OSDOCS-16582: Modified OpenShift Images to meet DITA compliance.

modules/images-configuration-image-registry-settings-hcp.adoc

@@ -6,6 +6,7 @@
 [id="images-configuring-image-registry-settings-hcp_{context}"]
 = Configuring image registry settings for {product-title}
 
+[role="_abstract"]
 You can configure image registry settings at cluster creation. The cluster's nodes will use the required configuration after creation.
 
 .Procedure
@@ -96,25 +97,27 @@ Audit Log Forwarding:       Disabled
 External Authentication:    Disabled
 Etcd Encryption:            Disabled
 Registry Configuration:
- - Allowed Registries: <allowed_registry> <1> <2>
- - Insecure Registries: <insecure_registry> <3>
- - Allowed Registries for Import: <4>
-    - Domain Name: <domain_name> <5>
-    - Insecure: true <6>
- - Platform Allowlist: <platform_allowlist_id> <7>
-    - Registries:      <list_of_registries> <8>
- - Additional Trusted CA: <9>
+ - Allowed Registries: <allowed_registry>
+ - Insecure Registries: <insecure_registry>
+ - Allowed Registries for Import:
+    - Domain Name: <domain_name>
+    - Insecure: true
+ - Platform Allowlist: <platform_allowlist_id>
+    - Registries:      <list_of_registries>
+ - Additional Trusted CA:
     - <registry_name> : REDACTED
 ----
-<1> `Allowed Registries`: A comma-separated list of registries for which image pull and push actions are allowed.
-<2> `Blocked Registries`: A comma-separated list of registries for which image pull and push actions are blocked. Parameters `allowedRegistries`, `blockedRegistries` are mutually exclusive.
-<3> `Insecure Registries`: A comma-separated list of registries which do not have a valid TLS certificate or only support HTTP connections.
-<4> `Allowed Registries for Import`: Limits the container image registries from which normal users can import images. The format should be a comma-separated list of `domainName:insecure`.
-<5> `domainName`: Specifies a domain name for the registry.
-<6> `insecure`: Indicates whether the registry is secure or insecure.
-<7> `Platform Allowlist`: A reference to the id of the list of registries that needs to be whitelisted for the platform to work.
-<8> `Registries`: The list of registries that needs to be whitelisted for the platform to work.
-<9> `Additional Trusted CA`: A JSON file containing the registry hostname as the key, and the PEM-encoded certificate as the value, for each additional registry CA to trust.
++
+where:
+* `Allowed Registries`:: A comma-separated list of registries for which image pull and push actions are allowed.
+* `Blocked Registries`:: A comma-separated list of registries for which image pull and push actions are blocked. Parameters `allowedRegistries`, `blockedRegistries` are mutually exclusive.
+* `Insecure Registries`:: A comma-separated list of registries which do not have a valid TLS certificate or only support HTTP connections.
+* `Allowed Registries for Import`:: Limits the container image registries from which normal users can import images. The format should be a comma-separated list of `domainName:insecure`.
+* `domainName`:: Specifies a domain name for the registry.
+* `insecure`:: Indicates whether the registry is secure or insecure.
+* `Platform Allowlist`:: A reference to the id of the list of registries that needs to be whitelisted for the platform to work.
+* `Registries`:: The list of registries that needs to be whitelisted for the platform to work.
+* `Additional Trusted CA`:: A JSON file containing the registry hostname as the key, and the PEM-encoded certificate as the value, for each additional registry CA to trust.
 
 . List your nodes to check the applied changes by running the following command:
 +

modules/images-configuration-parameters-hcp.adoc

@@ -6,6 +6,7 @@
 [id="images-configuration-parameters-hcp_{context}"]
 = Image controller configuration parameters for {product-title}
 
+[role="_abstract"]
 The `image.config.openshift.io/cluster` resource holds cluster-wide information about how to handle images. The resource exists, but it is read only and can only be changed through supported tools like the ROSA CLI (`rosa`). The canonical and only valid name is `cluster`. It can be configured in {product-title} through `rosa` commands.
 
 

modules/images-editing-image-registry-settings-hcp.adoc

@@ -7,6 +7,7 @@
 [id="images-editing-image-registry-settings-hcp_{context}"]
 = Editing image registry settings for {product-title}
 
+[role="_abstract"]
 You can change the image registry config with the `rosa edit` command.
 
 [WARNING]
@@ -104,22 +105,24 @@ Audit Log Forwarding:       Disabled
 External Authentication:    Disabled
 Etcd Encryption:            Disabled
 Registry Configuration:
- - Allowed Registries: <allowed_registry> <1> <2>
- - Insecure Registries: <insecure_registry> <3>
- - Allowed Registries for Import: <4>
-    - Domain Name: <domain_name> <5>
-    - Insecure: true <6>
- - Platform Allowlist: <platform_allowlist_id> <7>
-    - Registries:      <list_of_registries> <8>
- - Additional Trusted CA: <9>
+ - Allowed Registries: <allowed_registry>
+ - Insecure Registries: <insecure_registry>
+ - Allowed Registries for Import:
+    - Domain Name: <domain_name>
+    - Insecure: true
+ - Platform Allowlist: <platform_allowlist_id>
+    - Registries:      <list_of_registries>
+ - Additional Trusted CA:
     - <registry_name> : REDACTED
 ----
-<1> `Allowed Registries`: A comma-separated list of registries for which image pull and push actions are allowed.
-<2> `Blocked Registries`: A comma-separated list of registries for which image pull and push actions are blocked. Parameters `allowedRegistries`, `blockedRegistries` are mutually exclusive.
-<3> `Insecure Registries`: A comma-separated list of registries which do not have a valid TLS certificate or only support HTTP connections.
-<4> `Allowed Registries for Import`: Limits the container image registries from which normal users can import images. The format should be a comma-separated list of `domainName:insecure`.
-<5> `domainName`: Specifies a domain name for the registry.
-<6> `insecure`: Indicates whether the registry is secure or insecure.
-<7> `Platform Allowlist`: A reference to the id of the list of registries that needs to be whitelisted for the platform to work.
-<8> `Registries`: The list of registries that needs to be whitelisted for the platform to work.
-<9> `Additional Trusted CA`: A JSON file containing the registry hostname as the key, and the PEM-encoded certificate as the value, for each additional registry CA to trust.
++
+where:
+* `Allowed Registries`:: A comma-separated list of registries for which image pull and push actions are allowed.
+* `Blocked Registries`:: A comma-separated list of registries for which image pull and push actions are blocked. Parameters `allowedRegistries`, `blockedRegistries` are mutually exclusive.
+* `Insecure Registries`:: A comma-separated list of registries which do not have a valid TLS certificate or only support HTTP connections.
+* `Allowed Registries for Import`:: Limits the container image registries from which normal users can import images. The format should be a comma-separated list of `domainName:insecure`.
+* `domainName`:: Specifies a domain name for the registry.
+* `insecure`:: Indicates whether the registry is secure or insecure.
+* `Platform Allowlist`:: A reference to the id of the list of registries that needs to be whitelisted for the platform to work.
+* `Registries`:: The list of registries that needs to be whitelisted for the platform to work.
+* `Additional Trusted CA`:: A JSON file containing the registry hostname as the key, and the PEM-encoded certificate as the value, for each additional registry CA to trust.

modules/images-registry-mirroring-create.adoc

@@ -0,0 +1,93 @@
+// Module included in the following assemblies:
+//
+// * openshift_images/image-configuration-hcp.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="images-registry-mirroring-create_{context}"]
+= Creating an image mirror configuration
+
+[role="_abstract"]
+You can create an image mirror configuration for a {product-title} cluster with the {rosa-cli-first} tool.
+
+[IMPORTANT]
+====
+The source registry cannot be modified after creation. You must delete and recreate the image mirror to change the source.
+====
+
+.Procedure
+
+* Run the following command to create an image mirror configuration:
+[source,terminal]
+----
+$ rosa create image-mirror [arguments]
+----
++
+.Arguments
+[cols="30,70"]
+|===
+|Option |Definition
+
+a|--cluster
+|Required: The name or ID of the cluster the mirror configuration will be applied to.
+
+|--source
+|Required: The source registry that will be mirrored.
+
+|--mirrors
+|Required: List of mirror registries. Mirror registries must be comma-separated.
+
+|--type=digest
+|Optional: Type of image mirror. The `digest` type is set by default and the only available `type` option.
+
+|--profile
+|Optional: Specifies an AWS profile (string) from your credentials file.
+
+|--region
+|Optional:Specifies an AWS region, overriding the AWS_REGION environment variable.
+|===
++
+.Examples
+Creates an image mirror configuration for a cluster named `mycluster`.
++
+[source,terminal]
+----
+$ rosa create image-mirror --cluster=mycluster \
+  --source=registry.example.com/team \
+  --mirrors=mirror.corp.com/team,backup.corp.com/team
+----
++
+.Example Output
+[source,terminal]
+----
+I: Image mirror with ID 'abc123def456' has been created on cluster 'mycluster'
+I: Source: registry.example.com/team
+I: Mirrors: [mirror.corp.com/team backup.corp.com/team]
+----
++
+[NOTE]
+====
+An ID is automatically generated and assigned to an image mirror during image mirror configuration creation.
+====
+
+* Run the following command to create an image mirror configuration with a specific type:
++
+[source,terminal]
+----
+$ rosa create image-mirror --cluster=mycluster \
+  --type=digest --source=docker.io/library \
+  --mirrors=internal-registry.company.com/dockerhub
+----
++
+[NOTE]
+====
+The `digest` type is set by default and the only available `type` option.
+====
+
+. Run the following command to create a single image mirror configuration with multiple mirrors for a cluster:
++
+[source,terminal]
+----
+$ rosa create image-mirror --cluster=mycluster \
+  --source=quay.io/openshift \
+  --mirrors=mirror1.company.com/openshift,mirror2.company.com/openshift,mirror3.company.com/openshift
+----

modules/images-registry-mirroring-delete.adoc

@@ -0,0 +1,63 @@
+// Module included in the following assemblies:
+//
+// * openshift_images/image-configuration-hcp.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="images-registry-mirroring-delete_{context}"]
+= Deleting an image mirror configuration
+
+[role="_abstract"]
+You can delete an image mirror configuration from a {product-title} cluster with the {rosa-cli-first}.
+
+[NOTE]
+====
+Delete operations require confirmation unless the `--yes` or `--y` argument is used.
+====
+
+.Procedure
+
+. Run the following command to delete an image mirror configuration from a {product-title} cluster:
++
+[source,terminal]
+----
+$ rosa delete image-mirror [arguments]
+----
++
+.Arguments
+[cols="30,70"]
+|===
+|Option |Definition
+
+|--cluster
+|Required: The name or ID (string) of the cluster that the image mirror configuration will be deleted from.
+|--id
+|Required: ID of the image mirror configuration to delete.
+|`--yes`, `-y`
+|Optional: Automatically answers "yes" to confirm deletion.
+|--profile
+|Optional: Use a specific AWS profile from your credential file.
+|--region
+|Optional: Use a specific AWS region, overriding the AWS_REGION environment variable.
+
+|===
++
+.Examples
+Deletes an image mirror configuration without a confirmation prompt.
++
+[source,terminal]
+----
+$ rosa delete image-mirror --cluster=mycluster abc123def456 --yes
+----
++
+.Example Output
+[source,terminal]
+----
+I: Image mirror 'abc123def456' has been deleted from cluster 'mycluster'
+----
+
+. Run the following command to deletes an image mirror configuration with a confirmation prompt:
++
+[source,terminal]
+----
+$ rosa delete image-mirror --cluster=mycluster --id=abc123def456
+----

modules/images-registry-mirroring-edit.adoc

@@ -0,0 +1,69 @@
+// Module included in the following assemblies:
+//
+// * openshift_images/image-configuration-hcp.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="images-registry-mirroring-edit_{context}"]
+= Editing an image mirroring configuration
+
+[role="_abstract"]
+You can edit an image mirror configuration for a {product-title} cluster with the {rosa-cli-first} tool.
+
+[NOTE]
+====
+When editing an image mirror configuration, the new mirrors list completely replaces the existing mirrors list.
+====
+
+.Procedure
+
+. Run the following command to edit an image mirror configuration:
++
+[source,terminal]
+----
+$ rosa edit image-mirror [arguments]
+----
++
+.Arguments
+[cols="30,70"]
+|===
+|Option |Definition
+
+|--cluster
+|Required: The name or ID (string) of the cluster to which the image mirror configuration applies.
+
+|--mirrors
+|Required: New list of mirror registries that replaces current mirror registries. Mirror registries must be comma-separated.
+
+|--id
+|Required: ID of the image mirror configuration to edit.
+
+|--profile
+|Optional: Use a specific AWS profile from your credential file.
+
+|--region
+|Optional: Use a specific AWS region, overriding the AWS_REGION environment variable.
+|===
+
+. Run the following command to replace a single mirror on an image mirror configuration:
++
+[source,terminal]
+----
+$ rosa edit image-mirror --cluster=mycluster --id=abc123def456 \
+  --mirrors=single-mirror.company.com/team
+----
++
+.Example Output
+[source,terminal]
+----
+I: Image mirror 'abc123def456' has been updated on cluster 'mycluster'
+I: Source: registry.example.com/team
+I: Updated mirrors: [mirror.corp.com/team backup.corp.com/team new-mirror.corp.com/team]
+----
+
+. Run the following command to replace all mirrors on an image mirror configuration:
++
+[source,terminal]
+----
+$ rosa edit image-mirror --cluster=mycluster --id=abc123def456 \
+  --mirrors=new-primary.company.com/team,new-secondary.company.com/team
+----

modules/images-registry-mirroring-list.adoc

@@ -0,0 +1,48 @@
+// Module included in the following assemblies:
+//
+// * openshift_images/image-configuration-hcp.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="images-registry-mirroring-list_{context}"]
+= Listing all image mirror configurations
+
+[role="_abstract"]
+You can list all image mirror configurations from a {product-title} cluster with the {rosa-cli-first}.
+
+.Procedure
+
+. Run the following command to list all image mirror configurations for a {product-title} cluster:
++
+[source,terminal]
+----
+$ rosa list image-mirrors [arguments]
+----
++
+.Arguments
+[cols="30,70"]
+|===
+|Option |Definition
+
+|--cluster
+|Required: Name or ID of the cluster.
+|--output
+|Optional: Output format. Allowed formats are `json`, `yaml`
+|--profile
+|Optional: Use a specific AWS profile from your credential file.
+|--region
+|Optional: Use a specific AWS region, overriding the AWS_REGION environment variable.
+|===
+
+
+. Run the following command to list all image mirror configurations for a cluster:
++
+[source,terminal]
+----
+$ rosa list image-mirrors --cluster=mycluster
+----
+.Example Outputs
+[source,terminal]
+----
+ID              TYPE    SOURCE                    MIRRORS
+abc123def456    digest  registry.example.com/team mirror.corp.com/team, backup.corp.com/
+----