From 8e5eccb8be72e2dea255e43cb359bb497c7c384f Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Mon, 21 Aug 2023 14:07:51 -0400 Subject: [PATCH 01/18] start refresh Signed-off-by: Hannah Hunter --- daprdocs/content/en/operations/observability/logging/logs.md | 2 +- .../en/operations/observability/metrics/metrics-overview.md | 2 +- .../en/operations/observability/tracing/tracing-overview.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/daprdocs/content/en/operations/observability/logging/logs.md b/daprdocs/content/en/operations/observability/logging/logs.md index 397588b6969..5d0d9492a5f 100644 --- a/daprdocs/content/en/operations/observability/logging/logs.md +++ b/daprdocs/content/en/operations/observability/logging/logs.md @@ -1,7 +1,7 @@ --- type: docs title: "Logs" -linkTitle: "Logs" +linkTitle: "Overview" weight: 1000 description: "Understand Dapr logging" --- diff --git a/daprdocs/content/en/operations/observability/metrics/metrics-overview.md b/daprdocs/content/en/operations/observability/metrics/metrics-overview.md index 0d30185dbb8..2b6e86a3f52 100644 --- a/daprdocs/content/en/operations/observability/metrics/metrics-overview.md +++ b/daprdocs/content/en/operations/observability/metrics/metrics-overview.md @@ -1,7 +1,7 @@ --- type: docs title: "Configure metrics" -linkTitle: "Configure metrics" +linkTitle: "Overview" weight: 4000 description: "Enable or disable Dapr metrics " --- diff --git a/daprdocs/content/en/operations/observability/tracing/tracing-overview.md b/daprdocs/content/en/operations/observability/tracing/tracing-overview.md index 24fed25a3cb..2375eea340c 100644 --- a/daprdocs/content/en/operations/observability/tracing/tracing-overview.md +++ b/daprdocs/content/en/operations/observability/tracing/tracing-overview.md @@ -13,7 +13,7 @@ Most observability tools support OTEL, including: - [New Relic](https://newrelic.com) - [Azure Monitor](https://azure.microsoft.com/services/monitor/) - [Datadog](https://www.datadoghq.com) -- Instana +- [Zipkin](https://zipkin.io/) - [Jaeger](https://www.jaegertracing.io/) - [SignalFX](https://www.signalfx.com/) From 7d5d9510e33a9bb6b2dadd99d362280d2a33783c Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Mon, 21 Aug 2023 15:16:42 -0400 Subject: [PATCH 02/18] otel collector initial review Signed-off-by: Hannah Hunter --- .../open-telemetry-collector-appinsights.md | 63 +++++++++++-------- .../open-telemetry-collector.md | 59 +++++++++-------- 2 files changed, 71 insertions(+), 51 deletions(-) diff --git a/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector-appinsights.md b/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector-appinsights.md index 4fe2c95a720..c851ec8a495 100644 --- a/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector-appinsights.md +++ b/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector-appinsights.md @@ -1,42 +1,47 @@ --- type: docs -title: "Using OpenTelemetry Collector to collect traces to send to AppInsights" -linkTitle: "Using the OpenTelemetry for Azure AppInsights" +title: "Using OpenTelemetry Collector to collect traces to send to App Insights" +linkTitle: "Using the OpenTelemetry for Azure App Insights" weight: 1000 description: "How to push trace events to Azure Application Insights, using the OpenTelemetry Collector." --- -Dapr integrates with [OpenTelemetry Collector](https://github.com/open-telemetry/opentelemetry-collector) using the Zipkin API. This guide walks through an example using Dapr to push trace events to Azure Application Insights, using the OpenTelemetry Collector. +Dapr integrates with [OpenTelemetry (OTEL) Collector](https://github.com/open-telemetry/opentelemetry-collector) using the Zipkin API. This guide walks through an example using Dapr to push trace events to Azure Application Insights, using the OpenTelemetry Collector. -## Requirements +## Prerequisites -A installation of Dapr on Kubernetes. +- [Install Dapr on Kubernetes]({{< ref kubernetes >}}) +- [Set up an App Insights resource](https://docs.microsoft.com/azure/azure-monitor/app/create-new-resource) and make note of your App Insights instrumentation key. -## How to configure distributed tracing with Application Insights +## Set up OTEL Collector to push to your App Insights instance -### Setup Application Insights +To push events to your App Insights instance, install the OTEL Collector to your Kubernetes cluster. -1. First, you'll need an Azure account. See instructions [here](https://azure.microsoft.com/free/) to apply for a **free** Azure account. -2. Follow instructions [here](https://docs.microsoft.com/azure/azure-monitor/app/create-new-resource) to create a new Application Insights resource. -3. Get the Application Insights Intrumentation key from your Application Insights page. +1. Check out the [`open-telemetry-collector-appinsights.yaml`](/docs/open-telemetry-collector/open-telemetry-collector-appinsights.yaml) file. -### Run OpenTelemetry Collector to push to your Application Insights instance +1. Replace the `` placeholder with your App Insights instrumentation key. -Install the OpenTelemetry Collector to your Kubernetes cluster to push events to your Application Insights instance +1. Apply the configuration with: -1. Check out the file [open-telemetry-collector-appinsights.yaml](/docs/open-telemetry-collector/open-telemetry-collector-appinsights.yaml) and replace the `` placeholder with your Application Insights Instrumentation Key. + ```sh + kubectl apply -f open-telemetry-collector-appinsights.yaml + ``` -2. Apply the configuration with `kubectl apply -f open-telemetry-collector-appinsights.yaml`. +## Set up Dapr to send trace to OTEL Collector -Next, set up both a Dapr configuration file to turn on tracing and deploy a tracing exporter component that uses the OpenTelemetry Collector. +Set up a Dapr configuration file to turn on tracing and deploy a tracing exporter component that uses the OpenTelemetry Collector. -1. Create a collector-config.yaml file with this [content](/docs/open-telemetry-collector/collector-config.yaml) +1. Use this [`collector-config.yaml`](/docs/open-telemetry-collector/collector-config.yaml) file to create your own configuration. -2. Apply the configuration with `kubectl apply -f collector-config.yaml`. +1. Apply the configuration with: -### Deploy your app with tracing + ```sh + kubectl apply -f collector-config.yaml + ``` -When running in Kubernetes mode, apply the `appconfig` configuration by adding a `dapr.io/config` annotation to the container that you want to participate in the distributed tracing, as shown in the following example: +## Deploy your app with tracing + +Apply the `appconfig` configuration by adding a `dapr.io/config` annotation to the container that you want to participate in the distributed tracing, as shown in the following example: ```yaml apiVersion: apps/v1 @@ -55,18 +60,24 @@ spec: dapr.io/config: "appconfig" ``` -Some of the quickstarts such as [distributed calculator](https://github.com/dapr/quickstarts/tree/master/tutorials/distributed-calculator) already configure these settings, so if you are using those no additional settings are needed. +{{% alert title="Note" color="primary" %}} +If you are using one of the Dapr tutorials, such as [distributed calculator](https://github.com/dapr/quickstarts/tree/master/tutorials/distributed-calculator), the `appconfig` configuration is already configured, so no additional settings are needed. +{{% /alert %}} + +You can register multiple tracing exporters at the same time, and the tracing logs are forwarded to all registered exporters. -That's it! There's no need include any SDKs or instrument your application code. Dapr automatically handles the distributed tracing for you. +That's it! There's no need to include any SDKs or instrument your application code. Dapr automatically handles the distributed tracing for you. -> **NOTE**: You can register multiple tracing exporters at the same time, and the tracing logs are forwarded to all registered exporters. +## View traces -Deploy and run some applications. After a few minutes, you should see tracing logs appearing in your Application Insights resource. You can also use the **Application Map** to examine the topology of your services, as shown below: +Deploy and run some applications. After a few minutes, you should see tracing logs appearing in your App Insights resource. You can also use the **Application Map** to examine the topology of your services, as shown below: ![Application map](/images/open-telemetry-app-insights.png) -> **NOTE**: Only operations going through Dapr API exposed by Dapr sidecar (e.g. service invocation or event publishing) are displayed in Application Map topology. +{{% alert title="Note" color="primary" %}} +Only operations going through Dapr API exposed by Dapr sidecar (for example, service invocation or event publishing) are displayed in Application Map topology. +{{% /alert %}} ## Related links -* Try out the [observability quickstart](https://github.com/dapr/quickstarts/tree/master/tutorials/observability/README.md) -* How to set [tracing configuration options]({{< ref "configuration-overview.md#tracing" >}}) +- Try out the [observability quickstart](https://github.com/dapr/quickstarts/tree/master/tutorials/observability/README.md) +- Learn how to set [tracing configuration options]({{< ref "configuration-overview.md#tracing" >}}) diff --git a/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md b/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md index 4526683a52e..10c57ef3ef1 100644 --- a/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md +++ b/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md @@ -6,42 +6,48 @@ weight: 900 description: "How to use Dapr to push trace events through the OpenTelemetry Collector." --- -{{% alert title="Note" color="primary" %}} -Dapr directly writes traces using the OpenTelemetry (OTEL) protocol as the recommended method. For observability tools that support OTEL protocol, you do not need to use the OpenTelemetry Collector. +Dapr directly writes traces using the OpenTelemetry (OTEL) protocol as the **recommended** method. For observability tools that support OTEL protocol, you don't need to use the OpenTelemetry Collector. -Dapr can also write traces using the Zipkin protocol. Previous to supporting the OTEL protocol, combining the Zipkin protocol with the [OpenTelemetry Collector](https://github.com/open-telemetry/opentelemetry-collector) enabled you to send traces to observability tools such as AWS X-Ray, Google Cloud Operations Suite, and Azure AppInsights. This approach remains for reference purposes only. -{{% /alert %}} +Dapr can also write traces using the Zipkin protocol. Previous to supporting the OTEL protocol, you could combine the Zipkin protocol with the [OpenTelemetry Collector](https://github.com/open-telemetry/opentelemetry-collector) to send traces to observability tools such as AWS X-Ray, Google Cloud Operations Suite, and Azure App Insights. This approach remains for reference purposes only. ![Using OpenTelemetry Collect to integrate with many backend](/images/open-telemetry-collector.png) -## Requirements +## Prerequisites -1. A installation of Dapr on Kubernetes. +- [Install Dapr on Kubernetes]({{< ref kubernetes >}}) +- Verify your trace backends are already set up to receive traces +- Review your OTEL Collector exporter's required parameters: + - [`opentelemetry-collector-contrib/exporter`](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/exporter) + - [`opentelemetry-collector/exporter`](https://github.com/open-telemetry/opentelemetry-collector/tree/main/exporter) -2. You are already setting up your trace backends to receive traces. +## Set up OTEL Collector to push to your trace backend -3. Check OpenTelemetry Collector exporters [here](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/exporter) and [here](https://github.com/open-telemetry/opentelemetry-collector/tree/main/exporter) to see if your trace backend is supported by the OpenTelemetry Collector. On those linked pages, find the exporter you want to use and read its doc to find out the parameters required. +1. Check out the [`open-telemetry-collector-generic.yaml`](/docs/open-telemetry-collector/open-telemetry-collector-generic.yaml). -## Setting OpenTelemetry Collector +1. Replace the `` section with the correct settings for your trace exporter. + - Refer to the OTEL Collector links in the [prerequisites section]({{< ref "#prerequisites.md" >}}) to determine the correct settings. -### Run OpenTelemetry Collector to push to your trace backend +1. Apply the configuration with: -1. Check out the file [open-telemetry-collector-generic.yaml](/docs/open-telemetry-collector/open-telemetry-collector-generic.yaml) and replace the section marked with `` with the correct settings for your trace exporter. Again, refer to the OpenTelemetry Collector links in the Prerequisites section to determine the correct settings. + ```sh + kubectl apply -f open-telemetry-collector-generic.yaml + ``` -2. Apply the configuration with `kubectl apply -f open-telemetry-collector-generic.yaml`. +## Set up Dapr to send trace to OTEL Collector -## Set up Dapr to send trace to OpenTelemetry Collector +Set up a Dapr configuration file to turn on tracing and deploy a tracing exporter component that uses the OpenTelemetry Collector. -### Turn on tracing in Dapr -Next, set up both a Dapr configuration file to turn on tracing and deploy a tracing exporter component that uses the OpenTelemetry Collector. +1. Use this [`collector-config.yaml`](/docs/open-telemetry-collector/collector-config.yaml) file to create your own configuration. -1. Create a collector-config.yaml file with this [content](/docs/open-telemetry-collector/collector-config.yaml) +1. Apply the configuration with: -2. Apply the configuration with `kubectl apply -f collector-config.yaml`. + ```sh + kubectl apply -f collector-config.yaml + ``` -### Deploy your app with tracing +## Deploy your app with tracing -When running in Kubernetes mode, apply the `appconfig` configuration by adding a `dapr.io/config` annotation to the container that you want to participate in the distributed tracing, as shown in the following example: +Apply the `appconfig` configuration by adding a `dapr.io/config` annotation to the container that you want to participate in the distributed tracing, as shown in the following example: ```yaml apiVersion: apps/v1 @@ -60,15 +66,18 @@ spec: dapr.io/config: "appconfig" ``` -Some of the quickstarts such as [distributed calculator](https://github.com/dapr/quickstarts/tree/master/tutorials/distributed-calculator) already configure these settings, so if you are using those no additional settings are needed. +{{% alert title="Note" color="primary" %}} +If you are using one of the Dapr tutorials, such as [distributed calculator](https://github.com/dapr/quickstarts/tree/master/tutorials/distributed-calculator), the `appconfig` configuration is already configured, so no additional settings are needed. +{{% /alert %}} + +You can register multiple tracing exporters at the same time, and the tracing logs are forwarded to all registered exporters. -That's it! There's no need include any SDKs or instrument your application code. Dapr automatically handles the distributed tracing for you. +That's it! There's no need to include any SDKs or instrument your application code. Dapr automatically handles the distributed tracing for you. -> **NOTE**: You can register multiple tracing exporters at the same time, and the tracing logs are forwarded to all registered exporters. +## View traces Deploy and run some applications. Wait for the trace to propagate to your tracing backend and view them there. ## Related links -* Try out the [observability quickstart](https://github.com/dapr/quickstarts/tree/master/tutorials/observability/README.md) -* How to set [tracing configuration options]({{< ref "configuration-overview.md#tracing" >}}) - +- Try out the [observability quickstart](https://github.com/dapr/quickstarts/tree/master/tutorials/observability/README.md) +- Learn how to set [tracing configuration options]({{< ref "configuration-overview.md#tracing" >}}) \ No newline at end of file From 652097b62cf65926a3da6f3d0d47f4ee56037bb1 Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Mon, 21 Aug 2023 16:05:34 -0400 Subject: [PATCH 03/18] kick off k8s refresh Signed-off-by: Hannah Hunter --- .../hosting/kubernetes/kubernetes-overview.md | 44 +++++++++++++------ 1 file changed, 31 insertions(+), 13 deletions(-) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md index 44cadef4b9f..e8a40434905 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md @@ -8,21 +8,30 @@ description: "Overview of how to get Dapr running on your Kubernetes cluster" ## Dapr on Kubernetes -Dapr can be configured to run on any supported versions of Kubernetes. To achieve this, Dapr begins by deploying the `dapr-sidecar-injector`, `dapr-operator`, `dapr-placement`, and `dapr-sentry` Kubernetes services. These provide first-class integration to make running applications with Dapr easy. -- **dapr-operator:** Manages [component]({{< ref components >}}) updates and Kubernetes services endpoints for Dapr (state stores, pub/subs, etc.) -- **dapr-sidecar-injector:** Injects Dapr into [annotated](#adding-dapr-to-a-kubernetes-deployment) deployment pods and adds the environment variables `DAPR_HTTP_PORT` and `DAPR_GRPC_PORT` to enable user-defined applications to easily communicate with Dapr without hard-coding Dapr port values. -- **dapr-placement:** Used for [actors]({{< ref actors >}}) only. Creates mapping tables that map actor instances to pods -- **dapr-sentry:** Manages mTLS between services and acts as a certificate authority. For more information read the [security overview]({{< ref "security-concept.md" >}}). +Dapr can be configured to run on any supported versions of Kubernetes. To achieve this, Dapr begins by deploying the following Kubernetes services, which provide first-class integration to make running applications with Dapr easy. + +| Kubernetes services | Description | +| ------------------- | ----------- | +| `dapr-operator` | Manages [component]({{< ref components >}}) updates and Kubernetes services endpoints for Dapr (state stores, pub/subs, etc.) | +| `dapr-sidecar-injector` | Injects Dapr into [annotated](#adding-dapr-to-a-kubernetes-deployment) deployment pods and adds the environment variables `DAPR_HTTP_PORT` and `DAPR_GRPC_PORT` to enable user-defined applications to easily communicate with Dapr without hard-coding Dapr port values. | +| `dapr-placement` | Used for [actors]({{< ref actors >}}) only. Creates mapping tables that map actor instances to pods | +| `dapr-sentry` | Manages mTLS between services and acts as a certificate authority. For more information read the [security overview]({{< ref "security-concept.md" >}}) | +## Supported versions +Dapr support for Kubernetes is aligned with [Kubernetes Version Skew Policy](https://kubernetes.io/releases/version-skew-policy). + ## Deploying Dapr to a Kubernetes cluster -Read [this guide]({{< ref kubernetes-deploy.md >}}) to learn how to deploy Dapr to your Kubernetes cluster. +Read [Deploy Dapr on a Kubernetes cluster]({{< ref kubernetes-deploy.md >}}) to learn how to deploy Dapr to your Kubernetes cluster. ## Adding Dapr to a Kubernetes deployment -Deploying and running a Dapr enabled application into your Kubernetes cluster is as simple as adding a few annotations to the pods schema. To give your service an `id` and `port` known to Dapr, turn on tracing through configuration and launch the Dapr sidecar container, you annotate your Kubernetes pod like this. For more information check [dapr annotations]({{< ref arguments-annotations-overview.md >}}) +Deploying and running a Dapr-enabled application into your Kubernetes cluster is as simple as adding a few annotations to the pods schema. For example, in the following example, your Kubernetes pod is annotated to: +- Give your service an `id` and `port` known to Dapr +- Turn on tracing through configuration +- Launch the Dapr sidecar container ```yml annotations: @@ -32,20 +41,29 @@ Deploying and running a Dapr enabled application into your Kubernetes cluster is dapr.io/config: "tracing" ``` +For more information, check [Dapr annotations]({{< ref arguments-annotations-overview.md >}}). + ## Pulling container images from private registries -Dapr works seamlessly with any user application container image, regardless of its origin. Simply init Dapr and add the [Dapr annotations]({{< ref arguments-annotations-overview.md >}}) to your Kubernetes definition to add the Dapr sidecar. +Dapr works seamlessly with any user application container image, regardless of its origin. Simply [initialize Dapr]({{< ref install-dapr-selfhost.md >}}) and add the [Dapr annotations]({{< ref arguments-annotations-overview.md >}}) to your Kubernetes definition to add the Dapr sidecar. The Dapr control-plane and sidecar images come from the [daprio Docker Hub](https://hub.docker.com/u/daprio) container registry, which is a public registry. -For information about pulling your application images from a private registry, reference the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). If you are using Azure Container Registry with Azure Kubernetes Service, reference the [AKS documentation](https://docs.microsoft.com/azure/aks/cluster-container-registry-integration). +For information about: +- Pulling your application images from a private registry, reference the [official Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). +- Using Azure Container Registry with Azure Kubernetes Service, reference the [AKS documentation](https://docs.microsoft.com/azure/aks/cluster-container-registry-integration). -## Quickstart +## Stopping the cluster in development -You can see some examples [here](https://github.com/dapr/quickstarts/tree/master/tutorials/hello-kubernetes) in the Kubernetes getting started quickstart. +In some Kubernetes clustering environments, the cluster can be stopped and then restarted to save on costs. For example, the app pods start before the Dapr sidecar injector pod runs, so no sidecars are injected to the apps. Since Kubernetes doesn't enable you to define dependencies, an operator performs a Kubernetes app rollout command on the apps to restart the pods after the sidecar injector pod is running. -## Supported versions -Dapr support for Kubernetes is aligned with [Kubernetes Version Skew Policy](https://kubernetes.io/releases/version-skew-policy). +{{% alert title="Note" color="primary" %}} +Typically, this is *not* done in production, as the cluster is always running. +{{% /alert %}} + +## Tutorials + +[Work through the Hello Kubernetes tutorial](https://github.com/dapr/quickstarts/tree/master/tutorials/hello-kubernetes) to learn more about getting started with Dapr on your Kubernetes cluster. ## Related links From 2060bab1c612c8e6fe8f4fba0dc824750c6eebad Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Wed, 23 Aug 2023 16:58:06 -0400 Subject: [PATCH 04/18] refresh Signed-off-by: Hannah Hunter --- .../hosting/kubernetes/cluster/setup-aks.md | 64 +++--- .../hosting/kubernetes/cluster/setup-gke.md | 55 +++-- .../hosting/kubernetes/cluster/setup-kind.md | 193 +++++++++--------- .../kubernetes/cluster/setup-minikube.md | 75 ++++--- .../hosting/kubernetes/kubernetes-deploy.md | 189 +++++++++-------- .../kubernetes/kubernetes-hybrid-clusters.md | 62 +++--- .../hosting/kubernetes/kubernetes-job.md | 21 +- .../hosting/kubernetes/kubernetes-overview.md | 8 - .../kubernetes/kubernetes-production.md | 185 +++++++++-------- .../hosting/kubernetes/kubernetes-upgrade.md | 85 ++++---- .../kubernetes/kubernetes-volume-mounts.md | 115 ++++++----- 11 files changed, 579 insertions(+), 473 deletions(-) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md index 87d27dbc190..5ff72a3e58d 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md @@ -4,53 +4,53 @@ title: "Setup an Azure Kubernetes Service (AKS) cluster" linkTitle: "Azure Kubernetes Service (AKS)" weight: 2000 description: > - How to setup Dapr on an Azure Kubernetes Cluster. + How to setup Dapr on an Azure Kubernetes Cluster --- -# Set up an Azure Kubernetes Service cluster +This guide walks you through installing an Azure Kubernetes Service (AKS) cluster. If you need more information, refer to [Quickstart: Deploy an AKS cluster using the Azure CLI](https://docs.microsoft.com/azure/aks/kubernetes-walkthrough) ## Prerequisites -- [Docker](https://docs.docker.com/install/) -- [kubectl](https://kubernetes.io/docs/tasks/tools/) -- [Azure CLI](https://docs.microsoft.com/cli/azure/install-azure-cli?view=azure-cli-latest) +- Install: + - [Docker](https://docs.docker.com/install/) + - [kubectl](https://kubernetes.io/docs/tasks/tools/) + - [Azure CLI](https://docs.microsoft.com/cli/azure/install-azure-cli?view=azure-cli-latest) -## Deploy an Azure Kubernetes Service cluster +## Deploy an AKS cluster -This guide walks you through installing an Azure Kubernetes Service cluster. If you need more information, refer to [Quickstart: Deploy an Azure Kubernetes Service (AKS) cluster using the Azure CLI](https://docs.microsoft.com/azure/aks/kubernetes-walkthrough) +1. In the terminal, log into Azure. -1. Login to Azure + ```bash + az login + ``` -```bash -az login -``` +1. Set your default subscription: -2. Set the default subscription + ```bash + az account set -s [your_subscription_id] + ``` -```bash -az account set -s [your_subscription_id] -``` +1. Create a resource group. -3. Create a resource group + ```bash + az group create --name [your_resource_group] --location [region] + ``` -```bash -az group create --name [your_resource_group] --location [region] -``` +1. Create an AKS cluster. To use a specific version of Kubernetes, use `--kubernetes-version` (1.13.x or newer version required). -4. Create an Azure Kubernetes Service cluster + ```bash + az aks create --resource-group [your_resource_group] --name [your_aks_cluster_name] --node-count 2 --enable-addons http_application_routing --generate-ssh-keys + ``` -> **Note:** To use a specific version of Kubernetes use `--kubernetes-version` (1.13.x or newer version required) +1. Get the access credentials for the AKS cluster. -```bash -az aks create --resource-group [your_resource_group] --name [your_aks_cluster_name] --node-count 2 --enable-addons http_application_routing --generate-ssh-keys -``` + ```bash + az aks get-credentials -n [your_aks_cluster_name] -g [your_resource_group] + ``` -5. Get the access credentials for the Azure Kubernetes cluster +## Related links -```bash -az aks get-credentials -n [your_aks_cluster_name] -g [your_resource_group] -``` - -## Next steps - -{{< button text="Install Dapr using the AKS Dapr extension >>" page="azure-kubernetes-service-extension" >}} +- Learn more about [the Dapr extension for AKS]({{< ref azure-kubernetes-service-extension >}}) + - [Install the Dapr extension for AKS](https://learn.microsoft.com/azure/aks/dapr) + - [Configure the Dapr extension for AKS](https://learn.microsoft.com/azure/aks/dapr-settings) + - [Deploy and run workflows with the Dapr extension for AKS](https://learn.microsoft.com/en-us/azure/aks/dapr-workflow) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-gke.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-gke.md index fad705de928..3f00997dbd4 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-gke.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-gke.md @@ -8,48 +8,79 @@ description: "Setup a Google Kubernetes Engine cluster" ### Prerequisites -- [kubectl](https://kubernetes.io/docs/tasks/tools/) -- [Google Cloud SDK](https://cloud.google.com/sdk) +- Install: + - [kubectl](https://kubernetes.io/docs/tasks/tools/) + - [Google Cloud SDK](https://cloud.google.com/sdk) ## Create a new cluster + +Create a GKE cluster by running the following: + ```bash $ gcloud services enable container.googleapis.com && \ gcloud container clusters create $CLUSTER_NAME \ --zone $ZONE \ --project $PROJECT_ID ``` -For more options refer to the [Google Cloud SDK docs](https://cloud.google.com/sdk/gcloud/reference/container/clusters/create), or instead create a cluster through the [Cloud Console](https://console.cloud.google.com/kubernetes) for a more interactive experience. +For more options: +- Refer to the [Google Cloud SDK docs](https://cloud.google.com/sdk/gcloud/reference/container/clusters/create). +- Create a cluster through the [Cloud Console](https://console.cloud.google.com/kubernetes) for a more interactive experience. + +## Sidecar injection for private GKE clusters + +_**Sidecar injection for private clusters requires extra steps.**_ -{{% alert title="For private GKE clusters" color="warning" %}} -Sidecar injection will not work for private clusters without extra steps. An automatically created firewall rule for master access does not open port 4000. This is needed for Dapr sidecar injection. +In private GKE clusters, an automatically created firewall rule for master access doesn't open port 4000, which Dapr needs for sidecar injection. + +Review the relevant firewall rule: -To review the relevant firewall rule: ```bash $ gcloud compute firewall-rules list --filter="name~gke-${CLUSTER_NAME}-[0-9a-z]*-master" ``` -To replace the existing rule and allow kubernetes master access to port 4000: +Replace the existing rule and allow Kubernetes master access to port 4000: + ```bash $ gcloud compute firewall-rules update --allow tcp:10250,tcp:443,tcp:4000 ``` -{{% /alert %}} ## Retrieve your credentials for `kubectl` +Run the following command to retrieve your credentials: + ```bash $ gcloud container clusters get-credentials $CLUSTER_NAME \ --zone $ZONE \ --project $PROJECT_ID ``` -## (optional) Install Helm v3 +## Install Helm v3 (optional) -1. [Install Helm v3 client](https://helm.sh/docs/intro/install/) +If you are using Helm, install the [Helm v3 client](https://helm.sh/docs/intro/install/). -> **Note:** The latest Dapr helm chart no longer supports Helm v2. Please migrate from helm v2 to helm v3 by following [this guide](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/). +{{% alert title="Important" color="warning" %}} +The latest Dapr Helm chart no longer supports Helm v2. [Migrate from Helm v2 to Helm v3](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/). +{{% /alert %}} + +## Troubleshooting -2. In case you need permissions the kubernetes dashboard (i.e. configmaps is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list configmaps in the namespace "default", etc.) execute this command +### Kubernetes dashboard permissions + +Let's say you receive an error message similar to the following: + +``` +configmaps is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list configmaps in the namespace "default" +``` + +Execute this command: ```bash kubectl create clusterrolebinding kubernetes-dashboard -n kube-system --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard ``` + +## Related links +- [Learn more about GKE clusters](https://cloud.google.com/kubernetes-engine/docs) +- [Try out a Dapr quickstart]({{< ref quickstarts.md >}}) +- Learn how to [deploy Dapr on your cluster]({{< ref kubernetes-deploy.md >}}) +- [Upgrade Dapr on Kubernetes]({{< ref kubernetes-upgrade.md >}}) +- [Kubernetes production guidelines]({{< ref kubernetes-production.md >}}) \ No newline at end of file diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-kind.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-kind.md index 528781b1bfe..da463c3fb9e 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-kind.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-kind.md @@ -4,108 +4,117 @@ title: "Set up a KiND cluster" linkTitle: "KiND" weight: 1100 description: > - How to set up Dapr on a KiND cluster. + How to set up Dapr on a KiND cluster --- -# Set up a KiND cluster - ## Prerequisites -- [Docker](https://docs.docker.com/install/) -- [kubectl](https://kubernetes.io/docs/tasks/tools/) - -> Note: For Windows, enable Virtualization in BIOS and [install Hyper-V](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v) +- Install: + - [Docker](https://docs.docker.com/install/) + - [kubectl](https://kubernetes.io/docs/tasks/tools/) +- For Windows: + - Enable Virtualization in BIOS + - [Install Hyper-V](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v) ## Install and configure KiND -Make sure you follow one of the [Installation](https://kind.sigs.k8s.io/docs/user/quick-start) options for KiND. +[Refer to the KiND documentation to install.](https://kind.sigs.k8s.io/docs/user/quick-start) -In case you are using Docker Desktop, double-check that you have performed the recommended [settings](https://kind.sigs.k8s.io/docs/user/quick-start#settings-for-docker-desktop) (4 CPUs and 8 GiB of RAM available to Docker Engine). +If you are using Docker Desktop, verify that you have [the recommended settings](https://kind.sigs.k8s.io/docs/user/quick-start#settings-for-docker-desktop). ## Configure and create the KiND cluster 1. Create a file named `kind-cluster-config.yaml`, and paste the following: -```yaml -kind: Cluster -apiVersion: kind.x-k8s.io/v1alpha4 -nodes: -- role: control-plane - kubeadmConfigPatches: - - | - kind: InitConfiguration - nodeRegistration: - kubeletExtraArgs: - node-labels: "ingress-ready=true" - extraPortMappings: - - containerPort: 80 - hostPort: 8081 - protocol: TCP - - containerPort: 443 - hostPort: 8443 - protocol: TCP -- role: worker -- role: worker -``` - -This is going to request KiND to spin up a kubernetes cluster comprised of a control plane and two worker nodes. It also allows for future setup of ingresses and exposes container ports to the host machine. - -2. Run the `kind create cluster` providing the cluster configuration file: - -```bash -kind create cluster --config kind-cluster-config.yaml -``` - -Wait until the cluster is created, the output should look like this: - -```md -Creating cluster "kind" ... - ✓ Ensuring node image (kindest/node:v1.21.1) đŸ–ŧ - ✓ Preparing nodes đŸ“Ļ đŸ“Ļ đŸ“Ļ - ✓ Writing configuration 📜 - ✓ Starting control-plane 🕹ī¸ - ✓ Installing CNI 🔌 - ✓ Installing StorageClass 💾 - ✓ Joining worker nodes 🚜 -Set kubectl context to "kind-kind" -You can now use your cluster with: - -kubectl cluster-info --context kind-kind - -Thanks for using kind! 😊 -``` - -## Dapr - -1. Initialize Dapr: -```bash -dapr init --kubernetes -``` - -Once Dapr finishes initializing its core components are ready to be used on the cluster. - -To verify the status of these components run: -```bash -dapr status -k -``` -the output should look like this: - -```md - NAME NAMESPACE HEALTHY STATUS REPLICAS VERSION AGE CREATED - dapr-sentry dapr-system True Running 1 1.5.1 53s 2021-12-10 09:27.17 - dapr-operator dapr-system True Running 1 1.5.1 53s 2021-12-10 09:27.17 - dapr-sidecar-injector dapr-system True Running 1 1.5.1 53s 2021-12-10 09:27.17 - dapr-dashboard dapr-system True Running 1 0.9.0 53s 2021-12-10 09:27.17 - dapr-placement-server dapr-system True Running 1 1.5.1 52s 2021-12-10 09:27.18 -``` - -2. Forward a port to [Dapr dashboard](https://docs.dapr.io/reference/cli/dapr-dashboard/): - -```bash -dapr dashboard -k -p 9999 -``` - -So that you can validate that the setup finished successfully by navigating to `http://localhost:9999`. - -## Next steps -- [Try out a Dapr quickstart]({{< ref quickstarts.md >}}) + ```yaml + kind: Cluster + apiVersion: kind.x-k8s.io/v1alpha4 + nodes: + - role: control-plane + kubeadmConfigPatches: + - | + kind: InitConfiguration + nodeRegistration: + kubeletExtraArgs: + node-labels: "ingress-ready=true" + extraPortMappings: + - containerPort: 80 + hostPort: 8081 + protocol: TCP + - containerPort: 443 + hostPort: 8443 + protocol: TCP + - role: worker + - role: worker + ``` + + This cluster configuration: + - Requests KiND to spin up a Kubernetes cluster comprised of a control plane and two worker nodes. + - Allows for future setup of ingresses. + - Exposes container ports to the host machine. + +1. Run the `kind create cluster` command, providing the cluster configuration file: + + ```bash + kind create cluster --config kind-cluster-config.yaml + ``` + + **Expected output** + + ```md + Creating cluster "kind" ... + ✓ Ensuring node image (kindest/node:v1.21.1) đŸ–ŧ + ✓ Preparing nodes đŸ“Ļ đŸ“Ļ đŸ“Ļ + ✓ Writing configuration 📜 + ✓ Starting control-plane 🕹ī¸ + ✓ Installing CNI 🔌 + ✓ Installing StorageClass 💾 + ✓ Joining worker nodes 🚜 + Set kubectl context to "kind-kind" + You can now use your cluster with: + + kubectl cluster-info --context kind-kind + + Thanks for using kind! 😊 + ``` + +## Initialize and run Dapr + +1. Initialize Dapr in Kubernetes. + + ```bash + dapr init --kubernetes + ``` + + Once Dapr finishes initializing, you can use its core components on the cluster. + +1. Verify the status of the Dapr components: + + ```bash + dapr status -k + ``` + + **Expected output** + + ```md + NAME NAMESPACE HEALTHY STATUS REPLICAS VERSION AGE CREATED + dapr-sentry dapr-system True Running 1 1.5.1 53s 2021-12-10 09:27.17 + dapr-operator dapr-system True Running 1 1.5.1 53s 2021-12-10 09:27.17 + dapr-sidecar-injector dapr-system True Running 1 1.5.1 53s 2021-12-10 09:27.17 + dapr-dashboard dapr-system True Running 1 0.9.0 53s 2021-12-10 09:27.17 + dapr-placement-server dapr-system True Running 1 1.5.1 52s 2021-12-10 09:27.18 + ``` + +1. Forward a port to [Dapr dashboard](https://docs.dapr.io/reference/cli/dapr-dashboard/): + + ```bash + dapr dashboard -k -p 9999 + ``` + +1. Navigate to `http://localhost:9999` to validate a successful setup. + +## Related links +- [Try out a Dapr quickstart]({{< ref quickstarts.md >}}) +- Learn how to [deploy Dapr on your cluster]({{< ref kubernetes-deploy.md >}}) +- [Upgrade Dapr on Kubernetes]({{< ref kubernetes-upgrade.md >}}) +- [Kubernetes production guidelines]({{< ref kubernetes-production.md >}}) \ No newline at end of file diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md index 3880e4fa95b..78835d5c400 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md @@ -4,57 +4,62 @@ title: "Setup an Minikube cluster" linkTitle: "Minikube" weight: 1000 description: > - How to setup Dapr on a Minikube cluster. + How to setup Dapr on a Minikube cluster --- -# Set up a Minikube cluster - ## Prerequisites -- [Docker](https://docs.docker.com/install/) -- [kubectl](https://kubernetes.io/docs/tasks/tools/) -- [Minikube](https://minikube.sigs.k8s.io/docs/start/) - -> Note: For Windows, enable Virtualization in BIOS and [install Hyper-V](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v) +- Install: + - [Docker](https://docs.docker.com/install/) + - [kubectl](https://kubernetes.io/docs/tasks/tools/) + - [Minikube](https://minikube.sigs.k8s.io/docs/start/) +- +- For Windows: + - Enable Virtualization in BIOS + - [Install Hyper-V](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v) ## Start the Minikube cluster -1. (optional) Set the default VM driver - -```bash -minikube config set vm-driver [driver_name] -``` +1. If applicable for your project, set the default VM. -> Note: See [DRIVERS](https://minikube.sigs.k8s.io/docs/reference/drivers/) for details on supported drivers and how to install plugins. + ```bash + minikube config set vm-driver [driver_name] + ``` -2. Start the cluster -Use 1.13.x or newer version of Kubernetes with `--kubernetes-version` +{{% alert title="Note" color="warning" %}} +See [the official Minikube documentation on drivers](https://minikube.sigs.k8s.io/docs/reference/drivers/) for details on supported drivers and how to install plugins. +{{% /alert %}} -```bash -minikube start --cpus=4 --memory=4096 -``` +1. Start the cluster. + - If necessary, specify version 1.13.x or newer of Kubernetes with `--kubernetes-version` -3. Enable dashboard and ingress addons + ```bash + minikube start --cpus=4 --memory=4096 + ``` -```bash -# Enable dashboard -minikube addons enable dashboard +1. Enable the Minikube dashboard and ingress add-ons. -# Enable ingress -minikube addons enable ingress -``` + ```bash + # Enable dashboard + minikube addons enable dashboard + + # Enable ingress + minikube addons enable ingress + ``` -## (optional) Install Helm v3 +## Install Helm v3 (optional) -1. [Install Helm v3 client](https://helm.sh/docs/intro/install/) +If you are using Helm, install the [Helm v3 client](https://helm.sh/docs/intro/install/). -> **Note:** The latest Dapr helm chart no longer supports Helm v2. Please migrate from helm v2 to helm v3 by following [this guide](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/). +{{% alert title="Important" color="warning" %}} +The latest Dapr Helm chart no longer supports Helm v2. [Migrate from Helm v2 to Helm v3](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/). +{{% /alert %}} -### Troubleshooting +## Troubleshooting -1. The external IP address of load balancer is not shown from `kubectl get svc` +The external IP address of load balancer is not shown from `kubectl get svc`. -In Minikube, EXTERNAL-IP in `kubectl get svc` shows `` state for your service. In this case, you can run `minikube service [service_name]` to open your service without external IP address. +In Minikube, `EXTERNAL-IP` in `kubectl get svc` shows `` state for your service. In this case, you can run `minikube service [service_name]` to open your service without external IP address. ```bash $ kubectl get svc @@ -72,3 +77,9 @@ $ minikube service calculator-front-end |-----------|----------------------|-------------|---------------------------| 🎉 Opening kubernetes service default/calculator-front-end in default browser... ``` + +## Related links +- [Try out a Dapr quickstart]({{< ref quickstarts.md >}}) +- Learn how to [deploy Dapr on your cluster]({{< ref kubernetes-deploy.md >}}) +- [Upgrade Dapr on Kubernetes]({{< ref kubernetes-upgrade.md >}}) +- [Kubernetes production guidelines]({{< ref kubernetes-production.md >}}) \ No newline at end of file diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md index 7b8dfacf980..7f972885286 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md @@ -8,99 +8,101 @@ aliases: - /getting-started/install-dapr-kubernetes/ --- -When setting up Kubernetes you can use either the Dapr CLI or Helm. +When [setting up Dapr on Kubernetes]({{< ref kubernetes-overview.md >}}), you can use either the Dapr CLI or Helm. -For more information on what is deployed to your Kubernetes cluster read the [Kubernetes overview]({{< ref kubernetes-overview.md >}}) - -## Prerequisites - -- Install [Dapr CLI]({{< ref install-dapr-cli.md >}}) -- Install [kubectl](https://kubernetes.io/docs/tasks/tools/) -- Kubernetes cluster (see below if needed) +{{% alert title="Hybrid clusters" color="primary" %}} +Both the Dapr CLI and the Dapr Helm chart automatically deploy with affinity for nodes with the label `kubernetes.io/os=linux`. You can deploy Dapr to Windows nodes if your application requires it. For more information, see [Deploying to a hybrid Linux/Windows Kubernetes cluster]({{< ref kubernetes-hybrid-clusters >}}). +{{% /alert %}} -### Create cluster +{{< tabs "Dapr CLI" "Helm" >}} + +{{% codetab %}} +## Install with Dapr CLI -You can install Dapr on any Kubernetes cluster. Here are some helpful links: +You can install Dapr to a Kubernetes cluster using the [Dapr CLI]({{< ref install-dapr-cli.md >}}). -- [Setup KiNd Cluster]({{< ref setup-kind.md >}}) -- [Setup Minikube Cluster]({{< ref setup-minikube.md >}}) -- [Setup Azure Kubernetes Service Cluster]({{< ref setup-aks.md >}}) -- [Setup Google Cloud Kubernetes Engine](https://docs.dapr.io/operations/hosting/kubernetes/cluster/setup-gke/) -- [Setup Amazon Elastic Kubernetes Service](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html) +### Prerequisites -{{% alert title="Hybrid clusters" color="primary" %}} -Both the Dapr CLI and the Dapr Helm chart automatically deploy with affinity for nodes with the label `kubernetes.io/os=linux`. You can deploy Dapr to Windows nodes if your application requires it. For more information see [Deploying to a hybrid Linux/Windows Kubernetes cluster]({{}}). -{{% /alert %}} +- Install: + - [Dapr CLI]({{< ref install-dapr-cli.md >}}) + - [kubectl](https://kubernetes.io/docs/tasks/tools/) +- Create a Kubernetes cluster with Dapr. Here are some helpful links: + - [Set up KiNd Cluster]({{< ref setup-kind.md >}}) + - [Set up Minikube Cluster]({{< ref setup-minikube.md >}}) + - [Set up Azure Kubernetes Service Cluster]({{< ref setup-aks.md >}}) + - [Set up GKE cluster]({{< ref setup-gke.md >}}) + - [Set up Amazon Elastic Kubernetes Service](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html) -## Install with Dapr CLI +### Installation options -You can install Dapr to a Kubernetes cluster using the [Dapr CLI]({{< ref install-dapr-cli.md >}}). +You can install Dapr from an official Helm chart or a private chart, using a custom namespace, etc. -### Install Dapr (from an official Dapr Helm chart) +#### Install Dapr from an official Dapr Helm chart The `-k` flag initializes Dapr on the Kubernetes cluster in your current context. -{{% alert title="Ensure correct cluster is set" color="warning" %}} -Make sure the correct "target" cluster is set. Check `kubectl context (kubectl config get-contexts)` to verify. You can set a different context using `kubectl config use-context `. -{{% /alert %}} - -Run the following command on your local machine to init Dapr on your cluster: +1. Verify the correct "target" cluster is set by checking `kubectl context (kubectl config get-contexts)`. + - You can set a different context using `kubectl config use-context `. -```bash -dapr init -k -``` +1. Initialize Dapr on your cluster with the following command: -```bash -⌛ Making the jump to hyperspace... + ```bash + dapr init -k + ``` -✅ Deploying the Dapr control plane to your cluster... -✅ Success! Dapr has been installed to namespace dapr-system. To verify, run "dapr status -k" in your terminal. To get started, go here: https://aka.ms/dapr-getting-started -``` + **Expected output** + + ```bash + ⌛ Making the jump to hyperspace... + + ✅ Deploying the Dapr control plane to your cluster... + ✅ Success! Dapr has been installed to namespace dapr-system. To verify, run "dapr status -k" in your terminal. To get started, go here: https://aka.ms/dapr-getting-started + ``` + +1. Run the dashboard: -To run the dashboard, run: + ```bash + dapr dashboard -k + ``` -```bash -dapr dashboard -k -``` + If you installed Dapr in a **non-default namespace**, run: + + ```bash + dapr dashboard -k -n + ``` -If you installed Dapr in a non-default namespace, run: +#### Install Dapr from a private Dapr Helm chart -```bash -dapr dashboard -k -n -``` +Installing Dapr from a private Helm chart can be helpful for when you: +- Need more granular control of the Dapr Helm chart +- Have a custom Dapr deployment +- Pull Helm charts from trusted registries that are managed and maintained by your organization -### Install Dapr (a private Dapr Helm chart) -There are some scenarios where it's necessary to install Dapr from a private Helm chart, such as: -- needing more granular control of the Dapr Helm chart -- having a custom Dapr deployment -- pulling Helm charts from trusted registries that are managed and maintained by your organization +Set the following parameters to allow `dapr init -k` to install Dapr images from the configured Helm repository. ``` export DAPR_HELM_REPO_URL="https://helm.custom-domain.com/dapr/dapr" export DAPR_HELM_REPO_USERNAME="username_xxx" export DAPR_HELM_REPO_PASSWORD="passwd_xxx" ``` +#### Install in high availability mode -Setting the above parameters will allow `dapr init -k` to install Dapr images from the configured Helm repository. - -### Install in custom namespace - -The default namespace when initializing Dapr is `dapr-system`. You can override this with the `-n` flag. +You can run Dapr with three replicas of each control plane pod in the `dapr-system` namespace for [production scenarios]({{< ref kubernetes-production.md >}}). ```bash -dapr init -k -n mynamespace +dapr init -k --enable-ha=true ``` -### Install in highly available mode +#### Install in custom namespace -You can run Dapr with 3 replicas of each control plane pod in the dapr-system namespace for [production scenarios]({{< ref kubernetes-production.md >}}). +The default namespace when initializing Dapr is `dapr-system`. You can override this with the `-n` flag. ```bash -dapr init -k --enable-ha=true +dapr init -k -n mynamespace ``` -### Disable mTLS +#### Disable mTLS Dapr is initialized by default with [mTLS]({{< ref "security-concept.md#sidecar-to-sidecar-communication" >}}). You can disable it with: @@ -108,11 +110,9 @@ Dapr is initialized by default with [mTLS]({{< ref "security-concept.md#sidecar- dapr init -k --enable-mtls=false ``` -### Wait for the installation to complete - - You can wait for the installation to complete its deployment with the `--wait` flag. +#### Wait for the installation to complete - The default timeout is 300s (5 min), but can be customized with the `--timeout` flag. +You can wait for the installation to complete its deployment with the `--wait` flag. The default timeout is 300s (5 min), but can be customized with the `--timeout` flag. ```bash dapr init -k --wait --timeout 600 @@ -126,18 +126,33 @@ Run the following command on your local machine to uninstall Dapr on your cluste dapr uninstall -k ``` +{{% /codetab %}} + + +{{% codetab %}} + ## Install with Helm (advanced) You can install Dapr on Kubernetes using a Helm 3 chart. -{{% alert title="Ensure you are on Helm v3" color="primary" %}} -The latest Dapr helm chart no longer supports Helm v2. Please migrate from Helm v2 to Helm v3 by following [this guide](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/). -{{% /alert %}} +❗**Important:** The latest Dapr Helm chart no longer supports Helm v2. [Migrate from Helm v2 to Helm v3](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/). + +### Prerequisites + +- Install: + - [Helm v3](https://helm.sh/docs/intro/install/) + - [kubectl](https://kubernetes.io/docs/tasks/tools/) +- Create a Kubernetes cluster with Dapr. Here are some helpful links: + - [Set up KiNd Cluster]({{< ref setup-kind.md >}}) + - [Set up Minikube Cluster]({{< ref setup-minikube.md >}}) + - [Set up Azure Kubernetes Service Cluster]({{< ref setup-aks.md >}}) + - [Set up GKE cluster]({{< ref setup-gke.md >}}) + - [Set up Amazon Elastic Kubernetes Service](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html) + ### Add and install Dapr Helm chart -1. Make sure [Helm 3](https://github.com/helm/helm/releases) is installed on your machine -1. Add Helm repo and update +1. Add the Helm repo and update: ```bash // Add the official Dapr Helm chart. @@ -160,7 +175,7 @@ The latest Dapr helm chart no longer supports Helm v2. Please migrate from Helm --wait ``` - To install in high availability mode: + To install in **high availability** mode: ```bash helm upgrade --install dapr dapr/dapr \ @@ -173,18 +188,7 @@ The latest Dapr helm chart no longer supports Helm v2. Please migrate from Helm See [Guidelines for production ready deployments on Kubernetes]({{< ref kubernetes-production.md >}}) for more information on installing and upgrading Dapr using Helm. -### Uninstall Dapr on Kubernetes - -```bash -helm uninstall dapr --namespace dapr-system -``` - -### More information - -- Read [this guide]({{< ref kubernetes-production.md >}}) for recommended Helm chart values for production setups -- See [this page](https://github.com/dapr/dapr/blob/master/charts/dapr/README.md) for details on Dapr Helm charts. - -## Installing the Dapr dashboard as part of the control plane +### (optional) Install the Dapr dashboard as part of the control plane If you want to install the Dapr dashboard, use this Helm chart with the additional settings of your choice: @@ -200,9 +204,9 @@ kubectl create namespace dapr-system helm install dapr dapr/dapr-dashboard --namespace dapr-system ``` -## Verify installation +### Verify installation -Once the installation is complete, verify that the dapr-operator, dapr-placement, dapr-sidecar-injector and dapr-sentry pods are running in the `dapr-system` namespace: +Once the installation is complete, verify that the `dapr-operator`, `dapr-placement`, `dapr-sidecar-injector`, and `dapr-sentry` pods are running in the `dapr-system` namespace: ```bash kubectl get pods --namespace dapr-system @@ -217,9 +221,9 @@ dapr-sidecar-injector-8555576b6f-29cqm 1/1 Running 0 40s dapr-sentry-9435776c7f-8f7yd 1/1 Running 0 40s ``` -## Using Mariner-based images +### Use Mariner-based images -When deploying Dapr, whether on Kubernetes or in Docker self-hosted, the default container images that are pulled are based on [*distroless*](https://github.com/GoogleContainerTools/distroless). +The default container images pulled on Kubernetes are based on [*distroless*](https://github.com/GoogleContainerTools/distroless). Alternatively, you can use Dapr container images based on Mariner 2 (minimal distroless). [Mariner](https://github.com/microsoft/CBL-Mariner/), officially known as CBL-Mariner, is a free and open-source Linux distribution and container base image maintained by Microsoft. For some Dapr users, leveraging container images based on Mariner can help you meet compliance requirements. @@ -236,6 +240,23 @@ helm upgrade --install dapr dapr/dapr \ --wait ``` -## Next steps +### Uninstall Dapr on Kubernetes + +```bash +helm uninstall dapr --namespace dapr-system +``` + +### More information + +- Read [the Kubernetes productions guidelines]({{< ref kubernetes-production.md >}}) for recommended Helm chart values for production setups +- [More details on Dapr Helm charts](https://github.com/dapr/dapr/blob/master/charts/dapr/README.md) + +{{% /codetab %}} + +{{< /tabs >}} +## Related links +- [Deploy Dapr with Helm parameters and other details]({{< ref "kubernetes-production.md#deploy-dapr-with-helm" >}}) +- [Upgrade Dapr on Kubernetes]({{< ref kubernetes-upgrade.md >}}) +- [Kubernetes production guidelines]({{< ref kubernetes-production.md >}}) - [Configure state store & pubsub message broker]({{< ref "getting-started/tutorials/configure-state-pubsub.md" >}}) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-hybrid-clusters.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-hybrid-clusters.md index ec57289a4f4..3cc10ae6c44 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-hybrid-clusters.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-hybrid-clusters.md @@ -6,24 +6,30 @@ weight: 60000 description: "How to run Dapr apps on Kubernetes clusters with Windows nodes" --- -Dapr supports running on Kubernetes clusters with Windows nodes. You can run your Dapr microservices exclusively on Windows, exclusively on Linux, or a combination of both. This is helpful to users who may be doing a piecemeal migration of a legacy application into a Dapr Kubernetes cluster. +Dapr supports running your Dapr microservices on Kubernetes clusters on: +- Excusively Windows +- Exclusively Linux +- A combination of both -Kubernetes uses a concept called node affinity so that you can denote whether you want your application to be launched on a Linux node or a Windows node. When deploying to a cluster which has both Windows and Linux nodes, you must provide affinity rules for your applications, otherwise the Kubernetes scheduler might launch your application on the wrong type of node. +This is especially helpful during a piecemeal migration of a legacy application into a Dapr Kubernetes cluster. -## Pre-requisites +Kubernetes uses a concept called **node affinity** to denote whether you want your application to be launched on a Linux node or a Windows node. When deploying to a cluster which has both Windows and Linux nodes, you must provide affinity rules for your applications, otherwise the Kubernetes scheduler might launch your application on the wrong type of node. -You will need a Kubernetes cluster with Windows nodes. Many Kubernetes providers support the automatic provisioning of Windows enabled Kubernetes clusters. +## Prerequisites -1. Follow your preferred provider's instructions for setting up a cluster with Windows enabled +Before you begin, set up a Kubernetes cluster with Windows nodes. Many Kubernetes providers support the automatic provisioning of Windows enabled Kubernetes clusters. -- [Setting up Windows on Azure AKS](https://docs.microsoft.com/azure/aks/windows-container-cli) -- [Setting up Windows on AWS EKS](https://docs.aws.amazon.com/eks/latest/userguide/windows-support.html) -- [Setting up Windows on Google Cloud GKE](https://cloud.google.com/kubernetes-engine/docs/how-to/creating-a-cluster-windows) +1. Follow your preferred provider's instructions for setting up a cluster with Windows enabled. + + - [Setting up Windows on Azure AKS](https://docs.microsoft.com/azure/aks/windows-container-cli) + - [Setting up Windows on AWS EKS](https://docs.aws.amazon.com/eks/latest/userguide/windows-support.html) + - [Setting up Windows on Google Cloud GKE](https://cloud.google.com/kubernetes-engine/docs/how-to/creating-a-cluster-windows) -2. Once you have set up the cluster, you should see that it has both Windows and Linux nodes available +1. Once you have set up the cluster, verify that both Windows and Linux nodes are available. ```bash kubectl get nodes -o wide + NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME aks-nodepool1-11819434-vmss000000 Ready agent 6d v1.17.9 10.240.0.4 Ubuntu 16.04.6 LTS 4.15.0-1092-azure docker://3.0.10+azure aks-nodepool1-11819434-vmss000001 Ready agent 6d v1.17.9 10.240.0.35 Ubuntu 16.04.6 LTS 4.15.0-1092-azure docker://3.0.10+azure @@ -31,29 +37,31 @@ You will need a Kubernetes cluster with Windows nodes. Many Kubernetes providers akswin000000 Ready agent 6d v1.17.9 10.240.0.66 Windows Server 2019 Datacenter 10.0.17763.1339 docker://19.3.5 akswin000001 Ready agent 6d v1.17.9 10.240.0.97 Windows Server 2019 Datacenter 10.0.17763.1339 docker://19.3.5 ``` -## Installing the Dapr control plane -If you are installing using the Dapr CLI or via a helm chart, simply follow the normal deployment procedures: -[Installing Dapr on a Kubernetes cluster]({{< ref "install-dapr-selfhost.md#installing-Dapr-on-a-kubernetes-cluster" >}}) +## Install the Dapr control plane + +If you are installing using the Dapr CLI or via a Helm chart, simply follow the normal deployment procedures: [Installing Dapr on a Kubernetes cluster]({{< ref "install-dapr-selfhost.md#installing-Dapr-on-a-kubernetes-cluster" >}}) Affinity will be automatically set for `kubernetes.io/os=linux`. This will be sufficient for most users, as Kubernetes requires at least one Linux node pool. -> **Note:** Dapr control plane containers are built and tested for both Windows and Linux, however, we generally recommend using the Linux control plane containers. They tend to be smaller and have a much larger user base. +{{% alert title="Note" color="primary" %}} +Dapr control plane containers are built and tested for both Windows and Linux. However, it's recommended to use the Linux control plane containers, which tend to be smaller and have a much larger user base. If you understand the above, but want to deploy the Dapr control plane to Windows, you can do so by setting: -``` +```sh helm install dapr dapr/dapr --set global.daprControlPlaneOs=windows ``` +{{% /alert %}} -## Installing Dapr applications +## Install Dapr applications ### Windows applications -In order to launch a Dapr application on Windows, you'll first need to create a Docker container with your application installed. For a step by step guide see [Get started: Prep Windows for containers](https://docs.microsoft.com/virtualization/windowscontainers/quick-start/set-up-environment). Once you have a docker container with your application, create a deployment YAML file with node affinity set to kubernetes.io/os: windows. -1. Create a deployment YAML +1. [Follow the Microsoft documentation to create a Docker Windows container with your application installed](https://learn.microsoft.com/virtualization/windowscontainers/quick-start/set-up-environment?tabs=dockerce). + +1. Once you've created a Docker container with your application, create a deployment YAML file with the node affinity set to `kubernetes.io/os: windows`. In the example `deploy_windows.yaml` deployment file below: - Here is a sample deployment with nodeAffinity set to "windows". Modify as needed for your application. ```yaml apiVersion: apps/v1 kind: Deployment @@ -92,9 +100,8 @@ In order to launch a Dapr application on Windows, you'll first need to create a values: - windows ``` - This deployment yaml will be the same as any other dapr application, with an additional spec.template.spec.affinity section as shown above. - -2. Deploy to your Kubernetes cluster + +1. Deploy the YAML file to your Kubernetes cluster. ```bash kubectl apply -f deploy_windows.yaml @@ -102,11 +109,10 @@ In order to launch a Dapr application on Windows, you'll first need to create a ### Linux applications -If you already have a Dapr application that runs on Linux, you'll still need to add affinity rules as above, but choose Linux affinity instead. +If you already have a Dapr application that runs on Linux, you still need to add affinity rules. -1. Create a deployment YAML +1. Create a deployment YAML file with the node affinity set to `kubernetes.io/os: linux`. In the example `deploy_linux.yaml` deployment file below: - Here is a sample deployment with nodeAffinity set to "linux". Modify as needed for your application. ```yaml apiVersion: apps/v1 kind: Deployment @@ -146,13 +152,17 @@ If you already have a Dapr application that runs on Linux, you'll still need to - linux ``` -2. Deploy to your Kubernetes cluster +1. Deploy the YAML to your Kubernetes cluster. ```bash kubectl apply -f deploy_linux.yaml ``` -## Cleanup +That's it! + +## Clean up + +To remove the deployments from this guide, run the following commands: ```bash kubectl delete -f deploy_linux.yaml diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-job.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-job.md index 0b2139fddc7..bd8c8f5eff5 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-job.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-job.md @@ -7,19 +7,19 @@ description: "Use Dapr API in a Kubernetes Job context" type: docs --- -# Kubernetes Job +The Dapr sidecar is designed to be a long running process. In the context of a [Kubernetes Job](https://kubernetes.io/docs/concepts/workloads/controllers/job/) this behavior can block your job completion. -The Dapr sidecar is designed to be a long running process, in the context of a [Kubernetes Job](https://kubernetes.io/docs/concepts/workloads/controllers/job/) this behaviour can block your job completion. -To address this issue the Dapr sidecar has an endpoint to `Shutdown` the sidecar. +To address this issue, the Dapr sidecar has an endpoint to `Shutdown` the sidecar. -When running a basic [Kubernetes Job](https://kubernetes.io/docs/concepts/workloads/controllers/job/) you will need to call the `/shutdown` endpoint for the sidecar to gracefully stop and the job will be considered `Completed`. +When running a basic [Kubernetes Job](https://kubernetes.io/docs/concepts/workloads/controllers/job/), you need to call the `/shutdown` endpoint for the sidecar to gracefully stop and the job to be considered `Completed`. -When a job is finished without calling `Shutdown`, your job will be in a `NotReady` state with only the `daprd` container running endlessly. +When a job is finished without calling `Shutdown`, your job is in a `NotReady` state with only the `daprd` container running endlessly. + +Stopping the Dapr sidecar causes its readiness and liveness probes to fail in your container. -Stopping the dapr sidecar will cause its readiness and liveness probes to fail in your container because the dapr sidecar was shutdown. To prevent Kubernetes from trying to restart your job, set your job's `restartPolicy` to `Never`. -Be sure to use the *POST* HTTP verb when calling the shutdown HTTP API. +Be sure to use the *POST* HTTP verb when calling the shutdown HTTP API. For example: ```yaml apiVersion: batch/v1 @@ -40,7 +40,7 @@ spec: restartPolicy: Never ``` -You can also call the `Shutdown` from any of the Dapr SDKs +You can also call the `Shutdown` from any of the Dapr SDKs. For example, for the Go SDK: ```go package main @@ -63,3 +63,8 @@ func main() { // Job } ``` + +## Related links + +- [Deploy Dapr on Kubernetes]({{< ref kubernetes-deploy.md >}}) +- [Upgrade Dapr on Kubernetes]({{< ref kubernetes-upgrade.md >}}) \ No newline at end of file diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md index e8a40434905..d6e1215784a 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md @@ -53,14 +53,6 @@ For information about: - Pulling your application images from a private registry, reference the [official Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). - Using Azure Container Registry with Azure Kubernetes Service, reference the [AKS documentation](https://docs.microsoft.com/azure/aks/cluster-container-registry-integration). -## Stopping the cluster in development - -In some Kubernetes clustering environments, the cluster can be stopped and then restarted to save on costs. For example, the app pods start before the Dapr sidecar injector pod runs, so no sidecars are injected to the apps. Since Kubernetes doesn't enable you to define dependencies, an operator performs a Kubernetes app rollout command on the apps to restart the pods after the sidecar injector pod is running. - -{{% alert title="Note" color="primary" %}} -Typically, this is *not* done in production, as the cluster is always running. -{{% /alert %}} - ## Tutorials [Work through the Hello Kubernetes tutorial](https://github.com/dapr/quickstarts/tree/master/tutorials/hello-kubernetes) to learn more about getting started with Dapr on your Kubernetes cluster. diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-production.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-production.md index 5a3388cf0e7..365187bc991 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-production.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-production.md @@ -3,16 +3,14 @@ type: docs title: "Production guidelines on Kubernetes" linkTitle: "Production guidelines" weight: 40000 -description: "Recommendations and practices for deploying Dapr to a Kubernetes cluster in a production-ready configuration" +description: "Best practices for deploying Dapr to a Kubernetes cluster in a production-ready configuration" --- ## Cluster and capacity requirements Dapr support for Kubernetes is aligned with [Kubernetes Version Skew Policy](https://kubernetes.io/releases/version-skew-policy/). -For a production-ready Kubernetes cluster deployment, we recommended you run a cluster of at least 3 worker nodes to support a highly-available control plane installation. - -Use the following resource settings as a starting point. Requirements will vary depending on cluster size, number of pods, and other factors, so you should perform individual testing to find the right values for your environment: +Use the following resource settings as a starting point. Requirements vary depending on cluster size, number of pods, and other factors. Perform individual testing to find the right values for your environment. | Deployment | CPU | Memory |-------------|-----|------- @@ -23,7 +21,7 @@ Use the following resource settings as a starting point. Requirements will vary | **Dashboard** | Limit: 200m, Request: 50m | Limit: 200Mi, Request: 20Mi {{% alert title="Note" color="primary" %}} -For more info, read the [concept article on CPU and Memory resource units and their meaning](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-units-in-kubernetes). +For more information, refer to the Kubernetes documentation on [CPU and Memory resource units and their meaning](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-units-in-kubernetes). {{% /alert %}} ### Helm @@ -32,29 +30,26 @@ When installing Dapr using Helm, no default limit/request values are set. Each c The [Helm chart readme](https://github.com/dapr/dapr/blob/master/charts/dapr/README.md) has detailed information and examples. -For local/dev installations, you might simply want to skip configuring the `resources` options. +For local/dev installations, you might want to skip configuring the `resources` options. ### Optional components The following Dapr control plane deployments are optional: -- **Placement**: needed to use Dapr Actors -- **Sentry**: needed for mTLS for service to service invocation -- **Dashboard**: needed to get an operational view of the cluster +- **Placement**: For using Dapr Actors +- **Sentry**: For mTLS for service-to-service invocation +- **Dashboard**: For an operational view of the cluster ## Sidecar resource settings -To set the resource assignments for the Dapr sidecar, see the annotations [here]({{< ref "arguments-annotations-overview.md" >}}). -The specific annotations related to resource constraints are: +[Set the resource assignments for the Dapr sidecar using the supported annotations]({{< ref "arguments-annotations-overview.md" >}}). The specific annotations related to **resource constraints** are: - `dapr.io/sidecar-cpu-limit` - `dapr.io/sidecar-memory-limit` - `dapr.io/sidecar-cpu-request` - `dapr.io/sidecar-memory-request` -If not set, the Dapr sidecar will run without resource settings, which may lead to issues. For a production-ready setup it is strongly recommended to configure these settings. - -For more details on configuring resource in Kubernetes see [Assign Memory Resources to Containers and Pods](https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/) and [Assign CPU Resources to Containers and Pods](https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/). +If not set, the Dapr sidecar runs without resource settings, which may lead to issues. For a production-ready setup, it's strongly recommended to configure these settings. Example settings for the Dapr sidecar in a production-ready setup: @@ -62,20 +57,21 @@ Example settings for the Dapr sidecar in a production-ready setup: |-----|--------| | Limit: 300m, Request: 100m | Limit: 1000Mi, Request: 250Mi +The CPU and memory limits above account for Dapr supporting a high number of I/O bound operations. Use a [monitoring tool]({{< ref observability >}}) to get a baseline for the sidecar (and app) containers and tune these settings based on those baselines. + +For more details on configuring resource in Kubernetes, see the following Kubernetes guides: +- [Assign Memory Resources to Containers and Pods](https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/) +- [Assign CPU Resources to Containers and Pods](https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/) + {{% alert title="Note" color="primary" %}} -Since Dapr is intended to do much of the I/O heavy lifting for your app, it's expected that the resources given to Dapr enable you to drastically reduce the resource allocations for the application. +Since Dapr is intended to do much of the I/O heavy lifting for your app, the resources given to Dapr drastically reduce the resource allocations for the application. {{% /alert %}} -The CPU and memory limits above account for the fact that Dapr is intended to support a high number of I/O bound operations. It is strongly recommended that you use a monitoring tool to get a baseline for the sidecar (and app) containers and tune these settings based on those baselines. - ### Setting soft memory limits on Dapr sidecar -It is recommended to set soft memory limits on the Dapr sidecar when you have set up memory limits. -This allows the sidecar garbage collector to free up memory when the memory usage is above the limit instead of -waiting to be double of the last amount of memory present in the heap when it was run, which is the default behavior -of the [garbage collector](https://tip.golang.org/doc/gc-guide#Memory_limit) used in Go, and can lead to OOM Kill events. +Set soft memory limits on the Dapr sidecar when you've set up memory limits. With soft memory limits, the sidecar garbage collector frees up memory once it exceeds the limit instead of waiting for it to be double of the last amount of memory present in the heap when it was run. Waiting is the default behavior of the [garbage collector](https://tip.golang.org/doc/gc-guide#Memory_limit) used in Go, and can lead to OOM Kill events. -For example, for an app with app-id `nodeapp`, if you have set your memory limit to be 1000Mi as mentioned above, you can use the following in your pod annotations: +For example, for an app with app-id `nodeapp` with memory limit set to 1000Mi, you can use the following in your pod annotations: ```yaml annotations: @@ -86,29 +82,31 @@ For example, for an app with app-id `nodeapp`, if you have set your memory limit dapr.io/env: "GOMEMLIMIT=900MiB" # 90% of your memory limit. Also notice the suffix "MiB" instead of "Mi" ``` -In this example, the soft limit has been set to be 90% as recommended in [garbage collector tips](https://tip.golang.org/doc/gc-guide#Memory_limit) where it is recommend to leave 5-10% for other services. +In this example, the soft limit has been set to be 90% to leave 5-10% for other services, [as recommended](https://tip.golang.org/doc/gc-guide#Memory_limit). -The `GOMEMLIMIT` environment variable [allows](https://pkg.go.dev/runtime) certain suffixes for the memory size: `B, KiB, MiB, GiB, and TiB.` +The `GOMEMLIMIT` environment variable [allows certain suffixes for the memory size: `B`, `KiB`, `MiB`, `GiB`, and `TiB`.](https://pkg.go.dev/runtime) -## Highly-available mode +## High availability mode -When deploying Dapr in a production-ready configuration, it is recommend to deploy with a highly available (HA) configuration of the control plane, which creates 3 replicas of each control plane pod in the dapr-system namespace. This configuration allows the Dapr control plane to retain 3 running instances and survive individual node failures and other outages. +When deploying Dapr in a production-ready configuration, it's best to deploy with a high availability (HA) configuration of the control plane. This creates three replicas of each control plane pod in the `dapr-system` namespace, allowing the Dapr control plane to retain three running instances and survive individual node failures and other outages. -For a new Dapr deployment, the HA mode can be set with both the [Dapr CLI]({{< ref "kubernetes-deploy.md#install-in-highly-available-mode" >}}) and with [Helm charts]({{< ref "kubernetes-deploy.md#add-and-install-dapr-helm-chart" >}}). +For a new Dapr deployment, HA mode can be set with both: +- The [Dapr CLI]({{< ref "kubernetes-deploy.md#install-in-highly-available-mode" >}}), and +- [Helm charts]({{< ref "kubernetes-deploy.md#add-and-install-dapr-helm-chart" >}}) -For an existing Dapr deployment, enabling the HA mode requires additional steps. Please refer to [this paragraph]({{< ref "#enabling-high-availability-in-an-existing-dapr-deployment" >}}) for more details. +For an existing Dapr deployment, [you can enable HA mode in a few extra steps]({{< ref "#enabling-high-availability-in-an-existing-dapr-deployment" >}}). -## Deploying Dapr with Helm +## Deploy Dapr with Helm [Visit the full guide on deploying Dapr with Helm]({{< ref "kubernetes-deploy.md#install-with-helm-advanced" >}}). ### Parameters file -Instead of specifying parameters on the command line, it's recommended to create a values file. This file should be checked into source control so that you can track its changes. +It's recommended to create a values file, instead of specifying parameters on the command. Check the values file into source control so that you can track its changes. -For a full list of all available options you can set in the values file (or by using the `--set` command-line option), see https://github.com/dapr/dapr/blob/master/charts/dapr/README.md. +[See a full list of available parameters and settings](https://github.com/dapr/dapr/blob/master/charts/dapr/README.md). -Instead of using either `helm install` or `helm upgrade` as shown below, you can also run `helm upgrade --install` - this will dynamically determine whether to install or upgrade. +The following command runs three replicas of each control plane service in the `dapr-system` namespace. ```bash # Add/update a official Dapr Helm repo. @@ -141,84 +139,85 @@ helm install dapr dapr/dapr \ kubectl get pods --namespace dapr-system ``` -This command will run 3 replicas of each control plane service in the dapr-system namespace. - {{% alert title="Note" color="primary" %}} -The Dapr Helm chart automatically deploys with affinity for nodes with the label `kubernetes.io/os=linux`. You can deploy the Dapr control plane to Windows nodes, but most users should not need to. For more information see [Deploying to a Hybrid Linux/Windows K8s Cluster]({{< ref "kubernetes-hybrid-clusters.md" >}}). - +The example above uses `helm install` and `helm upgrade`. You can also run `helm upgrade --install` to dynamically determine whether to install or upgrade. {{% /alert %}} -## Upgrading Dapr with Helm +The Dapr Helm chart automatically deploys with affinity for nodes with the label `kubernetes.io/os=linux`. You can deploy the Dapr control plane to Windows nodes. For more information, see [Deploying to a Hybrid Linux/Windows K8s Cluster]({{< ref "kubernetes-hybrid-clusters.md" >}}). -Dapr supports zero-downtime upgrades. The upgrade path includes the following steps: +## Upgrade Dapr with Helm -1. Upgrading a CLI version (optional but recommended) -2. Updating the Dapr control plane -3. Updating the data plane (Dapr sidecars) +Dapr supports zero-downtime upgrades in the following steps. -### Upgrading the CLI +### Upgrade the CLI (recommended) -To upgrade the Dapr CLI, [download the latest version](https://github.com/dapr/cli/releases) of the CLI and ensure it's in your path. +Upgrading the CLI is optional, but recommended. -### Upgrading the control plane +1. [Download the latest version](https://github.com/dapr/cli/releases) of the CLI. +1. Verify the Dapr CLI is in your path. -See [steps to upgrade Dapr on a Kubernetes cluster]({{< ref "kubernetes-upgrade.md#helm" >}}). +### Upgrade the control plane -### Updating the data plane (sidecars) +[Upgrade Dapr on a Kubernetes cluster]({{< ref "kubernetes-upgrade.md#helm" >}}). -The last step is to update pods that are running Dapr to pick up the new version of the Dapr runtime. -To do that, simply issue a rollout restart command for any deployment that has the `dapr.io/enabled` annotation: +### Update the data plane (sidecars) -```bash -kubectl rollout restart deploy/ -``` +Update pods that are running Dapr to pick up the new version of the Dapr runtime. -To see a list of all your Dapr enabled deployments, you can either use the [Dapr Dashboard](https://github.com/dapr/dashboard) or run the following command using the Dapr CLI: +1. Issue a rollout restart command for any deployment that has the `dapr.io/enabled` annotation: -```bash -dapr list -k + ```bash + kubectl rollout restart deploy/ + ``` -APP ID APP PORT AGE CREATED -nodeapp 3000 16h 2020-07-29 17:16.22 -``` +1. View a list of all your Dapr enabled deployments via either: + - The [Dapr Dashboard](https://github.com/dapr/dashboard) + - Running the following command using the Dapr CLI: + + ```bash + dapr list -k + + APP ID APP PORT AGE CREATED + nodeapp 3000 16h 2020-07-29 17:16.22 + ``` -### Enabling high-availability in an existing Dapr deployment +### Enable high availability in an existing Dapr deployment Enabling HA mode for an existing Dapr deployment requires two steps: -1. Delete the existing placement stateful set: +1. Delete the existing placement stateful set. ```bash kubectl delete statefulset.apps/dapr-placement-server -n dapr-system ``` -1. Issue the upgrade command: + You delete the placement stateful set because, in HA mode, the placement service adds [Raft](https://raft.github.io/) for leader election. However, Kubernetes only allows for limited fields in stateful sets to be patched, subsequently failing upgrade of the placement service. + + Deletion of the existing placement stateful set is safe. The agents reconnect and re-register with the newly created placement service, which persist its table in Raft. + +1. Issue the upgrade command. ```bash helm upgrade dapr ./charts/dapr -n dapr-system --set global.ha.enabled=true ``` -You delete the placement stateful set because, in the HA mode, the placement service adds [Raft](https://raft.github.io/) for leader election. However, Kubernetes only allows for limited fields in stateful sets to be patched, subsequently failing upgrade of the placement service. - -Deletion of the existing placement stateful set is safe. The agents will reconnect and re-register with the newly created placement service, which will persist its table in Raft. - ## Recommended security configuration -When properly configured, Dapr ensures secure communication. It can also make your application more secure with a number of built-in features. +When properly configured, Dapr ensures secure communication and can make your application more secure with a number of built-in features. -It is recommended that a production-ready deployment includes the following settings: +Verify your production-ready deployment includes the following settings: -1. **Mutual Authentication (mTLS)** should be enabled. Note that Dapr has mTLS on by default. For details on how to bring your own certificates, see [here]({{< ref "mtls.md#bringing-your-own-certificates" >}}) +1. **Mutual Authentication (mTLS)** is enabled. Dapr has mTLS on by default. [Learn more about how to bring your own certificates]({{< ref "mtls.md#bringing-your-own-certificates" >}}). -2. **App to Dapr API authentication** is enabled. This is the communication between your application and the Dapr sidecar. To secure the Dapr API from unauthorized application access, it is recommended to enable Dapr's token based auth. See [enable API token authentication in Dapr]({{< ref "api-token.md" >}}) for details +1. **App to Dapr API authentication** is enabled. This is the communication between your application and the Dapr sidecar. To secure the Dapr API from unauthorized application access, [enable Dapr's token-based authentication]({{< ref "api-token.md" >}}). -3. **Dapr to App API authentication** is enabled. This is the communication between Dapr and your application. This ensures that Dapr knows that it is communicating with an authorized application. See [Authenticate requests from Dapr using token authentication]({{< ref "app-api-token.md" >}}) for details +1. **Dapr to App API authentication** is enabled. This is the communication between Dapr and your application. [Let Dapr know that it is communicating with an authorized application using token authentication]({{< ref "app-api-token.md" >}}). -4. All component YAMLs should have **secret data configured in a secret store** and not hard-coded in the YAML file. See [here]({{< ref "component-secrets.md" >}}) on how to use secrets with Dapr components +1. **Component secret data is configured in a secret store** and not hard-coded in the component YAML file. [Learn how to use secrets with Dapr components]({{< ref "component-secrets.md" >}}). -5. The Dapr **control plane is installed on a dedicated namespace** such as `dapr-system`. +1. The Dapr **control plane is installed on a dedicated namespace**, such as `dapr-system`. -6. Dapr also supports **scoping components for certain applications**. This is not a required practice, and can be enabled according to your security needs. See [here]({{< ref "component-scopes.md" >}}) for more info. +1. Dapr supports and is enabled to **scope components for certain applications**. This is not a required practice. [Learn more about component scopes]({{< ref "component-scopes.md" >}}). ## Service account tokens @@ -226,47 +225,55 @@ By default, Kubernetes mounts a volume containing a [Service Account token](http When creating a new Pod (or a Deployment, StatefulSet, Job, etc), you can disable auto-mounting the Service Account token by setting `automountServiceAccountToken: false` in your pod's spec. -It is recommended that you consider deploying your apps with `automountServiceAccountToken: false` to improve the security posture of your pods, unless your apps depend on having a Service Account token. For example, you may need a Service Account token if: +It's recommended that you consider deploying your apps with `automountServiceAccountToken: false` to improve the security posture of your pods, unless your apps depend on having a Service Account token. For example, you may need a Service Account token if: -- You are using Dapr components that interact with the Kubernetes APIs, for example the [Kubernetes secret store]({{< ref "kubernetes-secret-store.md" >}}) or the [Kubernetes Events binding]{{< ref "kubernetes-binding.md" >}}). - Note that initializing Dapr components using [component secrets]({{< ref "component-secrets.md" >}}) stored as Kubernetes secrets does **not** require a Service Account token, so you can still set `automountServiceAccountToken: false` in this case. Only calling the Kubernetes secret store at runtime, using the [Secrets management]({{< ref "secrets-overview.md" >}}) building block, is impacted. -- Your own application needs to interact with the Kubernetes APIs. +- Your application needs to interact with the Kubernetes APIs. +- You are using Dapr components that interact with the Kubernetes APIs; for example, the [Kubernetes secret store]({{< ref "kubernetes-secret-store.md" >}}) or the [Kubernetes Events binding]({{< ref "kubernetes-binding.md" >}}). -Because of the reasons above, Dapr does not set `automountServiceAccountToken: false` automatically for you. However, in all situations where the Service Account is not required by your solution, it is recommended that you set this option in the pods spec. +Thus, Dapr does not set `automountServiceAccountToken: false` automatically for you. However, in all situations where the Service Account is not required by your solution, it's recommended that you set this option in the pods spec. + +{{% alert title="Note" color="primary" %}} +Initializing Dapr components using [component secrets]({{< ref "component-secrets.md" >}}) stored as Kubernetes secrets does **not** require a Service Account token, so you can still set `automountServiceAccountToken: false` in this case. Only calling the Kubernetes secret store at runtime, using the [Secrets management]({{< ref "secrets-overview.md" >}}) building block, is impacted. +{{% /alert %}} ## Tracing and metrics configuration -Dapr has tracing and metrics enabled by default. It is *recommended* that you set up distributed tracing and metrics for your applications and the Dapr control plane in production. +Tracing and metrics are enabled in Dapr by default. It's recommended that you set up distributed tracing and metrics for your applications and the Dapr control plane in production. -If you already have your own observability set-up, you can disable tracing and metrics for Dapr. +If you already have your own observability setup, you can disable tracing and metrics for Dapr. ### Tracing -To configure a tracing backend for Dapr visit [this]({{< ref "setup-tracing.md" >}}) link. +[Configure a tracing backend for Dapr]({{< ref "setup-tracing.md" >}}). ### Metrics -For metrics, Dapr exposes a Prometheus endpoint listening on port 9090 which can be scraped by Prometheus. +For metrics, Dapr exposes a Prometheus endpoint listening on port 9090, which can be scraped by Prometheus. -To setup Prometheus, Grafana and other monitoring tools with Dapr, visit [this]({{< ref "observability" >}}) link. +[Set up Prometheus, Grafana, and other monitoring tools with Dapr]({{< ref "observability" >}}). ## Injector watchdog -The Dapr Operator service includes an _injector watchdog_ which can be used to detect and remediate situations where your application's pods may be deployed without the Dapr sidecar (the `daprd` container) when they should have been. For example, it can assist with recovering the applications after a total cluster failure. +The Dapr Operator service includes an **injector watchdog**, which can be used to detect and remediate situations where your application's pods may be deployed without the Dapr sidecar (the `daprd` container). For example, it can assist with recovering the applications after a total cluster failure. -The injector watchdog is disabled by default when running Dapr in Kubernetes mode and it is recommended that you consider enabling it with values that are appropriate for your specific situation. +The injector watchdog is disabled by default when running Dapr in Kubernetes mode. However, you should consider enabling it with the appropriate values for your specific situation. -Refer to the documentation for the [Dapr operator]({{< ref operator >}}) service for more details on the injector watchdog and how to enable it. +Refer to the [Dapr operator service documentation]({{< ref operator >}}) for more details on the injector watchdog and how to enable it. -## Configuring seccompProfile for sidecar containers +## Configure `seccompProfile` for sidecar containers -By default, the Dapr sidecar Injector injects a sidecar without any `seccompProfile`. However, to have Dapr sidecar container run successfully in a namespace with [Restricted](https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted) profile, the sidecar container needs to have `securityContext.seccompProfile.Type` to not be `nil`. +By default, the Dapr sidecar injector injects a sidecar without any `seccompProfile`. However, for the Dapr sidecar container to run successfully in a namespace with the [Restricted](https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted) profile, the sidecar container needs `securityContext.seccompProfile.Type` to not be `nil`. -Refer to [this]({{< ref "arguments-annotations-overview.md" >}}) documentation to set appropriate `seccompProfile` on sidecar container according to which profile it is running with. +Refer to [the Arguments and Annotations overview]({{< ref "arguments-annotations-overview.md" >}}) to set the appropriate `seccompProfile` on the sidecar container. ## Best Practices -Watch this video for a deep dive into the best practices for running Dapr in production with Kubernetes +Watch this video for a deep dive into the best practices for running Dapr in production with Kubernetes.
+ +## Related links + +- [Deploy Dapr on Kubernetes]({{< ref kubernetes-deploy.md >}}) +- [Upgrade Dapr on Kubernetes]({{< ref kubernetes-upgrade.md >}}) \ No newline at end of file diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md index e9bbb0c13a9..d6b6c882b06 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md @@ -6,34 +6,38 @@ weight: 30000 description: "Follow these steps to upgrade Dapr on Kubernetes and ensure a smooth upgrade." --- -## Prerequisites - -- [Dapr CLI]({{< ref install-dapr-cli.md >}}) -- [Helm 3](https://github.com/helm/helm/releases) (if using Helm) - ## Upgrade existing cluster to {{% dapr-latest-version long="true" %}} -There are two ways to upgrade the Dapr control plane on a Kubernetes cluster using either the Dapr CLI or Helm. + +You can upgrade the Dapr control plane on a Kubernetes cluster using either the Dapr CLI or Helm. {{% alert title="Note" color="primary" %}} -Refer to the [Dapr version policy]({{< ref "support-release-policy.md#upgrade-paths" >}}) for guidance on which versions of Dapr can be upgraded to which versions. +Refer to the [Dapr version policy]({{< ref "support-release-policy.md#upgrade-paths" >}}) for guidance on Dapr's upgrade path. {{% /alert %}} -### Dapr CLI +{{< tabs "Dapr CLI" "Helm" >}} + +{{% codetab %}} + +### Prerequisites -The example below shows how to upgrade to version {{% dapr-latest-version long="true" %}}: +- [Install the Dapr CLI]({{< ref install-dapr-cli.md >}}) +- An existing [Kubernetes cluster running with Dapr]({{< ref cluster >}}) - ```bash - dapr upgrade -k --runtime-version={{% dapr-latest-version long="true" %}} - ``` +### Upgrade using the Dapr CLI + +Upgrade your existing cluster to version {{% dapr-latest-version long="true" %}}: + +```bash +dapr upgrade -k --runtime-version={{% dapr-latest-version long="true" %}} +``` -You can provide all the available Helm chart configurations using the Dapr CLI. -See [here](https://github.com/dapr/cli#supplying-helm-values) for more info. +[You can provide all the available Helm chart configurations using the Dapr CLI.](https://github.com/dapr/cli#supplying-helm-values) -#### Troubleshooting upgrade using the CLI +### Troubleshoot upgrading via the CLI There is a known issue running upgrades on clusters that may have previously had a version prior to 1.0.0-rc.2 installed on a cluster. -Most users should not encounter this issue, but there are a few upgrade path edge cases that may leave an incompatible CustomResourceDefinition installed on your cluster. The error message for this case looks like this: +While this issue is uncommon, a few upgrade path edge cases may leave an incompatible `CustomResourceDefinition` installed on your cluster. If this is your scenario, you may see an error message like the following: ``` ❌ Failed to upgrade Dapr: Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply @@ -41,25 +45,33 @@ The CustomResourceDefinition "configurations.dapr.io" is invalid: spec.preserveU ``` -To resolve this issue please run the follow command to upgrade the CustomResourceDefinition to a compatible version: +#### Solution -``` -kubectl replace -f https://raw.githubusercontent.com/dapr/dapr/5a15b3e0f093d2d0938b12f144c7047474a290fe/charts/dapr/crds/configuration.yaml -``` +1. Run the following command to upgrade the `CustomResourceDefinition` to a compatible version: + + ```sh + kubectl replace -f https://raw.githubusercontent.com/dapr/dapr/5a15b3e0f093d2d0938b12f144c7047474a290fe/charts/dapr/crds/configuration.yaml + ``` -Then proceed with the `dapr upgrade --runtime-version {{% dapr-latest-version long="true" %}} -k` command as above. +1. Proceed with the `dapr upgrade --runtime-version {{% dapr-latest-version long="true" %}} -k` command. -### Helm +{{% /codetab %}} -From version 1.0.0 onwards, upgrading Dapr using Helm is no longer a disruptive action since existing certificate values will automatically be re-used. + +{{% codetab %}} -1. Upgrade Dapr from 1.0.0 (or newer) to any [NEW VERSION] > 1.0.0: +### Prerequisites - *Helm does not handle upgrading CRDs, so you need to perform that manually. CRDs are backward-compatible and should only be installed forward.* +- [Install Helm v3](https://github.com/helm/helm/releases) +- An existing [Kubernetes cluster running with Dapr]({{< ref cluster >}}) - >Note: The Dapr version is included in the commands below. +### Upgrade using Helm - For version {{% dapr-latest-version long="true" %}}: +As of version 1.0.0 onwards, existing certificate values will automatically be reused when upgrading Dapr using Helm. + +> **Note** Helm does not handle upgrading CRDs, so you need to perform that manually. CRDs are backward-compatible and should only be installed forward. + +1. Upgrade Dapr to version {{% dapr-latest-version long="true" %}}: ```bash kubectl replace -f https://raw.githubusercontent.com/dapr/dapr/v{{% dapr-latest-version long="true" %}}/charts/dapr/crds/components.yaml @@ -76,9 +88,9 @@ From version 1.0.0 onwards, upgrading Dapr using Helm is no longer a disruptive ```bash helm upgrade dapr dapr/dapr --version {{% dapr-latest-version long="true" %}} --namespace dapr-system --wait ``` - *If you're using a values file, remember to add the `--values` option when running the upgrade command.* + > If you're using a values file, remember to add the `--values` option when running the upgrade command.* -2. Ensure all pods are running: +1. Ensure all pods are running: ```bash kubectl get pods -n dapr-system -w @@ -91,20 +103,23 @@ From version 1.0.0 onwards, upgrading Dapr using Helm is no longer a disruptive dapr-sidecar-injector-68f868668f-6xnbt 1/1 Running 0 41s ``` -3. Restart your application deployments to update the Dapr runtime: +1. Restart your application deployments to update the Dapr runtime: ```bash kubectl rollout restart deploy/ ``` -4. All done! +{{% /codetab %}} + +{{< /tabs >}} -#### Upgrading existing Dapr to enable high availability mode -Enabling HA mode in an existing Dapr deployment requires additional steps. Please refer to [this paragraph]({{< ref "kubernetes-production.md#enabling-high-availability-in-an-existing-dapr-deployment" >}}) for more details. +## Upgrade existing Dapr deployment to enable high availability mode +[Enable high availability mode in an existing Dapr deployment with a few additional steps.]({{< ref "kubernetes-production.md#enabling-high-availability-in-an-existing-dapr-deployment" >}}) -## Next steps +## Related links - [Dapr on Kubernetes]({{< ref kubernetes-overview.md >}}) -- [Dapr production guidelines]({{< ref kubernetes-production.md >}}) +- [More on upgrading Dapr with Helm]({{< ref "kubernetes-production.md#upgrade-dapr-with-helm" >}}) +- [Dapr production guidelines]({{< ref kubernetes-production.md >}}) \ No newline at end of file diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-volume-mounts.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-volume-mounts.md index bb41bfda205..00ee915dda2 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-volume-mounts.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-volume-mounts.md @@ -6,8 +6,6 @@ weight: 80000 description: "Configure the Dapr sidecar to mount Pod Volumes" --- -## Introduction - The Dapr sidecar can be configured to mount any Kubernetes Volume attached to the application Pod. These Volumes can be accessed by the `daprd` (sidecar) container in _read-only_ or _read-write_ modes. If a Volume is configured to be mounted but it does not exist in the Pod, Dapr logs a warning and ignores it. For more information on different types of Volumes, check the [Kubernetes documentation](https://kubernetes.io/docs/concepts/storage/volumes/). @@ -16,21 +14,30 @@ For more information on different types of Volumes, check the [Kubernetes docume You can set the following annotations in your deployment YAML: -1. **dapr.io/volume-mounts**: for read-only volume mounts -1. **dapr.io/volume-mounts-rw**: for read-write volume mounts +| Annotation | Description | +| ---------- | ----------- | +| `dapr.io/volume-mounts` | For read-only volume mounts | +| `dapr.io/volume-mounts-rw` | For read-write volume mounts | -These annotations are comma separated pairs of `volume-name:path/in/container`. Make sure that the corresponding Volumes exist in the Pod spec. +These annotations are comma separated pairs of `volume-name:path/in/container`. Verify the corresponding Volumes exist in the Pod spec. Within the official container images, Dapr runs as a process with user ID (UID) `65532`. Make sure that folders and files inside the mounted Volume are writable or readable by user `65532` as appropriate. -Although you can mount a Volume in any folder within the Dapr sidecar container, prevent conflicts and ensure smooth operations going forward by placing all mountpoints within one of these two locations, or in a subfolder within them: +Although you can mount a Volume in any folder within the Dapr sidecar container, prevent conflicts and ensure smooth operations going forward by placing all mountpoints within one of the following locations, or in a subfolder within them: + +| Location | Description | +| -------- | ----------- | +| `/mnt` | Recommended for Volumes containing persistent data that the Dapr sidecar process can read and/or write. | +| `/tmp` | Recommended for Volumes containing temporary data, such as scratch disks. | -- `/mnt` is recommended for Volumes containing persistent data that the Dapr sidecar process can read and/or write. -- `/tmp` is recommended for Volumes containing temporary data, such as scratch disks. +## Examples -### Example +### Basic deployment resource example -In the example Deployment resource below, `my-volume1` and `my-volume2` are available inside the sidecar container at `/mnt/sample1` and `/mnt/sample2` respectively, in read-only mode. `my-volume3` is available inside the sidecar container at `/tmp/sample3` in read-write mode. +In the example Deployment resource below: +- `my-volume1` is available inside the sidecar container at `/mnt/sample1` in read-only mode +- `my-volume2` is available inside the sidecar container at `/mnt/sample2` in read-only mode +- `my-volume3` is available inside the sidecar container at `/tmp/sample3` in read-write mode ```yaml apiVersion: apps/v1 @@ -68,59 +75,57 @@ spec: ... ``` -## Examples - ### Custom secrets storage using local file secret store Since any type of Kubernetes Volume can be attached to the sidecar, you can use the local file secret store to read secrets from a variety of places. For example, if you have a Network File Share (NFS) server running at `10.201.202.203`, with secrets stored at `/secrets/stage/secrets.json`, you can use that as a secrets storage. 1. Configure the application pod to mount the NFS and attach it to the Dapr sidecar. - ```yaml - apiVersion: apps/v1 - kind: Deployment - metadata: - name: myapp - ... - spec: - ... - template: - ... - annotations: - dapr.io/enabled: "true" - dapr.io/app-id: "myapp" - dapr.io/app-port: "8000" - dapr.io/volume-mounts: "nfs-secrets-vol:/mnt/secrets" - spec: - volumes: - - name: nfs-secrets-vol - nfs: - server: 10.201.202.203 - path: /secrets/stage - ... - ``` - -2. Point the local file secret store component to the attached file. - - ```yaml - apiVersion: dapr.io/v1alpha1 - kind: Component - metadata: - name: local-secret-store - spec: - type: secretstores.local.file - version: v1 - metadata: - - name: secretsFile - value: /mnt/secrets/secrets.json - ``` + ```yaml + apiVersion: apps/v1 + kind: Deployment + metadata: + name: myapp + ... + spec: + ... + template: + ... + annotations: + dapr.io/enabled: "true" + dapr.io/app-id: "myapp" + dapr.io/app-port: "8000" + dapr.io/volume-mounts: "nfs-secrets-vol:/mnt/secrets" + spec: + volumes: + - name: nfs-secrets-vol + nfs: + server: 10.201.202.203 + path: /secrets/stage + ... + ``` + +1. Point the local file secret store component to the attached file. + + ```yaml + apiVersion: dapr.io/v1alpha1 + kind: Component + metadata: + name: local-secret-store + spec: + type: secretstores.local.file + version: v1 + metadata: + - name: secretsFile + value: /mnt/secrets/secrets.json + ``` -3. Use the secrets. +1. Use the secrets. - ``` - GET http://localhost:/v1.0/secrets/local-secret-store/my-secret - ``` + ``` + GET http://localhost:/v1.0/secrets/local-secret-store/my-secret + ``` ## Related links -- [Dapr Kubernetes pod annotations spec]({{< ref arguments-annotations-overview.md >}}) +[Dapr Kubernetes pod annotations spec]({{< ref arguments-annotations-overview.md >}}) From dd503c15dd26176886244175c2e63ec505d2804c Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Wed, 23 Aug 2023 17:00:40 -0400 Subject: [PATCH 05/18] fix link Signed-off-by: Hannah Hunter --- .../en/operations/hosting/kubernetes/cluster/setup-aks.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md index 5ff72a3e58d..7858625b47d 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md @@ -53,4 +53,4 @@ This guide walks you through installing an Azure Kubernetes Service (AKS) cluste - Learn more about [the Dapr extension for AKS]({{< ref azure-kubernetes-service-extension >}}) - [Install the Dapr extension for AKS](https://learn.microsoft.com/azure/aks/dapr) - [Configure the Dapr extension for AKS](https://learn.microsoft.com/azure/aks/dapr-settings) - - [Deploy and run workflows with the Dapr extension for AKS](https://learn.microsoft.com/en-us/azure/aks/dapr-workflow) + - [Deploy and run workflows with the Dapr extension for AKS](https://learn.microsoft.com/azure/aks/dapr-workflow) From b9b8ac4fe908ca577d9a8c4fcd61a8d633051cd4 Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Wed, 23 Aug 2023 17:59:23 -0400 Subject: [PATCH 06/18] add dapr cli mariner Signed-off-by: Hannah Hunter --- .../hosting/kubernetes/kubernetes-deploy.md | 41 ++++++++++++++----- 1 file changed, 30 insertions(+), 11 deletions(-) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md index 7f972885286..51d70260413 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md @@ -221,6 +221,21 @@ dapr-sidecar-injector-8555576b6f-29cqm 1/1 Running 0 40s dapr-sentry-9435776c7f-8f7yd 1/1 Running 0 40s ``` +### Uninstall Dapr on Kubernetes + +```bash +helm uninstall dapr --namespace dapr-system +``` + +### More information + +- Read [the Kubernetes productions guidelines]({{< ref kubernetes-production.md >}}) for recommended Helm chart values for production setups +- [More details on Dapr Helm charts](https://github.com/dapr/dapr/blob/master/charts/dapr/README.md) + +{{% /codetab %}} + +{{< /tabs >}} + ### Use Mariner-based images The default container images pulled on Kubernetes are based on [*distroless*](https://github.com/GoogleContainerTools/distroless). @@ -229,6 +244,21 @@ Alternatively, you can use Dapr container images based on Mariner 2 (minimal dis To use Mariner-based images for Dapr, you need to add `-mariner` to your Docker tags. For example, while `ghcr.io/dapr/dapr:latest` is the Docker image based on *distroless*, `ghcr.io/dapr/dapr:latest-mariner` is based on Mariner. Tags pinned to a specific version are also available, such as `{{% dapr-latest-version short="true" %}}-mariner`. +{{< tabs "Dapr CLI" "Helm" >}} + +{{% codetab %}} + +In the Dapr CLI, you can switch to using Mariner-based images with the `--image-variant` flag. + +```sh +dapr init --image-variant mariner +``` + +{{% /codetab %}} + + +{{% codetab %}} + With Kubernetes and Helm, you can use Mariner-based images by setting the `global.tag` option and adding `-mariner`. For example: ```sh @@ -240,17 +270,6 @@ helm upgrade --install dapr dapr/dapr \ --wait ``` -### Uninstall Dapr on Kubernetes - -```bash -helm uninstall dapr --namespace dapr-system -``` - -### More information - -- Read [the Kubernetes productions guidelines]({{< ref kubernetes-production.md >}}) for recommended Helm chart values for production setups -- [More details on Dapr Helm charts](https://github.com/dapr/dapr/blob/master/charts/dapr/README.md) - {{% /codetab %}} {{< /tabs >}} From aaa2f246b53c6d9832661896e018d9d33f3e4211 Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Thu, 24 Aug 2023 10:18:44 -0400 Subject: [PATCH 07/18] consistency check Signed-off-by: Hannah Hunter --- .../en/operations/configuration/configuration-overview.md | 4 ++-- .../en/operations/hosting/kubernetes/kubernetes-overview.md | 4 +--- .../operations/hosting/self-hosted/self-hosted-with-docker.md | 2 +- .../operations/hosting/self-hosted/self-hosted-with-podman.md | 2 +- .../en/reference/resource-specs/configuration-schema.md | 4 ++-- 5 files changed, 7 insertions(+), 9 deletions(-) diff --git a/daprdocs/content/en/operations/configuration/configuration-overview.md b/daprdocs/content/en/operations/configuration/configuration-overview.md index 1f04714d7ba..0b7d49543fe 100644 --- a/daprdocs/content/en/operations/configuration/configuration-overview.md +++ b/daprdocs/content/en/operations/configuration/configuration-overview.md @@ -269,11 +269,11 @@ spec: action: allow ``` -## Control-plane configuration +## Control plane configuration There is a single configuration file called `daprsystem` installed with the Dapr control plane system services that applies global settings. This is only set up when Dapr is deployed to Kubernetes. -### Control-plane configuration settings +### Control plane configuration settings A Dapr control plane configuration contains the following sections: diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md index d6e1215784a..7ad299dbe94 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-overview.md @@ -6,8 +6,6 @@ weight: 10000 description: "Overview of how to get Dapr running on your Kubernetes cluster" --- -## Dapr on Kubernetes - Dapr can be configured to run on any supported versions of Kubernetes. To achieve this, Dapr begins by deploying the following Kubernetes services, which provide first-class integration to make running applications with Dapr easy. | Kubernetes services | Description | @@ -47,7 +45,7 @@ For more information, check [Dapr annotations]({{< ref arguments-annotations-ove Dapr works seamlessly with any user application container image, regardless of its origin. Simply [initialize Dapr]({{< ref install-dapr-selfhost.md >}}) and add the [Dapr annotations]({{< ref arguments-annotations-overview.md >}}) to your Kubernetes definition to add the Dapr sidecar. -The Dapr control-plane and sidecar images come from the [daprio Docker Hub](https://hub.docker.com/u/daprio) container registry, which is a public registry. +The Dapr control plane and sidecar images come from the [daprio Docker Hub](https://hub.docker.com/u/daprio) container registry, which is a public registry. For information about: - Pulling your application images from a private registry, reference the [official Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). diff --git a/daprdocs/content/en/operations/hosting/self-hosted/self-hosted-with-docker.md b/daprdocs/content/en/operations/hosting/self-hosted/self-hosted-with-docker.md index 3211ac08c13..3e7c090cbfd 100644 --- a/daprdocs/content/en/operations/hosting/self-hosted/self-hosted-with-docker.md +++ b/daprdocs/content/en/operations/hosting/self-hosted/self-hosted-with-docker.md @@ -16,7 +16,7 @@ This article provides guidance on running Dapr with Docker on a Windows/Linux/ma ## Initialize Dapr environment -To initialize the Dapr control-plane containers and create a default configuration file, run: +To initialize the Dapr control plane containers and create a default configuration file, run: ```bash dapr init diff --git a/daprdocs/content/en/operations/hosting/self-hosted/self-hosted-with-podman.md b/daprdocs/content/en/operations/hosting/self-hosted/self-hosted-with-podman.md index fda567276bf..bbb1184e878 100644 --- a/daprdocs/content/en/operations/hosting/self-hosted/self-hosted-with-podman.md +++ b/daprdocs/content/en/operations/hosting/self-hosted/self-hosted-with-podman.md @@ -15,7 +15,7 @@ This article provides guidance on running Dapr with Podman on a Windows/Linux/ma ## Initialize Dapr environment -To initialize the Dapr control-plane containers and create a default configuration file, run: +To initialize the Dapr control plane containers and create a default configuration file, run: ```bash dapr init --container-runtime podman diff --git a/daprdocs/content/en/reference/resource-specs/configuration-schema.md b/daprdocs/content/en/reference/resource-specs/configuration-schema.md index 16be2da2b1e..0af3c65f49a 100644 --- a/daprdocs/content/en/reference/resource-specs/configuration-schema.md +++ b/daprdocs/content/en/reference/resource-specs/configuration-schema.md @@ -6,7 +6,7 @@ description: "The basic spec for a Dapr Configuration resource" weight: 5000 --- -The `Configuration` is a Dapr resource that is used to configure the Dapr sidecar, control-plane, and others. +The `Configuration` is a Dapr resource that is used to configure the Dapr sidecar, control plane, and others. ## Sidecar format @@ -76,7 +76,7 @@ spec: | tracing | N | Turns on tracing for an application. | [Learn more about the `tracing` configuration.]({{< ref "configuration-overview.md#tracing" >}}) | -## Control-plane format +## Control plane format The `daprsystem` configuration file installed with Dapr applies global settings and is only set up when Dapr is deployed to Kubernetes. From 647dbbac2195177acfe2d31f4e80fd4a208178cd Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Thu, 24 Aug 2023 13:14:29 -0400 Subject: [PATCH 08/18] nits Signed-off-by: Hannah Hunter --- .../kubernetes/cluster/setup-minikube.md | 18 ++++++++---------- .../hosting/kubernetes/kubernetes-deploy.md | 4 ++-- .../kubernetes/kubernetes-hybrid-clusters.md | 6 +++--- .../hosting/kubernetes/kubernetes-upgrade.md | 16 ++++++++++------ .../en/operations/observability/_index.md | 2 +- 5 files changed, 24 insertions(+), 22 deletions(-) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md index 78835d5c400..75091a43fec 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md @@ -13,11 +13,14 @@ description: > - [Docker](https://docs.docker.com/install/) - [kubectl](https://kubernetes.io/docs/tasks/tools/) - [Minikube](https://minikube.sigs.k8s.io/docs/start/) -- - For Windows: - Enable Virtualization in BIOS - [Install Hyper-V](https://docs.microsoft.com/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v) +{{% alert title="Note" color="primary" %}} +See [the official Minikube documentation on drivers](https://minikube.sigs.k8s.io/docs/reference/drivers/) for details on supported drivers and how to install plugins. +{{% /alert %}} + ## Start the Minikube cluster 1. If applicable for your project, set the default VM. @@ -26,16 +29,11 @@ description: > minikube config set vm-driver [driver_name] ``` -{{% alert title="Note" color="warning" %}} -See [the official Minikube documentation on drivers](https://minikube.sigs.k8s.io/docs/reference/drivers/) for details on supported drivers and how to install plugins. -{{% /alert %}} - -1. Start the cluster. - - If necessary, specify version 1.13.x or newer of Kubernetes with `--kubernetes-version` +1. Start the cluster. If necessary, specify version 1.13.x or newer of Kubernetes with `--kubernetes-version` - ```bash - minikube start --cpus=4 --memory=4096 - ``` + ```bash + minikube start --cpus=4 --memory=4096 + ``` 1. Enable the Minikube dashboard and ingress add-ons. diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md index 51d70260413..e031533d88f 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md @@ -131,9 +131,9 @@ dapr uninstall -k {{% codetab %}} -## Install with Helm (advanced) +## Install with Helm -You can install Dapr on Kubernetes using a Helm 3 chart. +You can install Dapr on Kubernetes using a Helm v3 chart. ❗**Important:** The latest Dapr Helm chart no longer supports Helm v2. [Migrate from Helm v2 to Helm v3](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/). diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-hybrid-clusters.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-hybrid-clusters.md index 3cc10ae6c44..b76d682fa0f 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-hybrid-clusters.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-hybrid-clusters.md @@ -6,9 +6,9 @@ weight: 60000 description: "How to run Dapr apps on Kubernetes clusters with Windows nodes" --- -Dapr supports running your Dapr microservices on Kubernetes clusters on: -- Excusively Windows -- Exclusively Linux +Dapr supports running your microservices on Kubernetes clusters on: +- Windows +- Linux - A combination of both This is especially helpful during a piecemeal migration of a legacy application into a Dapr Kubernetes cluster. diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md index d6b6c882b06..b4335a30daf 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md @@ -6,8 +6,6 @@ weight: 30000 description: "Follow these steps to upgrade Dapr on Kubernetes and ensure a smooth upgrade." --- -## Upgrade existing cluster to {{% dapr-latest-version long="true" %}} - You can upgrade the Dapr control plane on a Kubernetes cluster using either the Dapr CLI or Helm. {{% alert title="Note" color="primary" %}} @@ -17,15 +15,16 @@ Refer to the [Dapr version policy]({{< ref "support-release-policy.md#upgrade-pa {{< tabs "Dapr CLI" "Helm" >}} {{% codetab %}} +## Upgrade using the Dapr CLI + +You can upgrade Dapr using the [Dapr CLI]({{< ref install-dapr-cli.md >}}). ### Prerequisites - [Install the Dapr CLI]({{< ref install-dapr-cli.md >}}) - An existing [Kubernetes cluster running with Dapr]({{< ref cluster >}}) -### Upgrade using the Dapr CLI - -Upgrade your existing cluster to version {{% dapr-latest-version long="true" %}}: +### Upgrade existing cluster to {{% dapr-latest-version long="true" %}} ```bash dapr upgrade -k --runtime-version={{% dapr-latest-version long="true" %}} @@ -59,13 +58,18 @@ The CustomResourceDefinition "configurations.dapr.io" is invalid: spec.preserveU {{% codetab %}} +## Upgrade using Helm + +You can upgrade Dapr using a Helm v3 chart. + +❗**Important:** The latest Dapr Helm chart no longer supports Helm v2. [Migrate from Helm v2 to Helm v3](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/). ### Prerequisites - [Install Helm v3](https://github.com/helm/helm/releases) - An existing [Kubernetes cluster running with Dapr]({{< ref cluster >}}) -### Upgrade using Helm +### Upgrade existing cluster to {{% dapr-latest-version long="true" %}} As of version 1.0.0 onwards, existing certificate values will automatically be reused when upgrading Dapr using Helm. diff --git a/daprdocs/content/en/operations/observability/_index.md b/daprdocs/content/en/operations/observability/_index.md index 26d1771d702..02d9cc17f39 100644 --- a/daprdocs/content/en/operations/observability/_index.md +++ b/daprdocs/content/en/operations/observability/_index.md @@ -7,7 +7,7 @@ description: See and measure the message calls to components and between network --- {{% alert title="More about Dapr Observability" color="primary" %}} - Learn more about how to use Dapr Observability Lock: + Learn more about how to use Dapr Observability: - Explore observability via any of the supporting [Dapr SDKs]({{< ref sdks >}}). - Review the [Observability API reference documentation]({{< ref health_api.md >}}). - Read the [general overview of the observability concept]({{< ref observability-concept >}}) in Dapr. From f80dbd416c7462d8a8002d0c08027f2d634a0420 Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Mon, 28 Aug 2023 09:38:49 -0400 Subject: [PATCH 09/18] mark review Signed-off-by: Hannah Hunter --- .../tracing/otel-collector/open-telemetry-collector.md | 6 +++--- .../en/operations/observability/tracing/tracing-overview.md | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md b/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md index 10c57ef3ef1..c1d5e4fdabc 100644 --- a/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md +++ b/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md @@ -6,9 +6,9 @@ weight: 900 description: "How to use Dapr to push trace events through the OpenTelemetry Collector." --- -Dapr directly writes traces using the OpenTelemetry (OTEL) protocol as the **recommended** method. For observability tools that support OTEL protocol, you don't need to use the OpenTelemetry Collector. +Dapr directly writes traces using the OpenTelemetry (OTEL) protocol as the **recommended** method. Run the Open Telemetry Collector on your hosting platform to send OTEL events to the observability tool that supports OTEL protocol. -Dapr can also write traces using the Zipkin protocol. Previous to supporting the OTEL protocol, you could combine the Zipkin protocol with the [OpenTelemetry Collector](https://github.com/open-telemetry/opentelemetry-collector) to send traces to observability tools such as AWS X-Ray, Google Cloud Operations Suite, and Azure App Insights. This approach remains for reference purposes only. +Dapr can also write traces using the Zipkin protocol. Previous to supporting the OTEL protocol, you use the Zipkin protocol with the [OpenTelemetry Collector](https://github.com/open-telemetry/opentelemetry-collector) to send traces to observability tools such as AWS X-Ray, Google Cloud Operations Suite, and Azure Monitor. Both protocol approaches are valid, however OTEL is the recommended choice. ![Using OpenTelemetry Collect to integrate with many backend](/images/open-telemetry-collector.png) @@ -33,7 +33,7 @@ Dapr can also write traces using the Zipkin protocol. Previous to supporting the kubectl apply -f open-telemetry-collector-generic.yaml ``` -## Set up Dapr to send trace to OTEL Collector +## Set up Dapr to send traces to OTEL Collector Set up a Dapr configuration file to turn on tracing and deploy a tracing exporter component that uses the OpenTelemetry Collector. diff --git a/daprdocs/content/en/operations/observability/tracing/tracing-overview.md b/daprdocs/content/en/operations/observability/tracing/tracing-overview.md index 2375eea340c..603e5d12173 100644 --- a/daprdocs/content/en/operations/observability/tracing/tracing-overview.md +++ b/daprdocs/content/en/operations/observability/tracing/tracing-overview.md @@ -10,6 +10,7 @@ Dapr uses the Open Telemetry (OTEL) and Zipkin protocols for distributed traces. Most observability tools support OTEL, including: - [Google Cloud Operations](https://cloud.google.com/products/operations) +- [AWS X-ray](https://aws.amazon.com/xray/) - [New Relic](https://newrelic.com) - [Azure Monitor](https://azure.microsoft.com/services/monitor/) - [Datadog](https://www.datadoghq.com) From cdcee356bc2d49805eb28ce5d0a819d2c59ec7dd Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Tue, 5 Sep 2023 09:48:28 -0400 Subject: [PATCH 10/18] updates per Mukundan Signed-off-by: Hannah Hunter --- .../en/operations/hosting/kubernetes/cluster/setup-aks.md | 4 ++-- .../en/operations/hosting/kubernetes/cluster/setup-gke.md | 4 ++-- .../en/operations/hosting/kubernetes/cluster/setup-kind.md | 2 +- .../operations/hosting/kubernetes/cluster/setup-minikube.md | 4 ++-- .../en/operations/hosting/kubernetes/kubernetes-deploy.md | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md index 7858625b47d..33f08f092f7 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md @@ -1,10 +1,10 @@ --- type: docs -title: "Setup an Azure Kubernetes Service (AKS) cluster" +title: "Set up an Azure Kubernetes Service (AKS) cluster" linkTitle: "Azure Kubernetes Service (AKS)" weight: 2000 description: > - How to setup Dapr on an Azure Kubernetes Cluster + Learn how to set up an Azure Kubernetes Cluster --- This guide walks you through installing an Azure Kubernetes Service (AKS) cluster. If you need more information, refer to [Quickstart: Deploy an AKS cluster using the Azure CLI](https://docs.microsoft.com/azure/aks/kubernetes-walkthrough) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-gke.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-gke.md index 3f00997dbd4..8fb20880dc8 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-gke.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-gke.md @@ -1,9 +1,9 @@ --- type: docs -title: "Setup a Google Kubernetes Engine (GKE) cluster" +title: "Set up a Google Kubernetes Engine (GKE) cluster" linkTitle: "Google Kubernetes Engine (GKE)" weight: 3000 -description: "Setup a Google Kubernetes Engine cluster" +description: "Set up a Google Kubernetes Engine cluster" --- ### Prerequisites diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-kind.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-kind.md index da463c3fb9e..00d34d93ac8 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-kind.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-kind.md @@ -4,7 +4,7 @@ title: "Set up a KiND cluster" linkTitle: "KiND" weight: 1100 description: > - How to set up Dapr on a KiND cluster + How to set up a KiND cluster --- ## Prerequisites diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md index 75091a43fec..78f4c0786a0 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-minikube.md @@ -1,10 +1,10 @@ --- type: docs -title: "Setup an Minikube cluster" +title: "Set up a Minikube cluster" linkTitle: "Minikube" weight: 1000 description: > - How to setup Dapr on a Minikube cluster + How to setup a Minikube cluster --- ## Prerequisites diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md index e031533d88f..bdc60e48928 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-deploy.md @@ -19,7 +19,7 @@ Both the Dapr CLI and the Dapr Helm chart automatically deploy with affinity for {{% codetab %}} ## Install with Dapr CLI -You can install Dapr to a Kubernetes cluster using the [Dapr CLI]({{< ref install-dapr-cli.md >}}). +You can install Dapr on a Kubernetes cluster using the [Dapr CLI]({{< ref install-dapr-cli.md >}}). ### Prerequisites From 5a15cbec382678f0eedde718a926c599a5e67463 Mon Sep 17 00:00:00 2001 From: Cassandra Coyle Date: Thu, 7 Sep 2023 15:26:57 -0500 Subject: [PATCH 11/18] update documented default value for clientID for both k8s & self-hosted mode Signed-off-by: Cassandra Coyle --- .../components-reference/supported-pubsub/setup-apache-kafka.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-apache-kafka.md b/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-apache-kafka.md index 7ae5f124e52..48e2876c2d1 100644 --- a/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-apache-kafka.md +++ b/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-apache-kafka.md @@ -60,7 +60,7 @@ spec: | brokers | Y | A comma-separated list of Kafka brokers. | `"localhost:9092,dapr-kafka.myapp.svc.cluster.local:9093"` | consumerGroup | N | A kafka consumer group to listen on. Each record published to a topic is delivered to one consumer within each consumer group subscribed to the topic. | `"group1"` | consumerID | N | Consumer ID (consumer tag) organizes one or more consumers into a group. Consumers with the same consumer ID work as one virtual consumer; for example, a message is processed only once by one of the consumers in the group. If the `consumerID` is not provided, the Dapr runtime set it to the Dapr application ID (`appID`) value. | `"channel1"` -| clientID | N | A user-provided string sent with every request to the Kafka brokers for logging, debugging, and auditing purposes. Defaults to `"sarama"`. | `"my-dapr-app"` +| clientID | N | A user-provided string sent with every request to the Kafka brokers for logging, debugging, and auditing purposes. Defaults to `"namespace.appID"` for Kubernetes mode or `"appID"` for Self-Hosted mode. | `"my-namespace.my-dapr-app"`, `"my-dapr-app"` | authRequired | N | *Deprecated* Enable [SASL](https://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer) authentication with the Kafka brokers. | `"true"`, `"false"` | authType | Y | Configure or disable authentication. Supported values: `none`, `password`, `mtls`, or `oidc` | `"password"`, `"none"` | saslUsername | N | The SASL username used for authentication. Only required if `authType` is set to `"password"`. | `"adminuser"` From 3a586fee535ede259123b1d9540753a0e2df9ded Mon Sep 17 00:00:00 2001 From: Francisco Cabrera Date: Fri, 8 Sep 2023 15:14:46 -0700 Subject: [PATCH 12/18] Update setup-aks.md AKS Edge Essentials does not provide a local-path storage that may cause issues with Dapr installation. Adding AKS-EE specific instructions. Signed-off-by: Francisco Cabrera --- .../en/operations/hosting/kubernetes/cluster/setup-aks.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md index 87d27dbc190..fbb0df236e4 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md @@ -51,6 +51,11 @@ az aks create --resource-group [your_resource_group] --name [your_aks_cluster_na az aks get-credentials -n [your_aks_cluster_name] -g [your_resource_group] ``` +## AKS Edge Essentials +To create a single-machine K8s/K3s Linux-only cluster using Azure Kubernetes Service (AKS) Edge Essentials, you can follow the quickstart guide available at [AKS Edge Essentials quickstart guide](https://learn.microsoft.com/en-us/azure/aks/hybrid/aks-edge-quickstart). + +Note that AKS Edge Essentials does not come with a default storage class, which may cause issues when deploying Dapr. To avoid this, make sure to enable the **local-path-provisioner** storage class on the cluster before deploying Dapr. If you need more information, refer to [Local Path Provisioner on AKS EE](https://learn.microsoft.com/azure/aks/hybrid/aks-edge-howto-use-storage-local-path). + ## Next steps {{< button text="Install Dapr using the AKS Dapr extension >>" page="azure-kubernetes-service-extension" >}} From a406f63fac66534f3cc7fdba1bf94f5e1e318c51 Mon Sep 17 00:00:00 2001 From: zhangchao Date: Sun, 10 Sep 2023 17:13:52 +0800 Subject: [PATCH 13/18] typo fix Signed-off-by: zhangchao --- .../components-reference/supported-pubsub/setup-rabbitmq.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-rabbitmq.md b/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-rabbitmq.md index 7a7f0120a06..f2fecc6501c 100644 --- a/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-rabbitmq.md +++ b/daprdocs/content/en/reference/components-reference/supported-pubsub/setup-rabbitmq.md @@ -93,9 +93,9 @@ The above example uses secrets as plain strings. It is recommended to use a secr | exchangeKind | N | Exchange kind of the rabbitmq exchange. Defaults to `"fanout"`. | `"fanout"`,`"topic"` | | saslExternal | N | With TLS, should the username be taken from an additional field (for example, CN). See [RabbitMQ Authentication Mechanisms](https://www.rabbitmq.com/access-control.html#mechanisms). Defaults to `"false"`. | `"true"`, `"false"` | | ttlInSeconds | N | Set message TTL at the component level, which can be overwritten by message level TTL per request. | `"60"` | -| caCert | Required for using TLS | Input/Output | Certificate Authority (CA) certificate in PEM format for verifying server TLS certificates. | `"-----BEGIN CERTIFICATE-----\n\n-----END CERTIFICATE-----"` -| clientCert | Required for using TLS | Input/Output | TLS client certificate in PEM format. Must be used with `clientKey`. | `"-----BEGIN CERTIFICATE-----\n\n-----END CERTIFICATE-----"` -| clientKey | Required for using TLS | Input/Output | TLS client key in PEM format. Must be used with `clientCert`. Can be `secretKeyRef` to use a secret reference. | `"-----BEGIN RSA PRIVATE KEY-----\n\n-----END RSA PRIVATE KEY-----"` +| caCert | Required for using TLS | Certificate Authority (CA) certificate in PEM format for verifying server TLS certificates. | `"-----BEGIN CERTIFICATE-----\n\n-----END CERTIFICATE-----"` +| clientCert | Required for using TLS | TLS client certificate in PEM format. Must be used with `clientKey`. | `"-----BEGIN CERTIFICATE-----\n\n-----END CERTIFICATE-----"` +| clientKey | Required for using TLS | TLS client key in PEM format. Must be used with `clientCert`. Can be `secretKeyRef` to use a secret reference. | `"-----BEGIN RSA PRIVATE KEY-----\n\n-----END RSA PRIVATE KEY-----"` ## Communication using TLS From 6268423566c1d0f7c54242341e355e457596416d Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Tue, 12 Sep 2023 09:30:51 -0400 Subject: [PATCH 14/18] add html for rendering markdown tables Signed-off-by: Hannah Hunter --- daprdocs/layouts/shortcodes/table.html | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 daprdocs/layouts/shortcodes/table.html diff --git a/daprdocs/layouts/shortcodes/table.html b/daprdocs/layouts/shortcodes/table.html new file mode 100644 index 00000000000..7ba0498ba7b --- /dev/null +++ b/daprdocs/layouts/shortcodes/table.html @@ -0,0 +1,6 @@ +{{ $htmlTable := .Inner | markdownify }} +{{ $class := .Get 0 | default "" }} +{{ $old := "" }} +{{ $new := printf "
" $class }} +{{ $htmlTable := replace $htmlTable $old $new }} +{{ $htmlTable | safeHTML }} \ No newline at end of file From b4b5616bd2f2dbd4d6f3b2428be753021b13063c Mon Sep 17 00:00:00 2001 From: Francisco Cabrera Date: Tue, 12 Sep 2023 08:31:41 -0700 Subject: [PATCH 15/18] Update daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md Co-authored-by: Hannah Hunter <94493363+hhunter-ms@users.noreply.github.com> Signed-off-by: Francisco Cabrera --- .../en/operations/hosting/kubernetes/cluster/setup-aks.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md index fbb0df236e4..05d70e344c8 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/cluster/setup-aks.md @@ -54,7 +54,9 @@ az aks get-credentials -n [your_aks_cluster_name] -g [your_resource_group] ## AKS Edge Essentials To create a single-machine K8s/K3s Linux-only cluster using Azure Kubernetes Service (AKS) Edge Essentials, you can follow the quickstart guide available at [AKS Edge Essentials quickstart guide](https://learn.microsoft.com/en-us/azure/aks/hybrid/aks-edge-quickstart). -Note that AKS Edge Essentials does not come with a default storage class, which may cause issues when deploying Dapr. To avoid this, make sure to enable the **local-path-provisioner** storage class on the cluster before deploying Dapr. If you need more information, refer to [Local Path Provisioner on AKS EE](https://learn.microsoft.com/azure/aks/hybrid/aks-edge-howto-use-storage-local-path). +{{% alert title="Note" color="primary" %}} +AKS Edge Essentials does not come with a default storage class, which may cause issues when deploying Dapr. To avoid this, make sure to enable the **local-path-provisioner** storage class on the cluster before deploying Dapr. If you need more information, refer to [Local Path Provisioner on AKS EE](https://learn.microsoft.com/azure/aks/hybrid/aks-edge-howto-use-storage-local-path). +{{% /alert %}} ## Next steps From df48e242021813a0712977d274629a4913a15a5d Mon Sep 17 00:00:00 2001 From: Hannah Hunter Date: Tue, 12 Sep 2023 15:45:37 -0400 Subject: [PATCH 16/18] update intro per Alice review Signed-off-by: Hannah Hunter --- .../tracing/otel-collector/open-telemetry-collector.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md b/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md index c1d5e4fdabc..da4b31359f0 100644 --- a/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md +++ b/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md @@ -6,7 +6,7 @@ weight: 900 description: "How to use Dapr to push trace events through the OpenTelemetry Collector." --- -Dapr directly writes traces using the OpenTelemetry (OTEL) protocol as the **recommended** method. Run the Open Telemetry Collector on your hosting platform to send OTEL events to the observability tool that supports OTEL protocol. +Dapr directly writes traces using the OpenTelemetry (OTEL) protocol as the **recommended** method. For observability tools that support OTEL protocol, it is still recommended to use the OpenTelemetry Collector, since it allows your app to offload data quickly and includes other features, like retries, batching, and encryption. For more information, read the Open Telemetry [documentation](https://opentelemetry.io/docs/collector/#when-to-use-a-collector). Dapr can also write traces using the Zipkin protocol. Previous to supporting the OTEL protocol, you use the Zipkin protocol with the [OpenTelemetry Collector](https://github.com/open-telemetry/opentelemetry-collector) to send traces to observability tools such as AWS X-Ray, Google Cloud Operations Suite, and Azure Monitor. Both protocol approaches are valid, however OTEL is the recommended choice. From e34b4f5042ba5f1aeb884b4ff7d4820a70131cf3 Mon Sep 17 00:00:00 2001 From: Bakibillah Sakib Date: Wed, 13 Sep 2023 01:53:39 +0600 Subject: [PATCH 17/18] [WIP] - CustomResourceDefinition(CRD) term changed (#3696) * [WIP] - CustomResourceDefinition(CRD) term changed to Resource Specifications(resource) Signed-off-by: sakibian * Update daprdocs/content/en/reference/resource-specs/component-schema.md Signed-off-by: Mark Fussell --------- Signed-off-by: sakibian Signed-off-by: Mark Fussell Co-authored-by: Mark Fussell --- .../ides/vscode/vscode-how-to-debug-multiple-dapr-apps.md | 2 +- .../en/operations/configuration/configuration-overview.md | 4 ++-- daprdocs/content/en/operations/configuration/secret-scope.md | 4 ++-- .../en/operations/hosting/kubernetes/kubernetes-upgrade.md | 2 +- .../operations/support/breaking-changes-and-deprecations.md | 2 +- .../content/en/operations/troubleshooting/common_issues.md | 2 +- .../content/en/reference/arguments-annotations-overview.md | 2 +- .../content/en/reference/resource-specs/component-schema.md | 4 ++-- 8 files changed, 11 insertions(+), 11 deletions(-) diff --git a/daprdocs/content/en/developing-applications/local-development/ides/vscode/vscode-how-to-debug-multiple-dapr-apps.md b/daprdocs/content/en/developing-applications/local-development/ides/vscode/vscode-how-to-debug-multiple-dapr-apps.md index a2085158100..86569fb2fe1 100644 --- a/daprdocs/content/en/developing-applications/local-development/ides/vscode/vscode-how-to-debug-multiple-dapr-apps.md +++ b/daprdocs/content/en/developing-applications/local-development/ides/vscode/vscode-how-to-debug-multiple-dapr-apps.md @@ -176,7 +176,7 @@ Below are the supported parameters for VS Code tasks. These parameters are equiv | `appProtocol` | Tells Dapr which protocol your application is using. Valid options are `http`, `grpc`, `https`, `grpcs`, `h2c`. Default is `http`. | No | `"appProtocol": "http"` | `args` | Sets a list of arguments to pass on to the Dapr app | No | "args": [] | `componentsPath` | Path for components directory. If empty, components will not be loaded. | No | `"componentsPath": "./components"` -| `config` | Tells Dapr which Configuration CRD to use | No | `"config": "./config"` +| `config` | Tells Dapr which Configuration resource to use | No | `"config": "./config"` | `controlPlaneAddress` | Address for a Dapr control plane | No | `"controlPlaneAddress": "http://localhost:1366/"` | `enableProfiling` | Enable profiling | No | `"enableProfiling": false` | `enableMtls` | Enables automatic mTLS for daprd to daprd communication channels | No | `"enableMtls": false` diff --git a/daprdocs/content/en/operations/configuration/configuration-overview.md b/daprdocs/content/en/operations/configuration/configuration-overview.md index 1f04714d7ba..8f0d23db52f 100644 --- a/daprdocs/content/en/operations/configuration/configuration-overview.md +++ b/daprdocs/content/en/operations/configuration/configuration-overview.md @@ -18,13 +18,13 @@ A Dapr sidecar can also apply a configuration by using a `--config` flag to the #### Kubernetes sidecar -In Kubernetes mode the Dapr configuration is a Configuration CRD, that is applied to the cluster. For example: +In Kubernetes mode the Dapr configuration is a Configuration resource, that is applied to the cluster. For example: ```bash kubectl apply -f myappconfig.yaml ``` -You can use the Dapr CLI to list the Configuration CRDs +You can use the Dapr CLI to list the Configuration resources ```bash dapr configurations -k diff --git a/daprdocs/content/en/operations/configuration/secret-scope.md b/daprdocs/content/en/operations/configuration/secret-scope.md index a937f56e58a..37ba0ff1873 100644 --- a/daprdocs/content/en/operations/configuration/secret-scope.md +++ b/daprdocs/content/en/operations/configuration/secret-scope.md @@ -3,12 +3,12 @@ type: docs title: "How-To: Limit the secrets that can be read from secret stores" linkTitle: "Limit secret store access" weight: 3000 -description: "To limit the secrets to which the Dapr application has access, users can define secret scopes by augmenting existing configuration CRD with restrictive permissions." +description: "To limit the secrets to which the Dapr application has access, users can define secret scopes by augmenting existing configuration resource with restrictive permissions." --- In addition to scoping which applications can access a given component, for example a secret store component (see [Scoping components]({{< ref "component-scopes.md">}})), a named secret store component itself can be scoped to one or more secrets for an application. By defining `allowedSecrets` and/or `deniedSecrets` list, applications can be restricted to access only specific secrets. -Follow [these instructions]({{< ref "configuration-overview.md" >}}) to define a configuration CRD. +Follow [these instructions]({{< ref "configuration-overview.md" >}}) to define a configuration resource. ## Configure secrets access diff --git a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md index e9bbb0c13a9..f151f86d223 100644 --- a/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md +++ b/daprdocs/content/en/operations/hosting/kubernetes/kubernetes-upgrade.md @@ -55,7 +55,7 @@ From version 1.0.0 onwards, upgrading Dapr using Helm is no longer a disruptive 1. Upgrade Dapr from 1.0.0 (or newer) to any [NEW VERSION] > 1.0.0: - *Helm does not handle upgrading CRDs, so you need to perform that manually. CRDs are backward-compatible and should only be installed forward.* + *Helm does not handle upgrading resources, so you need to perform that manually. resources are backward-compatible and should only be installed forward.* >Note: The Dapr version is included in the commands below. diff --git a/daprdocs/content/en/operations/support/breaking-changes-and-deprecations.md b/daprdocs/content/en/operations/support/breaking-changes-and-deprecations.md index d0aeab50797..50dc764c849 100644 --- a/daprdocs/content/en/operations/support/breaking-changes-and-deprecations.md +++ b/daprdocs/content/en/operations/support/breaking-changes-and-deprecations.md @@ -15,7 +15,7 @@ Breaking changes are defined as a change to any of the following that cause comp - Default configuration value - Command line argument - Published metric -- Kubernetes CRD template +- Kubernetes resource template - Publicly accessible API - Publicly visible SDK interface, method, class, or attribute diff --git a/daprdocs/content/en/operations/troubleshooting/common_issues.md b/daprdocs/content/en/operations/troubleshooting/common_issues.md index 07a0bf170d5..346b680c68f 100644 --- a/daprdocs/content/en/operations/troubleshooting/common_issues.md +++ b/daprdocs/content/en/operations/troubleshooting/common_issues.md @@ -94,7 +94,7 @@ There are some known cases where this might not properly work: - Make sure the kube api server can reach the following webhooks services: - [Sidecar Mutating Webhook Injector Service](https://github.com/dapr/dapr/blob/44235fe8e8799589bb393a3124d2564db2dd6885/charts/dapr/charts/dapr_sidecar_injector/templates/dapr_sidecar_injector_deployment.yaml#L157) at port __4000__ that is served from the sidecar injector. - - [CRD Conversion Webhook Service](https://github.com/dapr/dapr/blob/44235fe8e8799589bb393a3124d2564db2dd6885/charts/dapr/charts/dapr_operator/templates/dapr_operator_service.yaml#L28) at port __19443__ that is served from the operator. + - [Resource Conversion Webhook Service](https://github.com/dapr/dapr/blob/44235fe8e8799589bb393a3124d2564db2dd6885/charts/dapr/charts/dapr_operator/templates/dapr_operator_service.yaml#L28) at port __19443__ that is served from the operator. Check with your cluster administrators to setup allow ingress rules to the above ports, __4000__ and __19443__, in the cluster from the kube api servers. diff --git a/daprdocs/content/en/reference/arguments-annotations-overview.md b/daprdocs/content/en/reference/arguments-annotations-overview.md index 0cb502a55d6..a1c044a68d8 100644 --- a/daprdocs/content/en/reference/arguments-annotations-overview.md +++ b/daprdocs/content/en/reference/arguments-annotations-overview.md @@ -17,7 +17,7 @@ This table is meant to help users understand the equivalent options for running | `--app-port` | `--app-port` | `-p` | `dapr.io/app-port` | This parameter tells Dapr which port your application is listening on | | `--components-path` | `--components-path` | `-d` | not supported | **Deprecated** in favor of `--resources-path` | | `--resources-path` | `--resources-path` | `-d` | not supported | Path for components directory. If empty, components will not be loaded. | -| `--config` | `--config` | `-c` | `dapr.io/config` | Tells Dapr which Configuration CRD to use | +| `--config` | `--config` | `-c` | `dapr.io/config` | Tells Dapr which Configuration resource to use | | `--control-plane-address` | not supported | | not supported | Address for a Dapr control plane | | `--dapr-grpc-port` | `--dapr-grpc-port` | | not supported | gRPC port for the Dapr API to listen on (default "50001") | | `--dapr-http-port` | `--dapr-http-port` | | not supported | The HTTP port for the Dapr API | diff --git a/daprdocs/content/en/reference/resource-specs/component-schema.md b/daprdocs/content/en/reference/resource-specs/component-schema.md index d900769c4a8..0face5b9a62 100644 --- a/daprdocs/content/en/reference/resource-specs/component-schema.md +++ b/daprdocs/content/en/reference/resource-specs/component-schema.md @@ -6,7 +6,7 @@ weight: 1000 description: "The basic spec for a Dapr component" --- -Dapr defines and registers components using a [CustomResourceDefinition](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/). All components are defined as a CRD and can be applied to any hosting environment where Dapr is running, not just Kubernetes. +Dapr defines and registers components using a [resource specifications](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/). All components are defined as a resource and can be applied to any hosting environment where Dapr is running, not just Kubernetes. ## Format @@ -31,7 +31,7 @@ spec: | Field | Required | Details | Example | |--------------------|:--------:|---------|---------| | apiVersion | Y | The version of the Dapr (and Kubernetes if applicable) API you are calling | `dapr.io/v1alpha1` -| kind | Y | The type of CRD. For components is must always be `Component` | `Component` +| kind | Y | The type of resource. For components is must always be `Component` | `Component` | **metadata** | - | **Information about the component registration** | | metadata.name | Y | The name of the component | `prod-statestore` | metadata.namespace | N | The namespace for the component for hosting environments with namespaces | `myapp-namespace` From 2f6fa0c3eacbda93d0ed9532a05021e09fbf024a Mon Sep 17 00:00:00 2001 From: Mark Fussell Date: Tue, 12 Sep 2023 13:05:38 -0700 Subject: [PATCH 18/18] Update daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md Signed-off-by: Mark Fussell --- .../tracing/otel-collector/open-telemetry-collector.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md b/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md index da4b31359f0..aeff1a2c966 100644 --- a/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md +++ b/daprdocs/content/en/operations/observability/tracing/otel-collector/open-telemetry-collector.md @@ -6,7 +6,7 @@ weight: 900 description: "How to use Dapr to push trace events through the OpenTelemetry Collector." --- -Dapr directly writes traces using the OpenTelemetry (OTEL) protocol as the **recommended** method. For observability tools that support OTEL protocol, it is still recommended to use the OpenTelemetry Collector, since it allows your app to offload data quickly and includes other features, like retries, batching, and encryption. For more information, read the Open Telemetry [documentation](https://opentelemetry.io/docs/collector/#when-to-use-a-collector). +Dapr directly writes traces using the OpenTelemetry (OTEL) protocol as the **recommended** method. For observability tools that support OTEL protocol, it is recommended to use the OpenTelemetry Collector, as it allows your application to quickly offload data and includes features, such as retries, batching, and encryption. For more information, read the Open Telemetry [documentation](https://opentelemetry.io/docs/collector/#when-to-use-a-collector). Dapr can also write traces using the Zipkin protocol. Previous to supporting the OTEL protocol, you use the Zipkin protocol with the [OpenTelemetry Collector](https://github.com/open-telemetry/opentelemetry-collector) to send traces to observability tools such as AWS X-Ray, Google Cloud Operations Suite, and Azure Monitor. Both protocol approaches are valid, however OTEL is the recommended choice.