Wait until until Load Balancer is deleted. -Wait until all services of type Load Balancer are deleted and the Azure Load Balancer resource is also deleted. -Check via the Azure Portal if the Load Balancer within the Shoot Resource Group has been deleted. -This should happen automatically after all Kubernetes Load Balancer service are gone within a few minutes.

    Alternatively the Azure cli can be used to check the Load Balancer in the Shoot Resource Group. -The credentials to configure the cli are available on the Seed cluster in the Shoot namespace.

    # In the Seed cluster.
-# Fetch the credentials from cloudprovider secret.
-kubectl -n <shoot-namespace> get secret cloudprovider -o yaml
-
-# Configure the Azure cli, with the base64 decoded values of the cloudprovider secret.
-az login --service-principal --username <clientID> --password <clientSecret> --tenant <tenantID>
-az account set -s <subscriptionID>
-
-# Fetch the constantly the Shoot Load Balancer in the Shoot Resource Group. Wait until the resource is gone.
-watch 'az network lb show -g shoot--<project-name>--<shoot-name> -n shoot--<project-name>--<shoot-name>'
-
-# Logout.
-az logout
-
    1. Modify the cloud-povider-config configmap in the Seed namespace of the Shoot.
      The key cloudprovider.conf contains the Kubernetes cloud-provider configuration. -The value is a multiline string. Please change the value of the field loadBalancerSku from basic to standard. -Iff the field does not exists then append loadBalancerSku: \"standard\"\n to the value/string.
    # In the Seed cluster.
-kubectl -n <shoot-namespace> edit cm cloud-provider-config
-
    1. Enable Gardeners reconcilation and trigger a reconciliation.
    # In the Garden cluster
-# Enable reconcilation
-kubectl annotate shoot <shoot-name> shoot.garden.sapcloud.io/ignore-
-
-# Trigger reconcilation
-kubectl annotate shoot <shoot-name> shoot.garden.sapcloud.io/operation="reconcile"
-

    Wait until the cluster has been reconciled.

    1. Recreate the services from the backup file.
      Probably you need to remove some fields from the service defintions e.g. .spec.clusterIP, .metadata.uid or .status etc.
    kubectl apply -f service-backup.yaml
-
    1. If successful remove backup file.
    # Delete the backup file.
-rm -f service-backup.yaml
-

    6 - Operations

    Using the Azure provider extension with Gardener as an operator

    The core.gardener.cloud/v1beta1.CloudProfile resource declares a providerConfig field that is meant to contain provider-specific configuration. +

    You are now ready to experiment with the admission-azure webhook server locally.

    5 - Operations

    Using the Azure provider extension with Gardener as an operator

    The core.gardener.cloud/v1beta1.CloudProfile resource declares a providerConfig field that is meant to contain provider-specific configuration. The core.gardener.cloud/v1beta1.Seed resource is structured similarly. Additionally, it allows configuring settings for the backups of the main etcds’ data of shoot clusters control planes running in this seed cluster.

    This document explains the necessary configuration for the Azure provider extension.

    CloudProfile resource

    This section describes, how the configuration for CloudProfiles looks like for Azure by providing an example CloudProfile manifest with minimal configuration that can be used to allow the creation of Azure shoot clusters.

    CloudProfileConfig

    The cloud profile configuration contains information about the real machine image IDs in the Azure environment (image urn, id, communityGalleryImageID or sharedGalleryImageID). You have to map every version that you specify in .spec.machineImages[].versions to an available VM image in your subscription. @@ -346,7 +302,7 @@ type: Opaque

    The user needs to provide in its Shoot secret a tenantID and subscriptionID.

    The managed service principal will be assigned based on the tenantID. In case there is a managed service principal secret with a matching tenantID, this one will be used for the Shoot. -If there is no matching managed service principal secret then the next Shoot operation will fail.

    One of the benefits of having managed service principals is that the operator controls the lifecycle of the service principal and can rotate its secrets.

    After the service principal secret has been rotated and the corresponding secret is updated, all Shoot clusters using it need to be reconciled or the last operation to be retried.

    7 - Usage

    Using the Azure provider extension with Gardener as end-user

    The core.gardener.cloud/v1beta1.Shoot resource declares a few fields that are meant to contain provider-specific configuration.

    This document describes the configurable options for Azure and provides an example Shoot manifest with minimal configuration that can be used to create an Azure cluster (modulo the landscape-specific information like cloud profile names, secret binding names, etc.).

    Azure Provider Credentials

    In order for Gardener to create a Kubernetes cluster using Azure infrastructure components, a Shoot has to provide credentials with sufficient permissions to the desired Azure subscription. +If there is no matching managed service principal secret then the next Shoot operation will fail.

    One of the benefits of having managed service principals is that the operator controls the lifecycle of the service principal and can rotate its secrets.

    After the service principal secret has been rotated and the corresponding secret is updated, all Shoot clusters using it need to be reconciled or the last operation to be retried.

    6 - Usage

    Using the Azure provider extension with Gardener as end-user

    The core.gardener.cloud/v1beta1.Shoot resource declares a few fields that are meant to contain provider-specific configuration.

    This document describes the configurable options for Azure and provides an example Shoot manifest with minimal configuration that can be used to create an Azure cluster (modulo the landscape-specific information like cloud profile names, secret binding names, etc.).

    Azure Provider Credentials

    In order for Gardener to create a Kubernetes cluster using Azure infrastructure components, a Shoot has to provide credentials with sufficient permissions to the desired Azure subscription. Every shoot cluster references a SecretBinding or a CredentialsBinding which itself references a Secret, and this Secret contains the provider credentials of the Azure subscription. The SecretBinding/CredentialsBinding is configurable in the Shoot cluster with the field secretBindingName/credentialsBindingName.

    Create an Azure Application and Service Principle and obtain its credentials.

    Please ensure that the Azure application (spn) has the IAM actions defined here assigned. If no fine-grained permissions/actions required then simply assign the Contributor role.

    The example below demonstrates how the secret containing the client credentials of the Azure Application has to look like:

    apiVersion: v1
diff --git a/docs/docs/extensions/infrastructure-extensions/gardener-extension-provider-azure/azure-permissions/index.html b/docs/docs/extensions/infrastructure-extensions/gardener-extension-provider-azure/azure-permissions/index.html
index 198261b154c..3d980939ae7 100644
--- a/docs/docs/extensions/infrastructure-extensions/gardener-extension-provider-azure/azure-permissions/index.html
+++ b/docs/docs/extensions/infrastructure-extensions/gardener-extension-provider-azure/azure-permissions/index.html
@@ -10,7 +10,7 @@
 Microsoft.Compute # Required if a non zonal cluster based on Availability Set should be used. Microsoft.Compute/availabilitySets/delete Microsoft.Compute/availabilitySets/read Microsoft.Compute/availabilitySets/write # Required to let Kubernetes manage Azure disks. Microsoft.Compute/disks/delete Microsoft.Compute/disks/read Microsoft.Compute/disks/write # Required for to fetch meta information about disk and virtual machines sizes. Microsoft.Compute/locations/diskOperations/read Microsoft.Compute/locations/operations/read Microsoft.Compute/locations/vmSizes/read # Required if csi snapshot capabilities should be used and/or the Shoot should act as a Seed. Microsoft.Compute/snapshots/delete Microsoft.Compute/snapshots/read Microsoft.Compute/snapshots/write # Required to let Gardener/Machine-Controller-Manager manage the cluster nodes/machines. Microsoft.Compute/virtualMachines/delete Microsoft.Compute/virtualMachines/read Microsoft.Compute/virtualMachines/start/action Microsoft.Compute/virtualMachines/write # Required if a non zonal cluster based on VMSS Flex (VMO) should be used. Microsoft.Compute/virtualMachineScaleSets/delete Microsoft.Compute/virtualMachineScaleSets/read Microsoft.Compute/virtualMachineScaleSets/write Microsoft.ManagedIdentity # Required if a user provided Azure managed identity should attached to the cluster nodes. Microsoft.ManagedIdentity/userAssignedIdentities/assign/action Microsoft.ManagedIdentity/userAssignedIdentities/read Microsoft.MarketplaceOrdering # Required if nodes/machines should be created with images hosted on the Azure Marketplace. Microsoft.MarketplaceOrdering/offertypes/publishers/offers/plans/agreements/read Microsoft.MarketplaceOrdering/offertypes/publishers/offers/plans/agreements/write Microsoft.Network # Required to let Kubernetes manage services of type 'LoadBalancer'. Microsoft.Network/loadBalancers/backendAddressPools/join/action Microsoft.Network/loadBalancers/delete Microsoft.Network/loadBalancers/read Microsoft.Network/loadBalancers/write # Required in case the Shoot should use NatGateway(s). Microsoft.Network/natGateways/delete Microsoft.Network/natGateways/join/action Microsoft.Network/natGateways/read Microsoft.Network/natGateways/write # Required to let Gardener/Machine-Controller-Manager manage the cluster nodes/machines. Microsoft.Network/networkInterfaces/delete Microsoft.Network/networkInterfaces/ipconfigurations/join/action Microsoft.Network/networkInterfaces/ipconfigurations/read Microsoft.Network/networkInterfaces/join/action Microsoft.Network/networkInterfaces/read Microsoft.Network/networkInterfaces/write # Required to let Gardener maintain the basic infrastructure of the Shoot cluster and maintaing LoadBalancer services. Microsoft.Network/networkSecurityGroups/delete Microsoft.Network/networkSecurityGroups/join/action Microsoft.Network/networkSecurityGroups/read Microsoft.Network/networkSecurityGroups/write # Required for managing LoadBalancers and NatGateways. Microsoft.Network/publicIPAddresses/delete Microsoft.Network/publicIPAddresses/join/action Microsoft.Network/publicIPAddresses/read Microsoft.Network/publicIPAddresses/write # Required for managing the basic infrastructure of a cluster and maintaing LoadBalancer services. Microsoft.Network/routeTables/delete Microsoft.Network/routeTables/join/action Microsoft.Network/routeTables/read Microsoft.Network/routeTables/routes/delete Microsoft.Network/routeTables/routes/read Microsoft.Network/routeTables/routes/write Microsoft.Network/routeTables/write # Required to let Gardener maintain the basic infrastructure of the Shoot cluster. # Only a subset is required for the bring your own vNet scenario. Microsoft.Network/virtualNetworks/delete # not required for bring your own vnet Microsoft.Network/virtualNetworks/read Microsoft.Network/virtualNetworks/subnets/delete Microsoft.Network/virtualNetworks/subnets/join/action Microsoft.Network/virtualNetworks/subnets/read Microsoft.Network/virtualNetworks/subnets/write Microsoft.Network/virtualNetworks/write # not required for bring your own vnet Microsoft.Resources # Required to let Gardener maintain the basic infrastructure of the Shoot cluster. Microsoft.Resources/subscriptions/resourceGroups/delete Microsoft.Resources/subscriptions/resourceGroups/read Microsoft.Resources/subscriptions/resourceGroups/write Microsoft.Storage # Required if Azure File should be used and/or if the Shoot should act as Seed. Microsoft.Storage/operations/read Microsoft.Storage/storageAccounts/blobServices/containers/delete Microsoft.Storage/storageAccounts/blobServices/containers/read Microsoft.Storage/storageAccounts/blobServices/containers/write Microsoft.Storage/storageAccounts/blobServices/read Microsoft.Storage/storageAccounts/delete Microsoft.Storage/storageAccounts/listkeys/action Microsoft.Storage/storageAccounts/read Microsoft.Storage/storageAccounts/write">
  • Blogs
  • Community