Add Cluster Docs

Also some more improvements for the sandboxing documentation

Author: michaeljguarino

pages/getting-started/advanced-config/sandboxing.md

@@ -73,13 +73,28 @@ This is a suitable replacement if you're ok with some data staleness and don't h
 
 Lots of enterprises have strict requirements around the docker registries they use, or pull caches that whitelist a limited set of registries. The important images for setting up your own instance are:
 
-- ghcr.io/pluralsh/console
-- ghcr.io/pluralsh/kas
-- ghcr.io/pluralsh/deployment-controller
-- ghcr.io/pluralsh/deployment-operator
-- ghcr.io/pluralsh/agentk
-- ghcr.io/pluralsh/git-server (optional if you want to use our vendored git server)
+Plural maintained images:
+  Management Cluster:
+  - ghcr.io/pluralsh/console
+  - ghcr.io/pluralsh/kas
+  - ghcr.io/pluralsh/deployment-controller
+  - ghcr.io/pluralsh/git-server (optional if you want to use our vendored git server)
+  Agent:
+  - ghcr.io/pluralsh/agentk
+  - ghcr.io/pluralsh/deployment-operator
+
+Third party images used by our chart (these are often already vendored in an enterprise environment):
 - ghcr.io/pluralsh/registry/bitnami/redis:7.4.2-debian-12-r5
+- ghcr.io/pluralsh/registry/nginx:stable-alpine3.20-slim (can be any nginx image, ours is not customized)
+- docker.io/kubernetesui/dashboard-api - this is also available via `ghcr.io/pluralsh/registry/kubernetesui/dashboard-api`
+
+If you want to deterministically extract the images from our chart, you can also just use yq, like so:
+
+```sh
+git clone https://github.com/pluralsh/console.git
+cd console
+helm template charts/console | yq '..|.image? | select(.)' | sort -u
+```
 
 {% callout severity="info" %}
 All of these images follow semver, and are also published to `gcr.io` and `docker.io` as well for convenience, in the event that either of those are eligible for internal pull-through caches.  The redis instance is not meaningfully customized and any bitnami or equivalent redis container image can theoretically work there.
@@ -103,6 +118,19 @@ kas:
 
   image:
     repository: your.enterprise.registry/pluralsh/kas
+
+  redis:
+    registry: your.enterprise.registry
+    repository: redis
+
+# if you need to enable the internal git server
+gitServer:
+  repository: your.enterprise.registry/git-server
+
+dashboard:
+  api:
+    image:
+      repository: your.enterprise.registry/kubernetesui/dashboard
 ```
 
 And for the agent it would be:

pages/getting-started/first-steps/add-a-cluster.md

@@ -0,0 +1,92 @@
+---
+title: Add A Cluster
+description: How To Add An Existing Cluster to Your Plural Instance
+---
+
+Adding a new cluster to Plural is very simple, it's simply a matter of installing our agent onto any end cluster, and usually follows two paths:
+
+1. Leverage our CLI which wraps a full install including registering with your Plural api and helm installing the agent on the cluster
+2. Use our terraform provider to wrap this whole process as Infrastructure as Code
+
+Both are functional and fully supported, and execute equivalent code under the hood.  If you set up your install with `plural up` we've already wrapped a ton of fully functional GitOps workflows for you, and those usually are more featureful workflows than doing this manually.  If you want to read more about them, feel free to look at the guide here: [Create a Workload Cluster](/getting-started/how-to-use/workload-cluster).
+
+{% callout severity="info" %}
+We strongly recommend leveraging a IaC based pattern, since it'll allow you to export terraform state into Plural for re-use and maximizes reproducibility 
+{% /callout %}
+
+
+## Onboard a cluster with our CLI
+
+To add a new cluster simply run with a valid kubeconfig set up locally:
+
+```sh
+plural cd clusters bootstrap --name {your-cluster-name} --tag {tag}={value} --tag {tag2}={value2}
+```
+
+To see all CLI options, feel free to use:
+
+```sh
+plural cd clusters bootstrap --help
+```
+
+If you need to reinstall our agent for any reason, just use:
+
+```sh
+plural cd clusters reinstall @{cluster-handle}
+```
+
+{% callout severity="info" %}
+The `@` character is required, as it allows our CLI to differentiate names from IDs.
+
+You should also address the cluster by handle in the event name is not unique in your system.
+{% /callout %}
+
+## Onboard a cluster with our Terraform Provider
+
+Here is a basic terraform snippet that shows how you can use our Terraform provider to install our agent
+
+```terraform
+resource "plural_cluster" "this" {
+    handle = var.cluster
+    name   = var.cluster
+    tags   = {
+        fleet = var.fleet
+        tier = var.tier
+    }
+
+    # metadata attaching useful cluster-level state in Plural to use for service templating
+    metadata = jsonencode({
+        tier = var.tier
+        iam = {
+          load_balancer = module.addons.gitops_metadata.aws_load_balancer_controller_iam_role_arn
+          cluster_autoscaler = module.addons.gitops_metadata.cluster_autoscaler_iam_role_arn
+          external_dns = module.externaldns_irsa_role.iam_role_arn
+          cert_manager = module.externaldns_irsa_role.iam_role_arn
+        }
+
+        vpc_id = local.vpc.vpc_id
+        region = var.region
+    })
+
+    # direct kubeconfig for this cluster
+    kubeconfig = {
+      host                   = module.eks.cluster_endpoint
+      cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
+      token                  = data.aws_eks_cluster_auth.cluster.token
+    }
+}
+
+# optionally can specify kubeconfig at the provider level
+
+provider "plural" {
+    kubeconfig = {
+        host                   = module.eks.cluster_endpoint
+        cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
+        token                  = data.aws_eks_cluster_auth.cluster.token
+    }
+}
+```
+
+This makes it easy to wrap Plural setup in existing IaC codebases and ensure full repeatability.
+
+The metadata block is of importance as well, as it drives our helm + yaml templating experience within Plural CD.  You can see some guides around that [here](/plural-features/continuous-deployment/service-templating).

pages/plural-features/continuous-deployment/service-templating

@@ -0,0 +1 @@
+../service-templating

src/routing/docs-structure.ts

@@ -36,6 +36,10 @@ export const docsStructure: DocSection[] = [
             path: 'plural-cloud',
             title: 'Host Your Plural Console with Plural Cloud',
           },
+          {
+            path: 'add-a-cluster',
+            title: 'Add A Cluster To Plural',
+          },
         ],
       },
       {
@@ -86,6 +90,16 @@ export const docsStructure: DocSection[] = [
             path: 'resource-application-logic',
             title: 'Resource Application Logic',
           },
+          {
+            path: 'service-templating',
+            title: 'Service templating',
+            sections: [
+              {
+                path: 'supporting-liquid-filters',
+                title: 'Supporting Liquid Filters',
+              },
+            ],
+          },
           { path: 'lua', title: 'Dynamic Helm Configuration with Lua Scripts' },
           { path: 'global-service', title: 'Global services' },
           {
@@ -197,16 +211,6 @@ export const docsStructure: DocSection[] = [
           { path: 'filters', title: 'Liquid Filters in PR Automation' },
         ],
       },
-      {
-        path: 'service-templating',
-        title: 'Service templating',
-        sections: [
-          {
-            path: 'supporting-liquid-filters',
-            title: 'Supporting Liquid Filters',
-          },
-        ],
-      },
       {
         path: 'projects-and-multi-tenancy',
         title: 'Projects and multi-tenancy',