diff --git a/docs/api/workflows/projects.md b/docs/api/workflows/projects.md index 7b7ced1e6d04..bad30e887248 100644 --- a/docs/api/workflows/projects.md +++ b/docs/api/workflows/projects.md @@ -160,7 +160,7 @@ kubectl --namespace p-vwxyz get projectroletemplatebindings ## Deleting a Member From a Project -Lookup the projectroletemplatebinding IDs containing the member in the project's namespace as decribed in the [Listing Project Members](#listing-project-members) section. +Lookup the projectroletemplatebinding IDs containing the member in the project's namespace as described in the [Listing Project Members](#listing-project-members) section. Delete the projectroletemplatebinding from the project's namespace: diff --git a/docs/getting-started/installation-and-upgrade/installation-references/feature-flags.md b/docs/getting-started/installation-and-upgrade/installation-references/feature-flags.md index ce153bce5995..24d2d0b7dade 100644 --- a/docs/getting-started/installation-and-upgrade/installation-references/feature-flags.md +++ b/docs/getting-started/installation-and-upgrade/installation-references/feature-flags.md @@ -40,7 +40,7 @@ The following table shows the availability and default values for some feature f | Feature Flag Name | Default Value | Status | Available As Of | Additional Information | | ----------------------------- | ------------- | ------------ | --------------- | ---------------------- | -| `aggregated-roletemplates` | `false` | Highly experimentatl | v2.11.0 | This flag value is locked on install and can't be changed. | +| `aggregated-roletemplates` | `false` | Highly experimental | v2.11.0 | This flag value is locked on install and can't be changed. | | `clean-stale-secrets` | `true` | GA | v2.10.2 | | | `continuous-delivery` | `true` | GA | v2.6.0 | | | `external-rules` | v2.7.14: `false`, v2.8.5: `true` | Removed | v2.7.14, v2.8.5 | This flag affected [external `RoleTemplate` behavior](../../../how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md#external-roletemplate-behavior). It is removed in Rancher v2.9.0 and later as the behavior is enabled by default. | diff --git a/docs/getting-started/installation-and-upgrade/installation-references/tls-settings.md b/docs/getting-started/installation-and-upgrade/installation-references/tls-settings.md index bbde2c615606..c2bf6e785cbb 100644 --- a/docs/getting-started/installation-and-upgrade/installation-references/tls-settings.md +++ b/docs/getting-started/installation-and-upgrade/installation-references/tls-settings.md @@ -40,7 +40,7 @@ In Rancher v2.9.0 and later, this setting defaults to `strict` on new installs. Each cluster contains a condition in the status field called `AgentTlsStrictCheck`. If `AgentTlsStrictCheck` is set to `"True"`, this indicates that the agents for the cluster are ready to operate in `strict` mode. You can manually inspect each cluster to see if they are ready using the Rancher UI or a kubectl command such as the following: ```bash -## the below command skips ouputs $CLUSTER_NAME,$STATUS for all non-local clusters +## the below command skips outputs $CLUSTER_NAME,$STATUS for all non-local clusters kubectl get cluster.management.cattle.io -o jsonpath='{range .items[?(@.metadata.name!="local")]}{.metadata.name},{.status.conditions[?(@.type=="AgentTlsStrictCheck")].status}{"\n"}{end}' ``` diff --git a/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md b/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md index b3f2f9a3a099..3e5af11ae935 100644 --- a/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md +++ b/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md @@ -168,7 +168,7 @@ $ ldapsearch -x -D "acme\jdoe" -w "secret" -p 389 \ -h ad.acme.com -b "dc=acme,dc=com" -s sub "sAMAccountName=jdoe" ``` -This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountNam=jdoe`), returning the attributes for said user: +This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountName=jdoe`), returning the attributes for said user: ![](/img/ldapsearch-user.png) diff --git a/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md b/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md index a51b1328cd0b..7aae2bf870c6 100644 --- a/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md +++ b/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md @@ -23,7 +23,7 @@ The diagram below illustrates how members of an OpenLDAP group can access resour For example, a cluster owner could add an OpenLDAP group to a cluster so that they have permissions view most cluster level resources and create new projects. Then the OpenLDAP group members will have access to the cluster as soon as they log in to Rancher. -In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning persmissions. Without OpenLDAP, the functionality to search for groups would not be supported. +In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning permissions. Without OpenLDAP, the functionality to search for groups would not be supported. When a member of the OpenLDAP group logs in to Rancher, she is redirected to Shibboleth and enters her username and password. diff --git a/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md b/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md index b9847ee8d9f9..0a199a560500 100644 --- a/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md +++ b/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md @@ -35,7 +35,7 @@ The global default registry is intended to be used in air-gapped setups, for reg Most private registries should work, by default, with RKE2 downstream clusters. -However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formated like this: `website/subdomain:portnumber`. +However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formatted like this: `website/subdomain:portnumber`. 1. Select **☰ > Cluster Management**. 1. Find the RKE2 cluster in the list and click **⋮ >Edit Config**. diff --git a/docs/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md b/docs/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md index 3d5025a8c43d..83d86022d9de 100644 --- a/docs/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md +++ b/docs/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md @@ -242,7 +242,7 @@ Rancher and Partner charts may have extra configurations available through custo To view all recent changes, click **Apps > Recent Operations** in the left navigation menu. From there you can view the calls, conditions, events, and logs. -After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during inital installation. +After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during initial installation. Most Rancher tools have additional pages located in the toolbar below the **Apps** section to help manage and use the features. These pages include links to dashboards, forms to easily add Custom Resources, and additional information. @@ -301,4 +301,3 @@ To migrate, follow these steps: - When determining the most recent version to display for the **Upgradable** column on the **Apps > Installed Apps** page, rather than only considering versions of the Helm chart from the repository it was installed from, Rancher considers versions of the Helm chart from all repositories on the cluster. For example, suppose you install `cert-manager` v1.13.0 from repository A, where v1.14.0 is now the most recent version available. In this case, you expect **Upgradable** to display v1.14.0. However, if the cluster also has access to repository B where v1.15.0 of `cert-manager` is available, then **Upgradable** displays v1.15.0 even though the original installation used repository A. - \ No newline at end of file diff --git a/docs/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md b/docs/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md index b49ca3f3ca36..190219ac5844 100644 --- a/docs/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md +++ b/docs/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md @@ -322,7 +322,7 @@ Existing clusters that use an **External** cloud provider will set `--cloud-prov 3. Install the AWS cloud controller manager after the cluster finishes provisioning. Note that the cluster isn't successfully provisioned and nodes are still in an `uninitialized` state until you deploy the cloud controller manager. This can be done manually, or via [Helm charts in UI](#helm-chart-installation-from-ui). -Refer to the offical AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). +Refer to the official AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). diff --git a/docs/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md b/docs/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md index 3e97882659ce..bf695acd120e 100644 --- a/docs/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md +++ b/docs/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md @@ -47,7 +47,7 @@ When using ingresses in a project, you can program the ingress hostname to an ex ## Service Discovery -After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolveable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. +After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolvable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. For more information, see [Service Discovery](create-services.md). diff --git a/docs/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md b/docs/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md index 66a81355f0e9..909536bcdaaa 100644 --- a/docs/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md +++ b/docs/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md @@ -38,7 +38,7 @@ On the **Clusters** page, select **⁝** at the end of each row to view a submen ### Cluster Dashboard -On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** buttton on the **Cluster** page. +On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** button on the **Cluster** page. The **Cluster Dashboard** is also accessible from the Rancher UI **Home** page, by clicking on the name of a cluster. diff --git a/docs/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md b/docs/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md index 6a95a95b3ae9..6672a4ddf73c 100644 --- a/docs/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md +++ b/docs/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md @@ -229,7 +229,7 @@ On AWS EC2, we should create a few objects to configure our system. We've define PUBLIC_IP=$(curl -H "X-aws-ec2-metadata-token: ${TOKEN}" -s http://169.254.169.254/latest/meta-data/public-ipv4) K8S_ROLES="--worker" - sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} + sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} ``` More info is at [RKE clusters on AWS](../../../new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md) and [Cluster Autoscaler on AWS.](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md) diff --git a/docs/integrations-in-rancher/fleet/overview.md b/docs/integrations-in-rancher/fleet/overview.md index a490bf14dad7..efe2f2fd2f4a 100644 --- a/docs/integrations-in-rancher/fleet/overview.md +++ b/docs/integrations-in-rancher/fleet/overview.md @@ -26,7 +26,7 @@ Users can leverage continuous delivery to deploy their applications to the Kuber Follow the steps below to access Continuous Delivery in the Rancher UI: -1. Click **☰ > Continous Delivery**. +1. Click **☰ > Continuous Delivery**. 1. Select your namespace at the top of the menu, noting the following: diff --git a/docs/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md b/docs/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md index 6ec07fe1906f..0ae19ccfd55e 100644 --- a/docs/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md +++ b/docs/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md @@ -337,7 +337,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by K3s. -For more information about how K3s manges packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). +For more information about how K3s manages packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). Example: diff --git a/docs/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md b/docs/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md index aab9b19794a6..3e25f9ed61b0 100644 --- a/docs/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md +++ b/docs/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md @@ -367,7 +367,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by RKE2. -For more information about how RKE2 manges packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). +For more information about how RKE2 manages packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). Example: diff --git a/docs/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md b/docs/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md index 45e8fba4b02e..439068d4c12f 100644 --- a/docs/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md +++ b/docs/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md @@ -9,7 +9,7 @@ description: To create a cluster with custom nodes, you’ll need to access serv When you create a custom cluster, Rancher uses RKE (the Rancher Kubernetes Engine) to create a Kubernetes cluster in on-prem bare-metal servers, on-prem virtual machines, or in any node hosted by an infrastructure provider. -To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you willl also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. +To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you will also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. This section describes how to set up a custom cluster. diff --git a/docs/reference-guides/monitoring-v2-configuration/receivers.md b/docs/reference-guides/monitoring-v2-configuration/receivers.md index b1237e3646b3..14f505312611 100644 --- a/docs/reference-guides/monitoring-v2-configuration/receivers.md +++ b/docs/reference-guides/monitoring-v2-configuration/receivers.md @@ -339,14 +339,14 @@ route: routes: - match: service: database - receiver: 'database-notifcations' + receiver: 'database-notifications' receivers: - name: 'pagerduty-notifications' pagerduty_configs: - service_key: 'primary-integration-key' -- name: 'database-notifcations' +- name: 'database-notifications' pagerduty_configs: - service_key: 'database-integration-key' ``` diff --git a/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c34143594e84..8e7517e6ee9d 100644 --- a/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3032,8 +3032,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0b199590889f..ca68e4773d1f 100644 --- a/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3087,8 +3087,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index fe6b3ef299c6..b45777378006 100644 --- a/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/docs/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -3094,8 +3094,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c71bf5a9d23b..15e718bcf1fe 100644 --- a/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -1352,7 +1352,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2884,8 +2884,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabilities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index c98de564bf18..124e4ded4323 100644 --- a/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -1298,7 +1298,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2843,8 +2843,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index ac002a203698..0addae6e357a 100644 --- a/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/docs/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2744,8 +2744,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index d9145e2ce852..a0249ab3098d 100644 --- a/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3019,8 +3019,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0e74634d09d4..352819304339 100644 --- a/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3020,8 +3020,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index c93773a62a76..5b0ee79d60a9 100644 --- a/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/docs/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2846,8 +2846,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/docs/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md b/docs/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md index adecdecde120..d7ec350197be 100644 --- a/docs/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md +++ b/docs/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md @@ -6,7 +6,7 @@ title: User ID Tracking in Audit Logs -The following audit logs are used in Rancher to track events occuring on the local and downstream clusters: +The following audit logs are used in Rancher to track events occurring on the local and downstream clusters: * [Kubernetes Audit Logs](https://rancher.com/docs/rke/latest/en/config-options/audit-log/) * [Rancher API Audit Logs](../../how-to-guides/advanced-user-guides/enable-api-audit-log.md) diff --git a/versioned_docs/version-2.10/api/workflows/projects.md b/versioned_docs/version-2.10/api/workflows/projects.md index 7b7ced1e6d04..bad30e887248 100644 --- a/versioned_docs/version-2.10/api/workflows/projects.md +++ b/versioned_docs/version-2.10/api/workflows/projects.md @@ -160,7 +160,7 @@ kubectl --namespace p-vwxyz get projectroletemplatebindings ## Deleting a Member From a Project -Lookup the projectroletemplatebinding IDs containing the member in the project's namespace as decribed in the [Listing Project Members](#listing-project-members) section. +Lookup the projectroletemplatebinding IDs containing the member in the project's namespace as described in the [Listing Project Members](#listing-project-members) section. Delete the projectroletemplatebinding from the project's namespace: diff --git a/versioned_docs/version-2.10/getting-started/installation-and-upgrade/installation-references/tls-settings.md b/versioned_docs/version-2.10/getting-started/installation-and-upgrade/installation-references/tls-settings.md index bbde2c615606..c2bf6e785cbb 100644 --- a/versioned_docs/version-2.10/getting-started/installation-and-upgrade/installation-references/tls-settings.md +++ b/versioned_docs/version-2.10/getting-started/installation-and-upgrade/installation-references/tls-settings.md @@ -40,7 +40,7 @@ In Rancher v2.9.0 and later, this setting defaults to `strict` on new installs. Each cluster contains a condition in the status field called `AgentTlsStrictCheck`. If `AgentTlsStrictCheck` is set to `"True"`, this indicates that the agents for the cluster are ready to operate in `strict` mode. You can manually inspect each cluster to see if they are ready using the Rancher UI or a kubectl command such as the following: ```bash -## the below command skips ouputs $CLUSTER_NAME,$STATUS for all non-local clusters +## the below command skips outputs $CLUSTER_NAME,$STATUS for all non-local clusters kubectl get cluster.management.cattle.io -o jsonpath='{range .items[?(@.metadata.name!="local")]}{.metadata.name},{.status.conditions[?(@.type=="AgentTlsStrictCheck")].status}{"\n"}{end}' ``` diff --git a/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md b/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md index b3f2f9a3a099..3e5af11ae935 100644 --- a/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md +++ b/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md @@ -168,7 +168,7 @@ $ ldapsearch -x -D "acme\jdoe" -w "secret" -p 389 \ -h ad.acme.com -b "dc=acme,dc=com" -s sub "sAMAccountName=jdoe" ``` -This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountNam=jdoe`), returning the attributes for said user: +This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountName=jdoe`), returning the attributes for said user: ![](/img/ldapsearch-user.png) diff --git a/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md b/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md index a51b1328cd0b..7aae2bf870c6 100644 --- a/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md +++ b/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md @@ -23,7 +23,7 @@ The diagram below illustrates how members of an OpenLDAP group can access resour For example, a cluster owner could add an OpenLDAP group to a cluster so that they have permissions view most cluster level resources and create new projects. Then the OpenLDAP group members will have access to the cluster as soon as they log in to Rancher. -In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning persmissions. Without OpenLDAP, the functionality to search for groups would not be supported. +In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning permissions. Without OpenLDAP, the functionality to search for groups would not be supported. When a member of the OpenLDAP group logs in to Rancher, she is redirected to Shibboleth and enters her username and password. diff --git a/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md b/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md index b9847ee8d9f9..0a199a560500 100644 --- a/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md +++ b/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md @@ -35,7 +35,7 @@ The global default registry is intended to be used in air-gapped setups, for reg Most private registries should work, by default, with RKE2 downstream clusters. -However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formated like this: `website/subdomain:portnumber`. +However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formatted like this: `website/subdomain:portnumber`. 1. Select **☰ > Cluster Management**. 1. Find the RKE2 cluster in the list and click **⋮ >Edit Config**. diff --git a/versioned_docs/version-2.10/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md b/versioned_docs/version-2.10/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md index 3d5025a8c43d..d9b231e395ac 100644 --- a/versioned_docs/version-2.10/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md +++ b/versioned_docs/version-2.10/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md @@ -242,7 +242,7 @@ Rancher and Partner charts may have extra configurations available through custo To view all recent changes, click **Apps > Recent Operations** in the left navigation menu. From there you can view the calls, conditions, events, and logs. -After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during inital installation. +After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during initial installation. Most Rancher tools have additional pages located in the toolbar below the **Apps** section to help manage and use the features. These pages include links to dashboards, forms to easily add Custom Resources, and additional information. @@ -301,4 +301,4 @@ To migrate, follow these steps: - When determining the most recent version to display for the **Upgradable** column on the **Apps > Installed Apps** page, rather than only considering versions of the Helm chart from the repository it was installed from, Rancher considers versions of the Helm chart from all repositories on the cluster. For example, suppose you install `cert-manager` v1.13.0 from repository A, where v1.14.0 is now the most recent version available. In this case, you expect **Upgradable** to display v1.14.0. However, if the cluster also has access to repository B where v1.15.0 of `cert-manager` is available, then **Upgradable** displays v1.15.0 even though the original installation used repository A. - \ No newline at end of file + diff --git a/versioned_docs/version-2.10/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md b/versioned_docs/version-2.10/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md index b49ca3f3ca36..190219ac5844 100644 --- a/versioned_docs/version-2.10/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md +++ b/versioned_docs/version-2.10/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md @@ -322,7 +322,7 @@ Existing clusters that use an **External** cloud provider will set `--cloud-prov 3. Install the AWS cloud controller manager after the cluster finishes provisioning. Note that the cluster isn't successfully provisioned and nodes are still in an `uninitialized` state until you deploy the cloud controller manager. This can be done manually, or via [Helm charts in UI](#helm-chart-installation-from-ui). -Refer to the offical AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). +Refer to the official AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). diff --git a/versioned_docs/version-2.10/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md b/versioned_docs/version-2.10/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md index 3e97882659ce..bf695acd120e 100644 --- a/versioned_docs/version-2.10/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md +++ b/versioned_docs/version-2.10/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md @@ -47,7 +47,7 @@ When using ingresses in a project, you can program the ingress hostname to an ex ## Service Discovery -After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolveable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. +After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolvable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. For more information, see [Service Discovery](create-services.md). diff --git a/versioned_docs/version-2.10/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md b/versioned_docs/version-2.10/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md index 66a81355f0e9..909536bcdaaa 100644 --- a/versioned_docs/version-2.10/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md +++ b/versioned_docs/version-2.10/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md @@ -38,7 +38,7 @@ On the **Clusters** page, select **⁝** at the end of each row to view a submen ### Cluster Dashboard -On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** buttton on the **Cluster** page. +On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** button on the **Cluster** page. The **Cluster Dashboard** is also accessible from the Rancher UI **Home** page, by clicking on the name of a cluster. diff --git a/versioned_docs/version-2.10/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md b/versioned_docs/version-2.10/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md index 6a95a95b3ae9..6672a4ddf73c 100644 --- a/versioned_docs/version-2.10/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md +++ b/versioned_docs/version-2.10/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md @@ -229,7 +229,7 @@ On AWS EC2, we should create a few objects to configure our system. We've define PUBLIC_IP=$(curl -H "X-aws-ec2-metadata-token: ${TOKEN}" -s http://169.254.169.254/latest/meta-data/public-ipv4) K8S_ROLES="--worker" - sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} + sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} ``` More info is at [RKE clusters on AWS](../../../new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md) and [Cluster Autoscaler on AWS.](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md) diff --git a/versioned_docs/version-2.10/integrations-in-rancher/fleet/overview.md b/versioned_docs/version-2.10/integrations-in-rancher/fleet/overview.md index c2787aaa4219..02718af54d36 100644 --- a/versioned_docs/version-2.10/integrations-in-rancher/fleet/overview.md +++ b/versioned_docs/version-2.10/integrations-in-rancher/fleet/overview.md @@ -23,7 +23,7 @@ Users can leverage continuous delivery to deploy their applications to the Kuber Follow the steps below to access Continuous Delivery in the Rancher UI: -1. Click **☰ > Continous Delivery**. +1. Click **☰ > Continuous Delivery**. 1. Select your namespace at the top of the menu, noting the following: diff --git a/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md b/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md index 6ec07fe1906f..0ae19ccfd55e 100644 --- a/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md +++ b/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md @@ -337,7 +337,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by K3s. -For more information about how K3s manges packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). +For more information about how K3s manages packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). Example: diff --git a/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md b/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md index aab9b19794a6..3e25f9ed61b0 100644 --- a/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md +++ b/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md @@ -367,7 +367,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by RKE2. -For more information about how RKE2 manges packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). +For more information about how RKE2 manages packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). Example: diff --git a/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md b/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md index 45e8fba4b02e..439068d4c12f 100644 --- a/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md +++ b/versioned_docs/version-2.10/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md @@ -9,7 +9,7 @@ description: To create a cluster with custom nodes, you’ll need to access serv When you create a custom cluster, Rancher uses RKE (the Rancher Kubernetes Engine) to create a Kubernetes cluster in on-prem bare-metal servers, on-prem virtual machines, or in any node hosted by an infrastructure provider. -To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you willl also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. +To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you will also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. This section describes how to set up a custom cluster. diff --git a/versioned_docs/version-2.10/reference-guides/monitoring-v2-configuration/receivers.md b/versioned_docs/version-2.10/reference-guides/monitoring-v2-configuration/receivers.md index b1237e3646b3..14f505312611 100644 --- a/versioned_docs/version-2.10/reference-guides/monitoring-v2-configuration/receivers.md +++ b/versioned_docs/version-2.10/reference-guides/monitoring-v2-configuration/receivers.md @@ -339,14 +339,14 @@ route: routes: - match: service: database - receiver: 'database-notifcations' + receiver: 'database-notifications' receivers: - name: 'pagerduty-notifications' pagerduty_configs: - service_key: 'primary-integration-key' -- name: 'database-notifcations' +- name: 'database-notifications' pagerduty_configs: - service_key: 'database-integration-key' ``` diff --git a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c34143594e84..8e7517e6ee9d 100644 --- a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3032,8 +3032,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0b199590889f..ca68e4773d1f 100644 --- a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3087,8 +3087,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index fe6b3ef299c6..b45777378006 100644 --- a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -3094,8 +3094,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c71bf5a9d23b..859dec8afad1 100644 --- a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -1352,7 +1352,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2884,8 +2884,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index c98de564bf18..124e4ded4323 100644 --- a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -1298,7 +1298,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2843,8 +2843,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index ac002a203698..0addae6e357a 100644 --- a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2744,8 +2744,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index d9145e2ce852..a0249ab3098d 100644 --- a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3019,8 +3019,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0e74634d09d4..352819304339 100644 --- a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3020,8 +3020,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index c93773a62a76..5b0ee79d60a9 100644 --- a/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.10/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2846,8 +2846,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.10/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md b/versioned_docs/version-2.10/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md index adecdecde120..d7ec350197be 100644 --- a/versioned_docs/version-2.10/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md +++ b/versioned_docs/version-2.10/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md @@ -6,7 +6,7 @@ title: User ID Tracking in Audit Logs -The following audit logs are used in Rancher to track events occuring on the local and downstream clusters: +The following audit logs are used in Rancher to track events occurring on the local and downstream clusters: * [Kubernetes Audit Logs](https://rancher.com/docs/rke/latest/en/config-options/audit-log/) * [Rancher API Audit Logs](../../how-to-guides/advanced-user-guides/enable-api-audit-log.md) diff --git a/versioned_docs/version-2.11/api/workflows/projects.md b/versioned_docs/version-2.11/api/workflows/projects.md index 7b7ced1e6d04..bad30e887248 100644 --- a/versioned_docs/version-2.11/api/workflows/projects.md +++ b/versioned_docs/version-2.11/api/workflows/projects.md @@ -160,7 +160,7 @@ kubectl --namespace p-vwxyz get projectroletemplatebindings ## Deleting a Member From a Project -Lookup the projectroletemplatebinding IDs containing the member in the project's namespace as decribed in the [Listing Project Members](#listing-project-members) section. +Lookup the projectroletemplatebinding IDs containing the member in the project's namespace as described in the [Listing Project Members](#listing-project-members) section. Delete the projectroletemplatebinding from the project's namespace: diff --git a/versioned_docs/version-2.11/getting-started/installation-and-upgrade/installation-references/feature-flags.md b/versioned_docs/version-2.11/getting-started/installation-and-upgrade/installation-references/feature-flags.md index ce153bce5995..24d2d0b7dade 100644 --- a/versioned_docs/version-2.11/getting-started/installation-and-upgrade/installation-references/feature-flags.md +++ b/versioned_docs/version-2.11/getting-started/installation-and-upgrade/installation-references/feature-flags.md @@ -40,7 +40,7 @@ The following table shows the availability and default values for some feature f | Feature Flag Name | Default Value | Status | Available As Of | Additional Information | | ----------------------------- | ------------- | ------------ | --------------- | ---------------------- | -| `aggregated-roletemplates` | `false` | Highly experimentatl | v2.11.0 | This flag value is locked on install and can't be changed. | +| `aggregated-roletemplates` | `false` | Highly experimental | v2.11.0 | This flag value is locked on install and can't be changed. | | `clean-stale-secrets` | `true` | GA | v2.10.2 | | | `continuous-delivery` | `true` | GA | v2.6.0 | | | `external-rules` | v2.7.14: `false`, v2.8.5: `true` | Removed | v2.7.14, v2.8.5 | This flag affected [external `RoleTemplate` behavior](../../../how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md#external-roletemplate-behavior). It is removed in Rancher v2.9.0 and later as the behavior is enabled by default. | diff --git a/versioned_docs/version-2.11/getting-started/installation-and-upgrade/installation-references/tls-settings.md b/versioned_docs/version-2.11/getting-started/installation-and-upgrade/installation-references/tls-settings.md index bbde2c615606..c2bf6e785cbb 100644 --- a/versioned_docs/version-2.11/getting-started/installation-and-upgrade/installation-references/tls-settings.md +++ b/versioned_docs/version-2.11/getting-started/installation-and-upgrade/installation-references/tls-settings.md @@ -40,7 +40,7 @@ In Rancher v2.9.0 and later, this setting defaults to `strict` on new installs. Each cluster contains a condition in the status field called `AgentTlsStrictCheck`. If `AgentTlsStrictCheck` is set to `"True"`, this indicates that the agents for the cluster are ready to operate in `strict` mode. You can manually inspect each cluster to see if they are ready using the Rancher UI or a kubectl command such as the following: ```bash -## the below command skips ouputs $CLUSTER_NAME,$STATUS for all non-local clusters +## the below command skips outputs $CLUSTER_NAME,$STATUS for all non-local clusters kubectl get cluster.management.cattle.io -o jsonpath='{range .items[?(@.metadata.name!="local")]}{.metadata.name},{.status.conditions[?(@.type=="AgentTlsStrictCheck")].status}{"\n"}{end}' ``` diff --git a/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md b/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md index b3f2f9a3a099..3e5af11ae935 100644 --- a/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md +++ b/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md @@ -168,7 +168,7 @@ $ ldapsearch -x -D "acme\jdoe" -w "secret" -p 389 \ -h ad.acme.com -b "dc=acme,dc=com" -s sub "sAMAccountName=jdoe" ``` -This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountNam=jdoe`), returning the attributes for said user: +This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountName=jdoe`), returning the attributes for said user: ![](/img/ldapsearch-user.png) diff --git a/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md b/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md index a51b1328cd0b..7aae2bf870c6 100644 --- a/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md +++ b/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md @@ -23,7 +23,7 @@ The diagram below illustrates how members of an OpenLDAP group can access resour For example, a cluster owner could add an OpenLDAP group to a cluster so that they have permissions view most cluster level resources and create new projects. Then the OpenLDAP group members will have access to the cluster as soon as they log in to Rancher. -In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning persmissions. Without OpenLDAP, the functionality to search for groups would not be supported. +In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning permissions. Without OpenLDAP, the functionality to search for groups would not be supported. When a member of the OpenLDAP group logs in to Rancher, she is redirected to Shibboleth and enters her username and password. diff --git a/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md b/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md index b9847ee8d9f9..0a199a560500 100644 --- a/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md +++ b/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md @@ -35,7 +35,7 @@ The global default registry is intended to be used in air-gapped setups, for reg Most private registries should work, by default, with RKE2 downstream clusters. -However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formated like this: `website/subdomain:portnumber`. +However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formatted like this: `website/subdomain:portnumber`. 1. Select **☰ > Cluster Management**. 1. Find the RKE2 cluster in the list and click **⋮ >Edit Config**. diff --git a/versioned_docs/version-2.11/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md b/versioned_docs/version-2.11/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md index 3d5025a8c43d..d9b231e395ac 100644 --- a/versioned_docs/version-2.11/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md +++ b/versioned_docs/version-2.11/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md @@ -242,7 +242,7 @@ Rancher and Partner charts may have extra configurations available through custo To view all recent changes, click **Apps > Recent Operations** in the left navigation menu. From there you can view the calls, conditions, events, and logs. -After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during inital installation. +After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during initial installation. Most Rancher tools have additional pages located in the toolbar below the **Apps** section to help manage and use the features. These pages include links to dashboards, forms to easily add Custom Resources, and additional information. @@ -301,4 +301,4 @@ To migrate, follow these steps: - When determining the most recent version to display for the **Upgradable** column on the **Apps > Installed Apps** page, rather than only considering versions of the Helm chart from the repository it was installed from, Rancher considers versions of the Helm chart from all repositories on the cluster. For example, suppose you install `cert-manager` v1.13.0 from repository A, where v1.14.0 is now the most recent version available. In this case, you expect **Upgradable** to display v1.14.0. However, if the cluster also has access to repository B where v1.15.0 of `cert-manager` is available, then **Upgradable** displays v1.15.0 even though the original installation used repository A. - \ No newline at end of file + diff --git a/versioned_docs/version-2.11/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md b/versioned_docs/version-2.11/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md index b49ca3f3ca36..190219ac5844 100644 --- a/versioned_docs/version-2.11/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md +++ b/versioned_docs/version-2.11/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md @@ -322,7 +322,7 @@ Existing clusters that use an **External** cloud provider will set `--cloud-prov 3. Install the AWS cloud controller manager after the cluster finishes provisioning. Note that the cluster isn't successfully provisioned and nodes are still in an `uninitialized` state until you deploy the cloud controller manager. This can be done manually, or via [Helm charts in UI](#helm-chart-installation-from-ui). -Refer to the offical AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). +Refer to the official AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). diff --git a/versioned_docs/version-2.11/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md b/versioned_docs/version-2.11/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md index 3e97882659ce..bf695acd120e 100644 --- a/versioned_docs/version-2.11/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md +++ b/versioned_docs/version-2.11/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md @@ -47,7 +47,7 @@ When using ingresses in a project, you can program the ingress hostname to an ex ## Service Discovery -After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolveable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. +After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolvable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. For more information, see [Service Discovery](create-services.md). diff --git a/versioned_docs/version-2.11/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md b/versioned_docs/version-2.11/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md index 66a81355f0e9..909536bcdaaa 100644 --- a/versioned_docs/version-2.11/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md +++ b/versioned_docs/version-2.11/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md @@ -38,7 +38,7 @@ On the **Clusters** page, select **⁝** at the end of each row to view a submen ### Cluster Dashboard -On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** buttton on the **Cluster** page. +On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** button on the **Cluster** page. The **Cluster Dashboard** is also accessible from the Rancher UI **Home** page, by clicking on the name of a cluster. diff --git a/versioned_docs/version-2.11/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md b/versioned_docs/version-2.11/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md index 6a95a95b3ae9..6672a4ddf73c 100644 --- a/versioned_docs/version-2.11/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md +++ b/versioned_docs/version-2.11/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md @@ -229,7 +229,7 @@ On AWS EC2, we should create a few objects to configure our system. We've define PUBLIC_IP=$(curl -H "X-aws-ec2-metadata-token: ${TOKEN}" -s http://169.254.169.254/latest/meta-data/public-ipv4) K8S_ROLES="--worker" - sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} + sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} ``` More info is at [RKE clusters on AWS](../../../new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md) and [Cluster Autoscaler on AWS.](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md) diff --git a/versioned_docs/version-2.11/integrations-in-rancher/fleet/overview.md b/versioned_docs/version-2.11/integrations-in-rancher/fleet/overview.md index a490bf14dad7..efe2f2fd2f4a 100644 --- a/versioned_docs/version-2.11/integrations-in-rancher/fleet/overview.md +++ b/versioned_docs/version-2.11/integrations-in-rancher/fleet/overview.md @@ -26,7 +26,7 @@ Users can leverage continuous delivery to deploy their applications to the Kuber Follow the steps below to access Continuous Delivery in the Rancher UI: -1. Click **☰ > Continous Delivery**. +1. Click **☰ > Continuous Delivery**. 1. Select your namespace at the top of the menu, noting the following: diff --git a/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md b/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md index 6ec07fe1906f..0ae19ccfd55e 100644 --- a/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md +++ b/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md @@ -337,7 +337,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by K3s. -For more information about how K3s manges packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). +For more information about how K3s manages packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). Example: diff --git a/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md b/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md index aab9b19794a6..3e25f9ed61b0 100644 --- a/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md +++ b/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md @@ -367,7 +367,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by RKE2. -For more information about how RKE2 manges packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). +For more information about how RKE2 manages packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). Example: diff --git a/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md b/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md index 45e8fba4b02e..439068d4c12f 100644 --- a/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md +++ b/versioned_docs/version-2.11/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md @@ -9,7 +9,7 @@ description: To create a cluster with custom nodes, you’ll need to access serv When you create a custom cluster, Rancher uses RKE (the Rancher Kubernetes Engine) to create a Kubernetes cluster in on-prem bare-metal servers, on-prem virtual machines, or in any node hosted by an infrastructure provider. -To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you willl also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. +To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you will also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. This section describes how to set up a custom cluster. diff --git a/versioned_docs/version-2.11/reference-guides/monitoring-v2-configuration/receivers.md b/versioned_docs/version-2.11/reference-guides/monitoring-v2-configuration/receivers.md index b1237e3646b3..14f505312611 100644 --- a/versioned_docs/version-2.11/reference-guides/monitoring-v2-configuration/receivers.md +++ b/versioned_docs/version-2.11/reference-guides/monitoring-v2-configuration/receivers.md @@ -339,14 +339,14 @@ route: routes: - match: service: database - receiver: 'database-notifcations' + receiver: 'database-notifications' receivers: - name: 'pagerduty-notifications' pagerduty_configs: - service_key: 'primary-integration-key' -- name: 'database-notifcations' +- name: 'database-notifications' pagerduty_configs: - service_key: 'database-integration-key' ``` diff --git a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c34143594e84..8e7517e6ee9d 100644 --- a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3032,8 +3032,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0b199590889f..ca68e4773d1f 100644 --- a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3087,8 +3087,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index fe6b3ef299c6..b45777378006 100644 --- a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -3094,8 +3094,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c71bf5a9d23b..859dec8afad1 100644 --- a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -1352,7 +1352,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2884,8 +2884,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index c98de564bf18..124e4ded4323 100644 --- a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -1298,7 +1298,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2843,8 +2843,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index ac002a203698..0addae6e357a 100644 --- a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2744,8 +2744,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index d9145e2ce852..a0249ab3098d 100644 --- a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3019,8 +3019,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0e74634d09d4..352819304339 100644 --- a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3020,8 +3020,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index c93773a62a76..5b0ee79d60a9 100644 --- a/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.11/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2846,8 +2846,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.11/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md b/versioned_docs/version-2.11/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md index adecdecde120..d7ec350197be 100644 --- a/versioned_docs/version-2.11/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md +++ b/versioned_docs/version-2.11/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md @@ -6,7 +6,7 @@ title: User ID Tracking in Audit Logs -The following audit logs are used in Rancher to track events occuring on the local and downstream clusters: +The following audit logs are used in Rancher to track events occurring on the local and downstream clusters: * [Kubernetes Audit Logs](https://rancher.com/docs/rke/latest/en/config-options/audit-log/) * [Rancher API Audit Logs](../../how-to-guides/advanced-user-guides/enable-api-audit-log.md) diff --git a/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/authentication-config.md b/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/authentication-config.md index 7a6b7f7c0dd3..e2d105d5f947 100644 --- a/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/authentication-config.md +++ b/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/authentication-config.md @@ -138,7 +138,7 @@ When you disable an auth provider, Rancher deletes all resources associated with - External users associated with the provider, who never logged in as local users to Rancher As this operation may lead to a loss of many resources, you may want to add a safeguard on the provider. -To ensure this cleanup process doesn't run when the auth provider is disabled, add a special annoation to the corresponding auth config. +To ensure this cleanup process doesn't run when the auth provider is disabled, add a special annotation to the corresponding auth config. For example, to add a safeguard to the Azure AD provider, annotate the `azuread` authconfig object: diff --git a/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md b/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md index c98a89864fa8..f8ed8ebd28ec 100644 --- a/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md +++ b/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md @@ -168,7 +168,7 @@ $ ldapsearch -x -D "acme\jdoe" -w "secret" -p 389 \ -h ad.acme.com -b "dc=acme,dc=com" -s sub "sAMAccountName=jdoe" ``` -This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountNam=jdoe`), returning the attributes for said user: +This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountName=jdoe`), returning the attributes for said user: ![](/img/ldapsearch-user.png) diff --git a/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md b/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md index a51b1328cd0b..7aae2bf870c6 100644 --- a/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md +++ b/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md @@ -23,7 +23,7 @@ The diagram below illustrates how members of an OpenLDAP group can access resour For example, a cluster owner could add an OpenLDAP group to a cluster so that they have permissions view most cluster level resources and create new projects. Then the OpenLDAP group members will have access to the cluster as soon as they log in to Rancher. -In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning persmissions. Without OpenLDAP, the functionality to search for groups would not be supported. +In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning permissions. Without OpenLDAP, the functionality to search for groups would not be supported. When a member of the OpenLDAP group logs in to Rancher, she is redirected to Shibboleth and enters her username and password. diff --git a/versioned_docs/version-2.6/how-to-guides/new-user-guides/deploy-apps-across-clusters/fleet.md b/versioned_docs/version-2.6/how-to-guides/new-user-guides/deploy-apps-across-clusters/fleet.md index 29de0d33870c..df2edc187522 100644 --- a/versioned_docs/version-2.6/how-to-guides/new-user-guides/deploy-apps-across-clusters/fleet.md +++ b/versioned_docs/version-2.6/how-to-guides/new-user-guides/deploy-apps-across-clusters/fleet.md @@ -20,7 +20,7 @@ For information about how Fleet works, see [this page.](../../../integrations-in ## Accessing Fleet in the Rancher UI -Fleet comes preinstalled in Rancher and is managed by the **Continous Delivery** option in the Rancher UI. For additional information on Continuous Delivery and other Fleet troubleshooting tips, refer [here](https://fleet.rancher.io/troubleshooting). +Fleet comes preinstalled in Rancher and is managed by the **Continuous Delivery** option in the Rancher UI. For additional information on Continuous Delivery and other Fleet troubleshooting tips, refer [here](https://fleet.rancher.io/troubleshooting). Users can leverage continuous delivery to deploy their applications to the Kubernetes clusters in the git repository without any manual operation by following **gitops** practice. diff --git a/versioned_docs/version-2.6/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md b/versioned_docs/version-2.6/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md index 53c50d058552..99bb7a12164b 100644 --- a/versioned_docs/version-2.6/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md +++ b/versioned_docs/version-2.6/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md @@ -47,7 +47,7 @@ When using ingresses in a project, you can program the ingress hostname to an ex ## Service Discovery -After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolveable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. +After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolvable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. For more information, see [Service Discovery](create-services.md). diff --git a/versioned_docs/version-2.6/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md b/versioned_docs/version-2.6/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md index 6a95a95b3ae9..6672a4ddf73c 100644 --- a/versioned_docs/version-2.6/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md +++ b/versioned_docs/version-2.6/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md @@ -229,7 +229,7 @@ On AWS EC2, we should create a few objects to configure our system. We've define PUBLIC_IP=$(curl -H "X-aws-ec2-metadata-token: ${TOKEN}" -s http://169.254.169.254/latest/meta-data/public-ipv4) K8S_ROLES="--worker" - sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} + sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} ``` More info is at [RKE clusters on AWS](../../../new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md) and [Cluster Autoscaler on AWS.](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md) diff --git a/versioned_docs/version-2.6/integrations-in-rancher/fleet-gitops-at-scale/fleet-gitops-at-scale.md b/versioned_docs/version-2.6/integrations-in-rancher/fleet-gitops-at-scale/fleet-gitops-at-scale.md index 6cbe1839d464..4e3374beace1 100644 --- a/versioned_docs/version-2.6/integrations-in-rancher/fleet-gitops-at-scale/fleet-gitops-at-scale.md +++ b/versioned_docs/version-2.6/integrations-in-rancher/fleet-gitops-at-scale/fleet-gitops-at-scale.md @@ -26,7 +26,7 @@ Users can leverage continuous delivery to deploy their applications to the Kuber Follow the steps below to access Continuous Delivery in the Rancher UI: -1. Click **☰ > Continous Delivery**. +1. Click **☰ > Continuous Delivery**. 1. Select your namespace at the top of the menu, noting the following: @@ -68,4 +68,4 @@ The Helm chart in the git repository must include its dependencies in the charts ## Documentation -The Fleet documentation is at https://fleet.rancher.io/. \ No newline at end of file +The Fleet documentation is at https://fleet.rancher.io/. diff --git a/versioned_docs/version-2.6/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md b/versioned_docs/version-2.6/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md index 7f3f0010d094..88bfcff7e864 100644 --- a/versioned_docs/version-2.6/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md +++ b/versioned_docs/version-2.6/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md @@ -120,7 +120,7 @@ Select the image repository to pull Rancher images from. For more details and co ### Upgrade Strategy -#### Controle Plane Concurrency +#### Control Plane Concurrency Select how many nodes can be upgraded at the same time. Can be a fixed number or percentage. diff --git a/versioned_docs/version-2.6/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md b/versioned_docs/version-2.6/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md index 45e8fba4b02e..439068d4c12f 100644 --- a/versioned_docs/version-2.6/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md +++ b/versioned_docs/version-2.6/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md @@ -9,7 +9,7 @@ description: To create a cluster with custom nodes, you’ll need to access serv When you create a custom cluster, Rancher uses RKE (the Rancher Kubernetes Engine) to create a Kubernetes cluster in on-prem bare-metal servers, on-prem virtual machines, or in any node hosted by an infrastructure provider. -To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you willl also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. +To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you will also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. This section describes how to set up a custom cluster. diff --git a/versioned_docs/version-2.6/reference-guides/monitoring-v2-configuration/receivers.md b/versioned_docs/version-2.6/reference-guides/monitoring-v2-configuration/receivers.md index fa55d466451c..34956b381a95 100644 --- a/versioned_docs/version-2.6/reference-guides/monitoring-v2-configuration/receivers.md +++ b/versioned_docs/version-2.6/reference-guides/monitoring-v2-configuration/receivers.md @@ -285,14 +285,14 @@ route: routes: - match: service: database - receiver: 'database-notifcations' + receiver: 'database-notifications' receivers: - name: 'pagerduty-notifications' pagerduty_configs: - service_key: 'primary-integration-key' -- name: 'database-notifcations' +- name: 'database-notifications' pagerduty_configs: - service_key: 'database-integration-key' ``` diff --git a/versioned_docs/version-2.6/reference-guides/rancher-security/rancher-v2.6-hardening-guides/rke1-self-assessment-guide-with-cis-v1.6-benchmark.md b/versioned_docs/version-2.6/reference-guides/rancher-security/rancher-v2.6-hardening-guides/rke1-self-assessment-guide-with-cis-v1.6-benchmark.md index 053964667971..b563d6a8721f 100644 --- a/versioned_docs/version-2.6/reference-guides/rancher-security/rancher-v2.6-hardening-guides/rke1-self-assessment-guide-with-cis-v1.6-benchmark.md +++ b/versioned_docs/version-2.6/reference-guides/rancher-security/rancher-v2.6-hardening-guides/rke1-self-assessment-guide-with-cis-v1.6-benchmark.md @@ -1467,7 +1467,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2909,8 +2909,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications runnning on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ## 5.3 Network Policies and CNI diff --git a/versioned_docs/version-2.6/reference-guides/rancher-security/rancher-v2.6-hardening-guides/rke2-self-assessment-guide-with-cis-v1.6-benchmark.md b/versioned_docs/version-2.6/reference-guides/rancher-security/rancher-v2.6-hardening-guides/rke2-self-assessment-guide-with-cis-v1.6-benchmark.md index 0d78995947b5..1ab38657edcc 100644 --- a/versioned_docs/version-2.6/reference-guides/rancher-security/rancher-v2.6-hardening-guides/rke2-self-assessment-guide-with-cis-v1.6-benchmark.md +++ b/versioned_docs/version-2.6/reference-guides/rancher-security/rancher-v2.6-hardening-guides/rke2-self-assessment-guide-with-cis-v1.6-benchmark.md @@ -3158,8 +3158,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications runnning on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ## 5.3 Network Policies and CNI diff --git a/versioned_docs/version-2.6/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md b/versioned_docs/version-2.6/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md index 6a25ae1565e9..ff65ced5b480 100644 --- a/versioned_docs/version-2.6/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md +++ b/versioned_docs/version-2.6/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md @@ -6,7 +6,7 @@ title: User ID Tracking in Audit Logs -The following audit logs are used in Rancher to track events occuring on the local and downstream clusters: +The following audit logs are used in Rancher to track events occurring on the local and downstream clusters: * [Kubernetes Audit Logs](https://rancher.com/docs/rke/latest/en/config-options/audit-log/) * [Rancher API Audit Logs](../../how-to-guides/advanced-user-guides/enable-api-audit-log.md) diff --git a/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md b/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md index b3f2f9a3a099..3e5af11ae935 100644 --- a/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md +++ b/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md @@ -168,7 +168,7 @@ $ ldapsearch -x -D "acme\jdoe" -w "secret" -p 389 \ -h ad.acme.com -b "dc=acme,dc=com" -s sub "sAMAccountName=jdoe" ``` -This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountNam=jdoe`), returning the attributes for said user: +This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountName=jdoe`), returning the attributes for said user: ![](/img/ldapsearch-user.png) diff --git a/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md b/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md index a51b1328cd0b..7aae2bf870c6 100644 --- a/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md +++ b/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md @@ -23,7 +23,7 @@ The diagram below illustrates how members of an OpenLDAP group can access resour For example, a cluster owner could add an OpenLDAP group to a cluster so that they have permissions view most cluster level resources and create new projects. Then the OpenLDAP group members will have access to the cluster as soon as they log in to Rancher. -In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning persmissions. Without OpenLDAP, the functionality to search for groups would not be supported. +In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning permissions. Without OpenLDAP, the functionality to search for groups would not be supported. When a member of the OpenLDAP group logs in to Rancher, she is redirected to Shibboleth and enters her username and password. diff --git a/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md b/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md index 419b6cba2163..3074760c0a86 100644 --- a/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md +++ b/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md @@ -35,7 +35,7 @@ The global default registry is intended to be used in air-gapped setups, for reg Most private registries should work, by default, with RKE2 downstream clusters. -However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formated like this: `website/subdomain:portnumber`. +However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formatted like this: `website/subdomain:portnumber`. 1. Select **☰ > Cluster Management**. 1. Find the RKE2 cluster in the list and click **⋮ >Edit Config**. diff --git a/versioned_docs/version-2.7/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md b/versioned_docs/version-2.7/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md index 35d5a273dc7d..fc81789cbcdf 100644 --- a/versioned_docs/version-2.7/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md +++ b/versioned_docs/version-2.7/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md @@ -197,7 +197,7 @@ Rancher and Partner charts may have extra configurations available through custo To view all recent changes, click **Apps > Recent Operations** in the left navigation menu. From there you can view the calls, conditions, events, and logs. -After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during inital installation. +After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during initial installation. Most Rancher tools have additional pages located in the toolbar below the **Apps** section to help manage and use the features. These pages include links to dashboards, forms to easily add Custom Resources, and additional information. diff --git a/versioned_docs/version-2.7/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md b/versioned_docs/version-2.7/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md index ecfffcb406ae..b6b984b12c46 100644 --- a/versioned_docs/version-2.7/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md +++ b/versioned_docs/version-2.7/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md @@ -322,7 +322,7 @@ Existing clusters that use an **External** cloud provider will set `--cloud-prov 3. Install the AWS cloud controller manager after the cluster finishes provisioning. Note that the cluster isn't successfully provisioned and nodes are still in an `uninitialized` state until you deploy the cloud controller manager. This can be done manually, or via [Helm charts in UI](#helm-chart-installation-from-ui). -Refer to the offical AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). +Refer to the official AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). diff --git a/versioned_docs/version-2.7/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md b/versioned_docs/version-2.7/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md index 3e97882659ce..bf695acd120e 100644 --- a/versioned_docs/version-2.7/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md +++ b/versioned_docs/version-2.7/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md @@ -47,7 +47,7 @@ When using ingresses in a project, you can program the ingress hostname to an ex ## Service Discovery -After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolveable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. +After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolvable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. For more information, see [Service Discovery](create-services.md). diff --git a/versioned_docs/version-2.7/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md b/versioned_docs/version-2.7/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md index 66a81355f0e9..909536bcdaaa 100644 --- a/versioned_docs/version-2.7/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md +++ b/versioned_docs/version-2.7/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md @@ -38,7 +38,7 @@ On the **Clusters** page, select **⁝** at the end of each row to view a submen ### Cluster Dashboard -On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** buttton on the **Cluster** page. +On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** button on the **Cluster** page. The **Cluster Dashboard** is also accessible from the Rancher UI **Home** page, by clicking on the name of a cluster. diff --git a/versioned_docs/version-2.7/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md b/versioned_docs/version-2.7/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md index 6a95a95b3ae9..6672a4ddf73c 100644 --- a/versioned_docs/version-2.7/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md +++ b/versioned_docs/version-2.7/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md @@ -229,7 +229,7 @@ On AWS EC2, we should create a few objects to configure our system. We've define PUBLIC_IP=$(curl -H "X-aws-ec2-metadata-token: ${TOKEN}" -s http://169.254.169.254/latest/meta-data/public-ipv4) K8S_ROLES="--worker" - sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} + sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} ``` More info is at [RKE clusters on AWS](../../../new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md) and [Cluster Autoscaler on AWS.](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md) diff --git a/versioned_docs/version-2.7/integrations-in-rancher/cloud-marketplace/aws-marketplace-payg-integration/upgrading-rancher-payg-cluster.md b/versioned_docs/version-2.7/integrations-in-rancher/cloud-marketplace/aws-marketplace-payg-integration/upgrading-rancher-payg-cluster.md index 17d8f52198bd..75e633dbffd8 100644 --- a/versioned_docs/version-2.7/integrations-in-rancher/cloud-marketplace/aws-marketplace-payg-integration/upgrading-rancher-payg-cluster.md +++ b/versioned_docs/version-2.7/integrations-in-rancher/cloud-marketplace/aws-marketplace-payg-integration/upgrading-rancher-payg-cluster.md @@ -8,7 +8,7 @@ To upgrade the deployed Helm chart to the latest version, run the following Helm ```shell helm upgrade -n cattle-rancher-csp-deployer-system rancher-cloud --create-namespace \ -oci://709825985650.dkr.ecr.us-east-1.amazonaws.com/suse//rancher-cloud-helm/rancher-cloud \ +oci://709825985650.dkr.ecr.us-east-1.amazonaws.com/suse//rancher-cloud-helm/rancher-cloud \ --version \ --set rancherHostname= \ --set rancherServerURL=https:// \ diff --git a/versioned_docs/version-2.7/integrations-in-rancher/cloud-marketplace/azure-marketplace-payg-integration/installing-rancher-prime.md b/versioned_docs/version-2.7/integrations-in-rancher/cloud-marketplace/azure-marketplace-payg-integration/installing-rancher-prime.md index 9c0ef08fe2f8..d988a46632dc 100644 --- a/versioned_docs/version-2.7/integrations-in-rancher/cloud-marketplace/azure-marketplace-payg-integration/installing-rancher-prime.md +++ b/versioned_docs/version-2.7/integrations-in-rancher/cloud-marketplace/azure-marketplace-payg-integration/installing-rancher-prime.md @@ -35,7 +35,7 @@ On the **Basics** tab, specify the **Project details** and **Instance details**: ### Rancher Configuration -On the **Rancher Configuraion** tab, specify the following information: +On the **Rancher Configuration** tab, specify the following information: ![Rancher Configuration](/img/install-rancher-prime-bootstrap-password.png) diff --git a/versioned_docs/version-2.7/integrations-in-rancher/fleet-gitops-at-scale/fleet-gitops-at-scale.md b/versioned_docs/version-2.7/integrations-in-rancher/fleet-gitops-at-scale/fleet-gitops-at-scale.md index 0175bee24fa5..65b4a493787d 100644 --- a/versioned_docs/version-2.7/integrations-in-rancher/fleet-gitops-at-scale/fleet-gitops-at-scale.md +++ b/versioned_docs/version-2.7/integrations-in-rancher/fleet-gitops-at-scale/fleet-gitops-at-scale.md @@ -26,7 +26,7 @@ Users can leverage continuous delivery to deploy their applications to the Kuber Follow the steps below to access Continuous Delivery in the Rancher UI: -1. Click **☰ > Continous Delivery**. +1. Click **☰ > Continuous Delivery**. 1. Select your namespace at the top of the menu, noting the following: diff --git a/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md b/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md index 6ec07fe1906f..0ae19ccfd55e 100644 --- a/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md +++ b/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md @@ -337,7 +337,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by K3s. -For more information about how K3s manges packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). +For more information about how K3s manages packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). Example: diff --git a/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md b/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md index aab9b19794a6..3e25f9ed61b0 100644 --- a/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md +++ b/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md @@ -367,7 +367,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by RKE2. -For more information about how RKE2 manges packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). +For more information about how RKE2 manages packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). Example: diff --git a/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md b/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md index 45e8fba4b02e..439068d4c12f 100644 --- a/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md +++ b/versioned_docs/version-2.7/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md @@ -9,7 +9,7 @@ description: To create a cluster with custom nodes, you’ll need to access serv When you create a custom cluster, Rancher uses RKE (the Rancher Kubernetes Engine) to create a Kubernetes cluster in on-prem bare-metal servers, on-prem virtual machines, or in any node hosted by an infrastructure provider. -To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you willl also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. +To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you will also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. This section describes how to set up a custom cluster. diff --git a/versioned_docs/version-2.7/reference-guides/monitoring-v2-configuration/receivers.md b/versioned_docs/version-2.7/reference-guides/monitoring-v2-configuration/receivers.md index 79d9749dc187..04df028766a2 100644 --- a/versioned_docs/version-2.7/reference-guides/monitoring-v2-configuration/receivers.md +++ b/versioned_docs/version-2.7/reference-guides/monitoring-v2-configuration/receivers.md @@ -256,14 +256,14 @@ route: routes: - match: service: database - receiver: 'database-notifcations' + receiver: 'database-notifications' receivers: - name: 'pagerduty-notifications' pagerduty_configs: - service_key: 'primary-integration-key' -- name: 'database-notifcations' +- name: 'database-notifications' pagerduty_configs: - service_key: 'database-integration-key' ``` diff --git a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c34143594e84..8e7517e6ee9d 100644 --- a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3032,8 +3032,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0b199590889f..ca68e4773d1f 100644 --- a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3087,8 +3087,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index fe6b3ef299c6..b45777378006 100644 --- a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -3094,8 +3094,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c71bf5a9d23b..859dec8afad1 100644 --- a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -1352,7 +1352,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2884,8 +2884,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index c98de564bf18..124e4ded4323 100644 --- a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -1298,7 +1298,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2843,8 +2843,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index ac002a203698..0addae6e357a 100644 --- a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2744,8 +2744,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index d9145e2ce852..a0249ab3098d 100644 --- a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3019,8 +3019,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0e74634d09d4..352819304339 100644 --- a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3020,8 +3020,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index c93773a62a76..5b0ee79d60a9 100644 --- a/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.7/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2846,8 +2846,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.7/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md b/versioned_docs/version-2.7/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md index adecdecde120..d7ec350197be 100644 --- a/versioned_docs/version-2.7/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md +++ b/versioned_docs/version-2.7/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md @@ -6,7 +6,7 @@ title: User ID Tracking in Audit Logs -The following audit logs are used in Rancher to track events occuring on the local and downstream clusters: +The following audit logs are used in Rancher to track events occurring on the local and downstream clusters: * [Kubernetes Audit Logs](https://rancher.com/docs/rke/latest/en/config-options/audit-log/) * [Rancher API Audit Logs](../../how-to-guides/advanced-user-guides/enable-api-audit-log.md) diff --git a/versioned_docs/version-2.8/api/workflows/projects.md b/versioned_docs/version-2.8/api/workflows/projects.md index d811132828a8..b2d16454f0a4 100644 --- a/versioned_docs/version-2.8/api/workflows/projects.md +++ b/versioned_docs/version-2.8/api/workflows/projects.md @@ -156,7 +156,7 @@ kubectl --namespace p-vwxyz get projectroletemplatebindings ## Deleting a Member From a Project -Lookup the projectroletemplatebinding IDs containing the member in the project's namespace as decribed in the [Listing Project Members](#listing-project-members) section. +Lookup the projectroletemplatebinding IDs containing the member in the project's namespace as described in the [Listing Project Members](#listing-project-members) section. Delete the projectroletemplatebinding from the project's namespace: diff --git a/versioned_docs/version-2.8/getting-started/installation-and-upgrade/installation-references/tls-settings.md b/versioned_docs/version-2.8/getting-started/installation-and-upgrade/installation-references/tls-settings.md index 019c3b81d1c7..12d1fab3c96c 100644 --- a/versioned_docs/version-2.8/getting-started/installation-and-upgrade/installation-references/tls-settings.md +++ b/versioned_docs/version-2.8/getting-started/installation-and-upgrade/installation-references/tls-settings.md @@ -40,7 +40,7 @@ In Rancher v2.8, this setting defaults to `system-store` for new installs. Each cluster contains a condition in the status field called `AgentTlsStrictCheck`. If `AgentTlsStrictCheck` is set to `"True"`, this indicates that the agents for the cluster are ready to operate in `strict` mode. You can manually inspect each cluster to see if they are ready using the Rancher UI or a kubectl command such as the following: ```bash -## the below command skips ouputs $CLUSTER_NAME,$STATUS for all non-local clusters +## the below command skips outputs $CLUSTER_NAME,$STATUS for all non-local clusters kubectl get cluster.management.cattle.io -o jsonpath='{range .items[?(@.metadata.name!="local")]}{.metadata.name},{.status.conditions[?(@.type=="AgentTlsStrictCheck")].status}{"\n"}{end}' ``` diff --git a/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md b/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md index b3f2f9a3a099..3e5af11ae935 100644 --- a/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md +++ b/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md @@ -168,7 +168,7 @@ $ ldapsearch -x -D "acme\jdoe" -w "secret" -p 389 \ -h ad.acme.com -b "dc=acme,dc=com" -s sub "sAMAccountName=jdoe" ``` -This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountNam=jdoe`), returning the attributes for said user: +This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountName=jdoe`), returning the attributes for said user: ![](/img/ldapsearch-user.png) diff --git a/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md b/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md index a51b1328cd0b..7aae2bf870c6 100644 --- a/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md +++ b/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md @@ -23,7 +23,7 @@ The diagram below illustrates how members of an OpenLDAP group can access resour For example, a cluster owner could add an OpenLDAP group to a cluster so that they have permissions view most cluster level resources and create new projects. Then the OpenLDAP group members will have access to the cluster as soon as they log in to Rancher. -In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning persmissions. Without OpenLDAP, the functionality to search for groups would not be supported. +In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning permissions. Without OpenLDAP, the functionality to search for groups would not be supported. When a member of the OpenLDAP group logs in to Rancher, she is redirected to Shibboleth and enters her username and password. diff --git a/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md b/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md index b9847ee8d9f9..0a199a560500 100644 --- a/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md +++ b/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md @@ -35,7 +35,7 @@ The global default registry is intended to be used in air-gapped setups, for reg Most private registries should work, by default, with RKE2 downstream clusters. -However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formated like this: `website/subdomain:portnumber`. +However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formatted like this: `website/subdomain:portnumber`. 1. Select **☰ > Cluster Management**. 1. Find the RKE2 cluster in the list and click **⋮ >Edit Config**. diff --git a/versioned_docs/version-2.8/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md b/versioned_docs/version-2.8/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md index e327cbdf0f24..91367e715108 100644 --- a/versioned_docs/version-2.8/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md +++ b/versioned_docs/version-2.8/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md @@ -196,7 +196,7 @@ Rancher and Partner charts may have extra configurations available through custo To view all recent changes, click **Apps > Recent Operations** in the left navigation menu. From there you can view the calls, conditions, events, and logs. -After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during inital installation. +After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during initial installation. Most Rancher tools have additional pages located in the toolbar below the **Apps** section to help manage and use the features. These pages include links to dashboards, forms to easily add Custom Resources, and additional information. @@ -230,4 +230,4 @@ To upgrade legacy multi-cluster apps: ## Limitations -Dashboard apps or Rancher feature charts can't be installed using the Rancher CLI. \ No newline at end of file +Dashboard apps or Rancher feature charts can't be installed using the Rancher CLI. diff --git a/versioned_docs/version-2.8/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md b/versioned_docs/version-2.8/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md index 6bf997b36f29..af1d5d5056be 100644 --- a/versioned_docs/version-2.8/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md +++ b/versioned_docs/version-2.8/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md @@ -322,7 +322,7 @@ Existing clusters that use an **External** cloud provider will set `--cloud-prov 3. Install the AWS cloud controller manager after the cluster finishes provisioning. Note that the cluster isn't successfully provisioned and nodes are still in an `uninitialized` state until you deploy the cloud controller manager. This can be done manually, or via [Helm charts in UI](#helm-chart-installation-from-ui). -Refer to the offical AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). +Refer to the official AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). diff --git a/versioned_docs/version-2.8/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md b/versioned_docs/version-2.8/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md index 3e97882659ce..bf695acd120e 100644 --- a/versioned_docs/version-2.8/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md +++ b/versioned_docs/version-2.8/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md @@ -47,7 +47,7 @@ When using ingresses in a project, you can program the ingress hostname to an ex ## Service Discovery -After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolveable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. +After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolvable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. For more information, see [Service Discovery](create-services.md). diff --git a/versioned_docs/version-2.8/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md b/versioned_docs/version-2.8/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md index 66a81355f0e9..909536bcdaaa 100644 --- a/versioned_docs/version-2.8/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md +++ b/versioned_docs/version-2.8/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md @@ -38,7 +38,7 @@ On the **Clusters** page, select **⁝** at the end of each row to view a submen ### Cluster Dashboard -On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** buttton on the **Cluster** page. +On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** button on the **Cluster** page. The **Cluster Dashboard** is also accessible from the Rancher UI **Home** page, by clicking on the name of a cluster. diff --git a/versioned_docs/version-2.8/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md b/versioned_docs/version-2.8/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md index 6a95a95b3ae9..6672a4ddf73c 100644 --- a/versioned_docs/version-2.8/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md +++ b/versioned_docs/version-2.8/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md @@ -229,7 +229,7 @@ On AWS EC2, we should create a few objects to configure our system. We've define PUBLIC_IP=$(curl -H "X-aws-ec2-metadata-token: ${TOKEN}" -s http://169.254.169.254/latest/meta-data/public-ipv4) K8S_ROLES="--worker" - sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} + sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} ``` More info is at [RKE clusters on AWS](../../../new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md) and [Cluster Autoscaler on AWS.](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md) diff --git a/versioned_docs/version-2.8/integrations-in-rancher/fleet/overview.md b/versioned_docs/version-2.8/integrations-in-rancher/fleet/overview.md index a490bf14dad7..efe2f2fd2f4a 100644 --- a/versioned_docs/version-2.8/integrations-in-rancher/fleet/overview.md +++ b/versioned_docs/version-2.8/integrations-in-rancher/fleet/overview.md @@ -26,7 +26,7 @@ Users can leverage continuous delivery to deploy their applications to the Kuber Follow the steps below to access Continuous Delivery in the Rancher UI: -1. Click **☰ > Continous Delivery**. +1. Click **☰ > Continuous Delivery**. 1. Select your namespace at the top of the menu, noting the following: diff --git a/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md b/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md index 9d321b9d3cca..d231adfb349b 100644 --- a/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md +++ b/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md @@ -337,7 +337,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by K3s. -For more information about how K3s manges packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). +For more information about how K3s manages packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). Example: diff --git a/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md b/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md index 07781176971e..0602ba7edf4f 100644 --- a/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md +++ b/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md @@ -367,7 +367,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by RKE2. -For more information about how RKE2 manges packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). +For more information about how RKE2 manages packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). Example: diff --git a/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md b/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md index ed1c7cdbe94c..35f81b57caca 100644 --- a/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md +++ b/versioned_docs/version-2.8/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md @@ -9,7 +9,7 @@ description: To create a cluster with custom nodes, you’ll need to access serv When you create a custom cluster, Rancher uses RKE (the Rancher Kubernetes Engine) to create a Kubernetes cluster in on-prem bare-metal servers, on-prem virtual machines, or in any node hosted by an infrastructure provider. -To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you willl also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. +To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you will also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. This section describes how to set up a custom cluster. diff --git a/versioned_docs/version-2.8/reference-guides/monitoring-v2-configuration/receivers.md b/versioned_docs/version-2.8/reference-guides/monitoring-v2-configuration/receivers.md index 74209a7f690f..5f9d2facf221 100644 --- a/versioned_docs/version-2.8/reference-guides/monitoring-v2-configuration/receivers.md +++ b/versioned_docs/version-2.8/reference-guides/monitoring-v2-configuration/receivers.md @@ -340,14 +340,14 @@ route: routes: - match: service: database - receiver: 'database-notifcations' + receiver: 'database-notifications' receivers: - name: 'pagerduty-notifications' pagerduty_configs: - service_key: 'primary-integration-key' -- name: 'database-notifcations' +- name: 'database-notifications' pagerduty_configs: - service_key: 'database-integration-key' ``` diff --git a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c34143594e84..8e7517e6ee9d 100644 --- a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3032,8 +3032,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0b199590889f..ca68e4773d1f 100644 --- a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3087,8 +3087,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index fe6b3ef299c6..b45777378006 100644 --- a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -3094,8 +3094,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c71bf5a9d23b..859dec8afad1 100644 --- a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -1352,7 +1352,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2884,8 +2884,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index c98de564bf18..124e4ded4323 100644 --- a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -1298,7 +1298,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2843,8 +2843,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index ac002a203698..0addae6e357a 100644 --- a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2744,8 +2744,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index d9145e2ce852..a0249ab3098d 100644 --- a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3019,8 +3019,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0e74634d09d4..352819304339 100644 --- a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3020,8 +3020,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index c93773a62a76..5b0ee79d60a9 100644 --- a/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.8/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2846,8 +2846,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.8/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md b/versioned_docs/version-2.8/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md index adecdecde120..d7ec350197be 100644 --- a/versioned_docs/version-2.8/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md +++ b/versioned_docs/version-2.8/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md @@ -6,7 +6,7 @@ title: User ID Tracking in Audit Logs -The following audit logs are used in Rancher to track events occuring on the local and downstream clusters: +The following audit logs are used in Rancher to track events occurring on the local and downstream clusters: * [Kubernetes Audit Logs](https://rancher.com/docs/rke/latest/en/config-options/audit-log/) * [Rancher API Audit Logs](../../how-to-guides/advanced-user-guides/enable-api-audit-log.md) diff --git a/versioned_docs/version-2.9/api/workflows/projects.md b/versioned_docs/version-2.9/api/workflows/projects.md index d811132828a8..b2d16454f0a4 100644 --- a/versioned_docs/version-2.9/api/workflows/projects.md +++ b/versioned_docs/version-2.9/api/workflows/projects.md @@ -156,7 +156,7 @@ kubectl --namespace p-vwxyz get projectroletemplatebindings ## Deleting a Member From a Project -Lookup the projectroletemplatebinding IDs containing the member in the project's namespace as decribed in the [Listing Project Members](#listing-project-members) section. +Lookup the projectroletemplatebinding IDs containing the member in the project's namespace as described in the [Listing Project Members](#listing-project-members) section. Delete the projectroletemplatebinding from the project's namespace: diff --git a/versioned_docs/version-2.9/getting-started/installation-and-upgrade/installation-references/tls-settings.md b/versioned_docs/version-2.9/getting-started/installation-and-upgrade/installation-references/tls-settings.md index bbde2c615606..c2bf6e785cbb 100644 --- a/versioned_docs/version-2.9/getting-started/installation-and-upgrade/installation-references/tls-settings.md +++ b/versioned_docs/version-2.9/getting-started/installation-and-upgrade/installation-references/tls-settings.md @@ -40,7 +40,7 @@ In Rancher v2.9.0 and later, this setting defaults to `strict` on new installs. Each cluster contains a condition in the status field called `AgentTlsStrictCheck`. If `AgentTlsStrictCheck` is set to `"True"`, this indicates that the agents for the cluster are ready to operate in `strict` mode. You can manually inspect each cluster to see if they are ready using the Rancher UI or a kubectl command such as the following: ```bash -## the below command skips ouputs $CLUSTER_NAME,$STATUS for all non-local clusters +## the below command skips outputs $CLUSTER_NAME,$STATUS for all non-local clusters kubectl get cluster.management.cattle.io -o jsonpath='{range .items[?(@.metadata.name!="local")]}{.metadata.name},{.status.conditions[?(@.type=="AgentTlsStrictCheck")].status}{"\n"}{end}' ``` diff --git a/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md b/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md index b3f2f9a3a099..3e5af11ae935 100644 --- a/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md +++ b/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-active-directory.md @@ -168,7 +168,7 @@ $ ldapsearch -x -D "acme\jdoe" -w "secret" -p 389 \ -h ad.acme.com -b "dc=acme,dc=com" -s sub "sAMAccountName=jdoe" ``` -This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountNam=jdoe`), returning the attributes for said user: +This command performs an LDAP search with the search base set to the domain root (`-b "dc=acme,dc=com"`) and a filter targeting the user account (`sAMAccountName=jdoe`), returning the attributes for said user: ![](/img/ldapsearch-user.png) diff --git a/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md b/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md index a51b1328cd0b..ea4194d4d3c8 100644 --- a/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md +++ b/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/about-group-permissions.md @@ -1,4 +1,5 @@ --- + title: Group Permissions with Shibboleth and OpenLDAP --- @@ -23,7 +24,7 @@ The diagram below illustrates how members of an OpenLDAP group can access resour For example, a cluster owner could add an OpenLDAP group to a cluster so that they have permissions view most cluster level resources and create new projects. Then the OpenLDAP group members will have access to the cluster as soon as they log in to Rancher. -In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning persmissions. Without OpenLDAP, the functionality to search for groups would not be supported. +In this scenario, OpenLDAP allows the cluster owner to search for groups when assigning permissions. Without OpenLDAP, the functionality to search for groups would not be supported. When a member of the OpenLDAP group logs in to Rancher, she is redirected to Shibboleth and enters her username and password. diff --git a/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md b/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md index 2e1629ef4b04..599659b16bf3 100644 --- a/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md +++ b/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md @@ -35,7 +35,7 @@ The global default registry is intended to be used in air-gapped setups, for reg Most private registries should work, by default, with RKE2 downstream clusters. -However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formated like this: `website/subdomain:portnumber`. +However, you'll need to do some additional steps if you're trying to set a namespaced private registry whose URL is formatted like this: `website/subdomain:portnumber`. 1. Select **☰ > Cluster Management**. 1. Find the RKE2 cluster in the list and click **⋮ >Edit Config**. diff --git a/versioned_docs/version-2.9/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md b/versioned_docs/version-2.9/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md index d8aa27ea085a..f1e79390cadd 100644 --- a/versioned_docs/version-2.9/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md +++ b/versioned_docs/version-2.9/how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md @@ -207,7 +207,7 @@ Rancher and Partner charts may have extra configurations available through custo To view all recent changes, click **Apps > Recent Operations** in the left navigation menu. From there you can view the calls, conditions, events, and logs. -After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during inital installation. +After installing a chart, you can view it by clicking **Apps > Installed Apps** in the left navigation menu. You can upgrade or delete the installation, and see further details. Upgrading uses the same forms and values as you saw during initial installation. Most Rancher tools have additional pages located in the toolbar below the **Apps** section to help manage and use the features. These pages include links to dashboards, forms to easily add Custom Resources, and additional information. diff --git a/versioned_docs/version-2.9/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md b/versioned_docs/version-2.9/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md index b49ca3f3ca36..190219ac5844 100644 --- a/versioned_docs/version-2.9/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md +++ b/versioned_docs/version-2.9/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md @@ -322,7 +322,7 @@ Existing clusters that use an **External** cloud provider will set `--cloud-prov 3. Install the AWS cloud controller manager after the cluster finishes provisioning. Note that the cluster isn't successfully provisioned and nodes are still in an `uninitialized` state until you deploy the cloud controller manager. This can be done manually, or via [Helm charts in UI](#helm-chart-installation-from-ui). -Refer to the offical AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). +Refer to the official AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). diff --git a/versioned_docs/version-2.9/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md b/versioned_docs/version-2.9/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md index 3e97882659ce..bf695acd120e 100644 --- a/versioned_docs/version-2.9/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md +++ b/versioned_docs/version-2.9/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md @@ -47,7 +47,7 @@ When using ingresses in a project, you can program the ingress hostname to an ex ## Service Discovery -After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolveable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. +After you expose your cluster to external requests using a load balancer and/or ingress, it's only available by IP address. To create a resolvable hostname, you must create a service record, which is a record that maps an IP address, external hostname, DNS record alias, workload(s), or labelled pods to a specific hostname. For more information, see [Service Discovery](create-services.md). diff --git a/versioned_docs/version-2.9/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md b/versioned_docs/version-2.9/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md index 66a81355f0e9..909536bcdaaa 100644 --- a/versioned_docs/version-2.9/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md +++ b/versioned_docs/version-2.9/how-to-guides/new-user-guides/manage-clusters/access-clusters/access-clusters.md @@ -38,7 +38,7 @@ On the **Clusters** page, select **⁝** at the end of each row to view a submen ### Cluster Dashboard -On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** buttton on the **Cluster** page. +On the **Clusters** page, select the **Explore** button at the end of each row to view that cluster's **Cluster Dashboard**. You can also view the dashboard by clicking the name of a cluster in the table, then clicking the **Explore** button on the **Cluster** page. The **Cluster Dashboard** is also accessible from the Rancher UI **Home** page, by clicking on the name of a cluster. diff --git a/versioned_docs/version-2.9/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md b/versioned_docs/version-2.9/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md index 7daaab8504bc..b16b362fefc1 100644 --- a/versioned_docs/version-2.9/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md +++ b/versioned_docs/version-2.9/how-to-guides/new-user-guides/manage-clusters/install-cluster-autoscaler/use-aws-ec2-auto-scaling-groups.md @@ -229,7 +229,7 @@ On AWS EC2, we should create a few objects to configure our system. We've define PUBLIC_IP=$(curl -H "X-aws-ec2-metadata-token: ${TOKEN}" -s http://169.254.169.254/latest/meta-data/public-ipv4) K8S_ROLES="--worker" - sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} + sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent: --server https:// --token --ca-checksum --address ${PUBLIC_IP} --internal-address ${PRIVATE_IP} ${K8S_ROLES} ``` More info is at [RKE clusters on AWS](../../../new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md) and [Cluster Autoscaler on AWS.](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md) diff --git a/versioned_docs/version-2.9/integrations-in-rancher/fleet/overview.md b/versioned_docs/version-2.9/integrations-in-rancher/fleet/overview.md index 78b79c878f57..b16bad0b64f7 100644 --- a/versioned_docs/version-2.9/integrations-in-rancher/fleet/overview.md +++ b/versioned_docs/version-2.9/integrations-in-rancher/fleet/overview.md @@ -26,7 +26,7 @@ Users can leverage continuous delivery to deploy their applications to the Kuber Follow the steps below to access Continuous Delivery in the Rancher UI: -1. Click **☰ > Continous Delivery**. +1. Click **☰ > Continuous Delivery**. 1. Select your namespace at the top of the menu, noting the following: diff --git a/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md b/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md index 6ec07fe1906f..0ae19ccfd55e 100644 --- a/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md +++ b/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration.md @@ -337,7 +337,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by K3s. -For more information about how K3s manges packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). +For more information about how K3s manages packaged components, please refer to [K3s documentation](https://docs.k3s.io/installation/packaged-components). Example: diff --git a/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md b/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md index 44b7f28bd260..0654c1a5cb9d 100644 --- a/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md +++ b/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md @@ -367,7 +367,7 @@ Alternatives, such as using a HelmChartConfig to customize the system charts via Specify the values for the system charts installed by RKE2. -For more information about how RKE2 manges packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). +For more information about how RKE2 manages packaged components, please refer to [RKE2 documentation](https://docs.rke2.io/helm). Example: diff --git a/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md b/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md index 45e8fba4b02e..439068d4c12f 100644 --- a/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md +++ b/versioned_docs/version-2.9/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md @@ -9,7 +9,7 @@ description: To create a cluster with custom nodes, you’ll need to access serv When you create a custom cluster, Rancher uses RKE (the Rancher Kubernetes Engine) to create a Kubernetes cluster in on-prem bare-metal servers, on-prem virtual machines, or in any node hosted by an infrastructure provider. -To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you willl also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. +To use this option you'll need access to servers you intend to use in your Kubernetes cluster. Provision each server according to the [requirements](../../../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/node-requirements-for-rancher-managed-clusters.md), which includes some hardware specifications and Docker. After you install Docker on each server, you will also run the command provided in the Rancher UI on each server to turn each one into a Kubernetes node. This section describes how to set up a custom cluster. diff --git a/versioned_docs/version-2.9/reference-guides/monitoring-v2-configuration/receivers.md b/versioned_docs/version-2.9/reference-guides/monitoring-v2-configuration/receivers.md index 74209a7f690f..5f9d2facf221 100644 --- a/versioned_docs/version-2.9/reference-guides/monitoring-v2-configuration/receivers.md +++ b/versioned_docs/version-2.9/reference-guides/monitoring-v2-configuration/receivers.md @@ -340,14 +340,14 @@ route: routes: - match: service: database - receiver: 'database-notifcations' + receiver: 'database-notifications' receivers: - name: 'pagerduty-notifications' pagerduty_configs: - service_key: 'primary-integration-key' -- name: 'database-notifcations' +- name: 'database-notifications' pagerduty_configs: - service_key: 'database-integration-key' ``` diff --git a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c34143594e84..8e7517e6ee9d 100644 --- a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3032,8 +3032,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0b199590889f..ca68e4773d1f 100644 --- a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3087,8 +3087,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index fe6b3ef299c6..b45777378006 100644 --- a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/k3s-hardening-guide/k3s-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -3094,8 +3094,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index c71bf5a9d23b..859dec8afad1 100644 --- a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -1352,7 +1352,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2884,8 +2884,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index c98de564bf18..124e4ded4323 100644 --- a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -1298,7 +1298,7 @@ In this file, choose aescbc, kms or secretbox as the encryption provider. ```bash #!/usr/bin/env bash -# This script is used to check the encrption provider config is set to aesbc +# This script is used to check the encryption provider config is set to aesbc # # outputs: # true/false @@ -2843,8 +2843,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index ac002a203698..0addae6e357a 100644 --- a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke1-hardening-guide/rke1-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2744,8 +2744,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md index d9145e2ce852..a0249ab3098d 100644 --- a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md +++ b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.23-k8s-v1.23.md @@ -3019,8 +3019,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md index 0e74634d09d4..352819304339 100644 --- a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md +++ b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.24-k8s-v1.24.md @@ -3020,8 +3020,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md index c93773a62a76..5b0ee79d60a9 100644 --- a/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md +++ b/versioned_docs/version-2.9/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide/rke2-self-assessment-guide-with-cis-v1.7-k8s-v1.25-v1.26-v1.27.md @@ -2846,8 +2846,8 @@ it is set to an empty array. **Result:** warn **Remediation:** -Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +Review the use of capabilities in applications running on your cluster. Where a namespace +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual) diff --git a/versioned_docs/version-2.9/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md b/versioned_docs/version-2.9/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md index adecdecde120..d7ec350197be 100644 --- a/versioned_docs/version-2.9/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md +++ b/versioned_docs/version-2.9/troubleshooting/other-troubleshooting-tips/user-id-tracking-in-audit-logs.md @@ -6,7 +6,7 @@ title: User ID Tracking in Audit Logs -The following audit logs are used in Rancher to track events occuring on the local and downstream clusters: +The following audit logs are used in Rancher to track events occurring on the local and downstream clusters: * [Kubernetes Audit Logs](https://rancher.com/docs/rke/latest/en/config-options/audit-log/) * [Rancher API Audit Logs](../../how-to-guides/advanced-user-guides/enable-api-audit-log.md)