Updates configuration page #1532
Conversation
✅ Deploy Preview for pomerium-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
content/docs/core/configuration.md
Outdated
|
|
||
| See the [Reference](/docs/reference) page for a comprehensive list of Pomerium's configuration settings. | ||
|
|
||
| ## All In One and Split Service modes |
There was a problem hiding this comment.
I think we hyphenate "all-in-one" most other places in the docs. Should we stick with that here too?
There was a problem hiding this comment.
So this is a style question, and a product one. We're very inconsistent in our docs with either of these modes. It's frequently used as a compound adjective, in which case "all-in-one mode" or "split-service mode" makes sense.
Take this page for example:
- For all-in-one deployments, no changes are required...
- For split-service deployments, you will need to deploy an additional service called cache...
This is fine in this context.
When we refer to these modes as a deployment type, it's actually a noun, if not a proper noun. For example, this page shows the inconsistency and how it's used as both a compound adjective and a noun:
"The other service URL settings are needed only for split service deployments. When running in all-in-one mode (which is the recommended mode), these settings are not needed."
We have the liberty to decide how it should be used in our docs. In my opinion, these modes should be referred to as proper nouns, so "All In One mode" or "Split Service mode". I don't mind changing it to "All-in-One" mode and "Split-Service" mode, or "All in One" mode (we don't have to capitalize "in" either) and "Split Service" mode, but we should define it and stick to it.
I can be lazy about it as well. This is where a style guide would help enforce the decision. Thoughts?
content/docs/core/configuration.md
Outdated
|
|
||
| See the [Reference](/docs/reference) page for a comprehensive list of Pomerium's configuration settings. | ||
|
|
||
| ## All In One and Split Service modes |
There was a problem hiding this comment.
Actually, should we have a separate page to talk about all-in-one and split service mode? This almost feels like a different topic to me.
@desimone would love to hear your thoughts on this.
There was a problem hiding this comment.
Yeah, if we moved this topic to a separate page, we could offload some of the content in High Availability as well.
It begs the question of where we'd put a All In One vs Split Services mode page, though. Capabilities doesn't seem like the best place.
There was a problem hiding this comment.
should we have a separate page to talk about all-in-one and split service mode? This almost feels like a different topic to me.
Yes, I think that makes a lot of sense.
There was a problem hiding this comment.
I've created a separate issue for work on a new All in One vs Split Services Mode page:
There was a problem hiding this comment.
I'll move the Settings Modes section in a separate PR addressing the aforementioned ticket.
Co-authored-by: Kenneth Jenkins <[email protected]>
|
Hey @kenjenkins, I created a ticket for a new All in one vs. Split services mode page, but I moved it to backlog for now. To move this along, I also removed the dashes you mentioned earlier. We can address style guide decisions in the other ticket. |
| @@ -10,7 +10,7 @@ import InstallMkcert from '@site/content/_install-mkcert.md'; | |||
|
|
|||
| Pomerium is designed to be run in two modes: All-In-One or Split Service. These modes are not mutually exclusive, meaning you can run one or multiple instances of Pomerium in all-in-one mode, and spin up additional instances for specific components as needed. | |||
|
|
|||
| Each instance of Pomerium runs in all-in-one mode unless specified to run as a specific component by the `services` key. See [All-In-One vs. Split Service mode](/docs/internals/configuration#all-in-one-vs-split-service-mode) for more details. | |||
| Each instance of Pomerium runs in all-in-one mode unless specified to run as a specific component by the `services` key. See [All-In-One vs. Split Service mode](/docs/core/configuration#all-in-one-and-split-service-modes-split-service-mode) for more details. | |||
There was a problem hiding this comment.
Does this link target exist? Should it be #all-in-one-and-split-service-modes instead?
(ditto throughout this PR)
content/docs/core/configuration.md
Outdated
|
|
||
| Both configuration file keys and environment variables are case sensitive. | ||
|
|
||
| Configuration file keys are always lowercase. Environmental variables are identical to configuration file keys, except they are always uppercase. |
There was a problem hiding this comment.
Environmental -> environment here if we want to be consistent with this.
There was a problem hiding this comment.
I missed this instance and updated it for this page. But, there are many instances elsewhere in our docs that use "environmental". I'll note this decision for future PRs, though.
content/docs/core/configuration.md
Outdated
|
|
||
| ### All-In-One mode | ||
|
|
||
| All-In-One mode means all of Pomerium's configuration settings are set in a single configuration file. You can use All-In-One mode when running Pomerium: |
There was a problem hiding this comment.
For me this is not a clear explanation of the difference between all-in-one and split service mode.
In all-in-one mode, a single Pomerium process runs all of the four logical services. In split service mode, each logical service runs as its own process.
content/docs/core/configuration.md
Outdated
|
|
||
| ### All-In-One mode | ||
|
|
||
| All-In-One mode means all of Pomerium's configuration settings are set in a single configuration file. You can use All-In-One mode when running Pomerium: |
There was a problem hiding this comment.
I would prefer we pick one way to write "all-in-one" mode and use it consistently. By my count the existing docs have:
- 49 instances of "all-in-one"
- 3 instances of "All-in-One"
- 1 instance each of "All-in-one" and "All-in-One"
Based on the existing usage "All-In-One" looks out of place to me here.
There was a problem hiding this comment.
OK. I left a comment earlier which explains my position on this. But, I've updated this page so that is uses "All-in-One".
There was a problem hiding this comment.
For the record, I'm saying "all-in-one" (lowercase) would be most consistent with the existing documentation. If you don't think we should aim to be consistent I won't argue the point any further.
| All-in-One mode means a single Pomerium process runs all of the [four logical services](/docs/internals/architecture#component-level). You can use All-in-One mode when running Pomerium: | ||
|
|
||
| - As a single system service or container, or | ||
| - In a distributed environment where there are multiple processes that each handle separate [Pomerium services](/docs/internals/architecture#component-level). |
There was a problem hiding this comment.
I don't understand what this is saying. In all-in-one mode the services are combined, not separate.
|
|
||
| :::tip Our recommendation | ||
|
|
||
| We recommend All-in-One mode to configure Pomerium for the following reasons: |
There was a problem hiding this comment.
The word order here feels backwards to me.
| We recommend All-in-One mode to configure Pomerium for the following reasons: | |
| We recommend running Pomerium in all-in-one mode for the following reasons: |
|
|
||
| ### Split-Service mode | ||
|
|
||
| Alternately, you can create individual configuration files (or sets of environment variables) for each Pomerium service. In Split-Service mode, each configuration file (or set of environment variables) defines which service a process will run by using the [service mode](/docs/reference/service-mode) key. |
There was a problem hiding this comment.
I think it would be good to start with a brief explanation of how split service mode differs from all-in-one mode. Probably also good to link to the Service URL Settings page here. Maybe something like this?
| Alternately, you can create individual configuration files (or sets of environment variables) for each Pomerium service. In Split-Service mode, each configuration file (or set of environment variables) defines which service a process will run by using the [service mode](/docs/reference/service-mode) key. | |
| Alternatively, you can run each Pomerium service as its own process. You might want to do this in order to scale each service independently, or so that you can enforce different permissions on each service. | |
| To configure Pomerium in this mode, you will need to create individual configuration files (or sets of environment variables) for each Pomerium service. Each configuration should set the [Service Mode](/docs/reference/service-mode) option to tell Pomerium which service to run. You will also need the [Service URL Settings](/docs/reference/service-urls) to tell each Pomerium service how to communicate with the other Pomerium services. |
This PR update the location and some of the content in the "Configuration" page. This page was originally in
/docs/internals/configuration.I've intentionally left the "All In One and Split Service modes" sections sparse, as this a Draft PR. We could expand on this section in a separate capabilities page or even a guide, but for now, I didn't change much besides adding a "Our recommendation" tip, which could also be fine tuned.
TODOs:
Resolves https://github.com/pomerium/internal/issues/1853