Commit 9602bad7 authored by Nick Gaskill's avatar Nick Gaskill

Merge branch '329834-remove-gma-references-in-protect-docs' into 'master'

Remove GMAv1 references and rename GMAv2 reference in Protect docs

See merge request gitlab-org/gitlab!61865
parents f285de09 1bcfaea4
...@@ -1069,7 +1069,6 @@ You can install the following applications with one click: ...@@ -1069,7 +1069,6 @@ You can install the following applications with one click:
- [Knative](#knative) - [Knative](#knative)
- [Crossplane](#crossplane) - [Crossplane](#crossplane)
- [Elastic Stack](#elastic-stack) - [Elastic Stack](#elastic-stack)
- [Fluentd](#fluentd)
With the exception of Knative, the applications are installed in a dedicated With the exception of Knative, the applications are installed in a dedicated
namespace called `gitlab-managed-apps`. namespace called `gitlab-managed-apps`.
...@@ -1561,27 +1560,6 @@ kubectl port-forward svc/kibana-kibana 5601:5601 ...@@ -1561,27 +1560,6 @@ kubectl port-forward svc/kibana-kibana 5601:5601
Then, you can visit Kibana at `http://localhost:5601`. Then, you can visit Kibana at `http://localhost:5601`.
### Fluentd
> Introduced in GitLab 12.10 for project- and group-level clusters.
[Fluentd](https://www.fluentd.org/) is an open source data collector, which enables
you to unify the data collection and consumption to better use and understand
your data. Fluentd sends logs in syslog format.
To enable Fluentd:
1. Navigate to **Operations > Kubernetes** and click
**Applications**. Enter a host, port, and protocol
for sending the WAF logs with syslog.
1. Provide the host domain name or URL in **SIEM Hostname**.
1. Provide the host port number in **SIEM Port**.
1. Select a **SIEM Protocol**.
1. Select at least one of the available logs (such as WAF or Cilium).
1. Click **Save changes**.
![Fluentd input fields](img/fluentd_v13_0.png)
## Upgrading applications ## Upgrading applications
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/24789) in GitLab 11.8. > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/24789) in GitLab 11.8.
......
...@@ -28,8 +28,8 @@ users define profiles for these technologies. ...@@ -28,8 +28,8 @@ users define profiles for these technologies.
See the [installation guide](quick_start_guide.md) for the recommended steps to install the See the [installation guide](quick_start_guide.md) for the recommended steps to install the
Container Host Security capabilities. This guide shows the recommended way of installing Container Container Host Security capabilities. This guide shows the recommended way of installing Container
Host Security through GMAv2. However, it's also possible to do a manual installation through our Host Security through the Cluster Management Project. However, it's also possible to do a manual
Helm chart. installation through our Helm chart.
## Features ## Features
......
...@@ -6,9 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w ...@@ -6,9 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
# Getting started with Container Host Security # Getting started with Container Host Security
The following steps are recommended for installing Container Host Security. Although you can install The following steps are recommended for installing Container Host Security.
some capabilities through GMAv1, we [recommend](#using-gmav1-with-gmav2) that you install
applications through GMAv2 exclusively when using Container Network Security.
## Installation steps ## Installation steps
...@@ -21,7 +19,7 @@ The following steps are recommended to install and use Container Host Security t ...@@ -21,7 +19,7 @@ The following steps are recommended to install and use Container Host Security t
1. Install and configure an Ingress node: 1. Install and configure an Ingress node:
- [Install the Ingress node via CI/CD (GMAv2)](../../../../clusters/applications.md#install-ingress-using-gitlab-cicd). - [Install the Ingress node via CI/CD (Cluster Management Project)](../../../../clusters/applications.md#install-ingress-using-gitlab-cicd).
- [Determine the external endpoint via the manual method](../../../../clusters/applications.md#determining-the-external-endpoint-manually). - [Determine the external endpoint via the manual method](../../../../clusters/applications.md#determining-the-external-endpoint-manually).
- Navigate to the Kubernetes page and enter the [DNS address for the external endpoint](../../index.md#base-domain) - Navigate to the Kubernetes page and enter the [DNS address for the external endpoint](../../index.md#base-domain)
into the **Base domain** field on the **Details** tab. Save the changes to the Kubernetes into the **Base domain** field on the **Details** tab. Save the changes to the Kubernetes
...@@ -63,19 +61,6 @@ initial troubleshooting steps that resolve the most common problems: ...@@ -63,19 +61,6 @@ initial troubleshooting steps that resolve the most common problems:
`kubectl delete namespaces <insert-some-namespace-name>` in your Kubernetes cluster. `kubectl delete namespaces <insert-some-namespace-name>` in your Kubernetes cluster.
- Rerun the application project pipeline to redeploy the application. - Rerun the application project pipeline to redeploy the application.
### Using GMAv1 with GMAv2
When GMAv1 and GMAv2 are used together on the same cluster, users may experience problems with
applications being uninstalled or removed from the cluster. This is because GMAv2 actively
uninstalls applications that are installed with GMAv1 and not configured to be installed with GMAv2.
It's possible to use a mixture of applications installed with GMAv1 and GMAv2 by ensuring that the
GMAv1 applications are installed **after** the GMAv2 cluster management project pipeline runs. GMAv1
applications must be reinstalled after each run of that pipeline. This approach isn't recommended as
it's error-prone and can lead to downtime as applications are uninstalled and later reinstalled.
When using Container Network Security, the preferred and recommended path is to install all
necessary components with GMAv2 and the cluster management project.
**Related documentation links:** **Related documentation links:**
- [GitLab Managed Apps v1 (GMAv1)](../../../../clusters/applications.md#install-with-one-click-deprecated) - [Cluster Management Project](../../../../clusters/management_project.md)
- [GitLab Managed Apps v2 (GMAv2)](../../../../clusters/management_project.md)
...@@ -20,8 +20,8 @@ disabled by default, as they must usually be customized to match application-spe ...@@ -20,8 +20,8 @@ disabled by default, as they must usually be customized to match application-spe
See the [installation guide](quick_start_guide.md) for the recommended steps to install GitLab See the [installation guide](quick_start_guide.md) for the recommended steps to install GitLab
Container Network Security. This guide shows the recommended way of installing Container Network Container Network Security. This guide shows the recommended way of installing Container Network
Security through GMAv2. However, it's also possible to install Cilium manually through our Helm Security through the Cluster Management Project. However, it's also possible to install Cilium
chart. manually through our Helm chart.
## Features ## Features
......
...@@ -6,9 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w ...@@ -6,9 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
# Getting started with Container Network Security # Getting started with Container Network Security
The following steps are recommended for installing Container Network Security. Although you can The following steps are recommended for installing Container Network Security.
install some capabilities through GMAv1, we [recommend](#using-gmav1-with-gmav2) that you install
applications through GMAv2 exclusively when using Container Network Security.
## Installation steps ## Installation steps
...@@ -21,7 +19,7 @@ The following steps are recommended to install and use Container Network Securit ...@@ -21,7 +19,7 @@ The following steps are recommended to install and use Container Network Securit
1. Install and configure an Ingress node: 1. Install and configure an Ingress node:
- [Install the Ingress node via CI/CD (GMAv2)](../../../../clusters/applications.md#install-ingress-using-gitlab-cicd). - [Install the Ingress node via CI/CD (Cluster Management Project)](../../../../clusters/applications.md#install-ingress-using-gitlab-cicd).
- [Determine the external endpoint via the manual method](../../../../clusters/applications.md#determining-the-external-endpoint-manually). - [Determine the external endpoint via the manual method](../../../../clusters/applications.md#determining-the-external-endpoint-manually).
- Navigate to the Kubernetes page and enter the [DNS address for the external endpoint](../../index.md#base-domain) - Navigate to the Kubernetes page and enter the [DNS address for the external endpoint](../../index.md#base-domain)
into the **Base domain** field on the **Details** tab. Save the changes to the Kubernetes into the **Base domain** field on the **Details** tab. Save the changes to the Kubernetes
...@@ -83,12 +81,8 @@ Additional information about the statistics page is available in the ...@@ -83,12 +81,8 @@ Additional information about the statistics page is available in the
## Forwarding logs to a SIEM ## Forwarding logs to a SIEM
Cilium logs can be forwarded to a SIEM or an external logging system through syslog protocol by Cilium logs can be forwarded to a SIEM or an external logging system through syslog protocol by
installing and configuring Fluentd. Fluentd can be installed through GitLab in two ways: installing and configuring Fluentd. Fluentd can be installed through the GitLab
[Cluster Management Project](../../../../clusters/applications.md#install-fluentd-using-gitlab-cicd).
- The [GMAv1 method](../../../../clusters/applications.md#fluentd)
- The [GMAv2 method](../../../../clusters/applications.md#install-fluentd-using-gitlab-cicd)
GitLab strongly encourages using only the GMAv2 method to install Fluentd.
## Viewing the logs ## Viewing the logs
...@@ -135,19 +129,6 @@ initial troubleshooting steps that resolve the most common problems: ...@@ -135,19 +129,6 @@ initial troubleshooting steps that resolve the most common problems:
- Delete the relevant namespace in Kubernetes by running `kubectl delete namespaces <insert-some-namespace-name>` in your Kubernetes cluster. - Delete the relevant namespace in Kubernetes by running `kubectl delete namespaces <insert-some-namespace-name>` in your Kubernetes cluster.
- Rerun the application project pipeline to redeploy the application. - Rerun the application project pipeline to redeploy the application.
### Using GMAv1 with GMAv2
When GMAv1 and GMAv2 are used together on the same cluster, users may experience problems with
applications being uninstalled or removed from the cluster. This is because GMAv2 actively
uninstalls applications that are installed with GMAv1 and not configured to be installed with GMAv2.
It's possible to use a mixture of applications installed with GMAv1 and GMAv2 by ensuring that the
GMAv1 applications are installed **after** the GMAv2 cluster management project pipeline runs. GMAv1
applications must be reinstalled after each run of that pipeline. This approach isn't recommended as
it's error-prone and can lead to downtime as applications are uninstalled and later reinstalled.
When using Container Network Security, the preferred and recommended path is to install all
necessary components with GMAv2 and the cluster management project.
**Related documentation links:** **Related documentation links:**
- [GitLab Managed Apps v1 (GMAv1)](../../../../clusters/applications.md#install-with-one-click-deprecated) - [Cluster Management Project](../../../../clusters/management_project.md)
- [GitLab Managed Apps v2 (GMAv2)](../../../../clusters/management_project.md)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment