Update Docker proxy guide & install guides

Updated proxy diagram and text Added pointers to proxy guide on R3 install guides Change-Id: Iea8ab92066e5bf205eaff80754b900c3d254e2cc Signed-off-by: MCamp859 <maryx.camp@intel.com>
2020-05-08 16:19:40 -04:00 · 2020-05-08 16:19:40 -04:00 · cb002a5a6e
commit cb002a5a6e
parent 7091212e4e
9 changed files with 83 additions and 8 deletions
--- a/doc/source/configuration/docker_proxy_config.rst
+++ b/doc/source/configuration/docker_proxy_config.rst
@ -20,12 +20,57 @@ Proxy overview

 The figure below shows how proxies are used in StarlingX.

-.. figure:: starlingx_proxy.png
-   :scale: 75%
+.. figure:: figures/stx_proxy_overview.png
+   :scale: 60%
   :alt: StarlingX proxy usage

   *Figure 1: StarlingX proxy usage*

+The items labeled *a* and *b* in the figure indicate two configuration files:
+
+*   Configuration file *a* lists sysadmin shell proxy environment variables.
+    This file is not required for StarlingX bootstrap or any StarlingX
+    operations. You **must** manually add this file if you are accessing the
+    public network via a proxy. You **must** add the following StarlingX
+    specific IP addresses to the no_proxy list:
+
+    *   registry.local
+    *   {controller OAM gateway IP/floating IP/host IP}
+    *   {controller management floating IP/host IP}
+    *   {controller cluster gateway IP}
+    *   10.96.0.1
+    *   10.96.0.10
+    *   `*.cluster.local`
+
+*   Configuration file *b* lists container runtime proxy variables
+    (docker_proxy). Configure these variables in the ``localhost.yml`` file
+    before Ansible bootstrap. This file is **required** if you are accessing
+    the public network via a proxy. StarlingX specific IP addresses will be
+    automatically added to the no_proxy list.
+
+The numbered items in the figure indicate the process flow:
+
+#.  In the ``localhost.yml`` file, fill in the Docker proxy section for
+    configuration file *b*.
+
+#.  The bootstrap process is responsible for pulling Docker images from either:
+
+    *   the public registry using the proxy setting in (1) or
+
+    *   the private registry within the company/organization network.
+
+    The bootstrap process will push to the registry.local afterwards.
+
+#.  After the Kubernetes API server is running, the bootstrap process will
+    communicate with it for further StarlingX configuration. You **must** ensure
+    the cluster network gateway is set for no_proxy in configuration file *a*.
+
+#.  After StarlingX provisioning is complete, any operations that pull Docker
+    images will use configuration file *b*. All other operations, including
+    kubectl and system operations, will use the sysadmin shell and
+    configuration file *a*.
+
+
 ----------------------
 Set proxy at bootstrap
 ----------------------
@ -56,17 +101,17 @@ To specify the HTTPS proxy URL, use the commands:
    system service-parameter-apply platform

 -------------------------
-Set no-proxy address list
+Set no_proxy address list
 -------------------------

-A no-proxy address list can be provided for registries not on the other side
-of the proxies. This list will be added to the default no-proxy list derived
+A no_proxy address list can be provided for registries not on the other side
+of the proxies. This list will be added to the default no_proxy list derived
 from localhost, loopback, management, and OAM floating addresses at runtime.

-Due to a Docker restriction, each address in the no-proxy list must not be in
+Due to a Docker restriction, each address in the no_proxy list must not be in
 subnet format and it cannot contain a wildcard. For example:

-To specify a no-proxy list, use the commands:
+To specify a no_proxy list, use the commands:

 ::

--- a/doc/source/configuration/figures/stx_proxy_overview.png
+++ b/doc/source/configuration/figures/stx_proxy_overview.png
--- a/doc/source/configuration/starlingx_proxy.png
+++ b/doc/source/configuration/starlingx_proxy.png
--- a/doc/source/deploy_install_guides/r3_release/bare_metal/ironic.rst
+++ b/doc/source/deploy_install_guides/r3_release/bare_metal/ironic.rst
@ -14,8 +14,14 @@ End user applications can be deployed on bare metal servers (instead of
 virtual machines) by configuring OpenStack Ironic and deploying a pool of 1 or
 more bare metal servers.

+.. note::
+
+   If you are behind a corporate firewall or proxy, you need to set proxy
+   settings. Refer to :doc:`/../../configuration/docker_proxy_config` for
+   details.
+
 .. figure:: ../figures/starlingx-deployment-options-ironic.png
-   :scale: 90%
+   :scale: 50%
   :alt: Standard with Ironic deployment configuration

   *Figure 1: Standard with Ironic deployment configuration*
--- a/doc/source/deploy_install_guides/r3_release/desc_aio_duplex.txt
+++ b/doc/source/deploy_install_guides/r3_release/desc_aio_duplex.txt
@ -16,6 +16,12 @@ An AIO-DX configuration provides the following benefits:
  * All controller HA services go active on the remaining healthy server
  * All virtual machines are recovered on the remaining healthy server

+.. note::
+
+   If you are behind a corporate firewall or proxy, you need to set proxy
+   settings. Refer to :doc:`/../../configuration/docker_proxy_config` for
+   details.
+
 .. figure:: ../figures/starlingx-deployment-options-duplex.png
   :scale: 50%
   :alt: All-in-one Duplex deployment configuration
--- a/doc/source/deploy_install_guides/r3_release/desc_aio_simplex.txt
+++ b/doc/source/deploy_install_guides/r3_release/desc_aio_simplex.txt
@ -7,6 +7,12 @@ following benefits:
  single pair of physical servers
 * A storage backend solution using a single-node CEPH deployment

+.. note::
+
+   If you are behind a corporate firewall or proxy, you need to set proxy
+   settings. Refer to :doc:`/../../configuration/docker_proxy_config` for
+   details.
+
 .. figure:: ../figures/starlingx-deployment-options-simplex.png
   :scale: 50%
   :alt: All-in-one Simplex deployment configuration
--- a/doc/source/deploy_install_guides/r3_release/desc_controller_storage.txt
+++ b/doc/source/deploy_install_guides/r3_release/desc_controller_storage.txt
@ -15,6 +15,12 @@ A Standard with Controller Storage configuration provides the following benefits
  * On overall worker node failure, virtual machines and containers are
    recovered on the remaining healthy worker nodes

+.. note::
+
+   If you are behind a corporate firewall or proxy, you need to set proxy
+   settings. Refer to :doc:`/../../configuration/docker_proxy_config` for
+   details.
+
 .. figure:: ../figures/starlingx-deployment-options-controller-storage.png
   :scale: 50%
   :alt: Standard with Controller Storage deployment configuration
--- a/doc/source/deploy_install_guides/r3_release/desc_dedicated_storage.txt
+++ b/doc/source/deploy_install_guides/r3_release/desc_dedicated_storage.txt
@ -10,6 +10,12 @@ A Standard with Dedicated Storage configuration provides the following benefits:
  that supports a replication factor of two or three
 * Up to four groups of 2x storage nodes, or up to three groups of 3x storage nodes

+.. note::
+
+   If you are behind a corporate firewall or proxy, you need to set proxy
+   settings. Refer to :doc:`/../../configuration/docker_proxy_config` for
+   details.
+
 .. figure:: ../figures/starlingx-deployment-options-dedicated-storage.png
   :scale: 50%
   :alt: Standard with Dedicated Storage deployment configuration
--- a/doc/source/deploy_install_guides/r3_release/figures/starlingx-deployment-options-duplex.png
+++ b/doc/source/deploy_install_guides/r3_release/figures/starlingx-deployment-options-duplex.png