Refine cloud resource docs (#209)

* Refine cloud resource docs

As Terraform definitions are installed when vela-core is installing, so
refine the docs

* add cloud resource provisioning and consuming doc for end-users

* reorganise Chinses docs

* add resource list

* remove cloud resoure list

* convert html table to markdown style

docs/end-user/components/cloud-services/provider-and-consume-cloud-services.md

@@ -0,0 +1,94 @@
+---
+title: Provision and Consume Cloud Services
+---
+
+This tutorial will talk about how to provision and consume Cloud Resources by Terraform.
+
+> ⚠️ This section requires your platform engineers have already enabled [add-on 'terraform/provider-alicloud'](../../../platform-engineers/components/component-terraform).
+
+## Supported Cloud Resource list
+
+Orchestration Type | Cloud Provider | Cloud Resource | Description
+------------ | ------------- | ------------- | -------------
+Terraform | Alibaba Cloud | [ACK](./terraform/alibaba-ack) | Terraform configuration for Alibaba Cloud ACK cluster
+| |  | [OSS](./terraform/alibaba-oss) | Terraform configuration for Alibaba Cloud OSS object
+| |  | [RDS](./terraform/alibaba-rds) | Terraform configuration for Alibaba Cloud RDS object
+
+## Terraform
+
+All supported Terraform cloud resources can be seen in the list above. You can also filter them by command by `vela components --label type=terraform`.
+
+
+Let's deploy
+the [application](https://github.com/oam-dev/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/application.yaml)
+below to provision Alibaba Cloud OSS and RDS cloud resources, and consume them by the web component.
+
+```yaml
+apiVersion: core.oam.dev/v1beta1
+kind: Application
+metadata:
+  name: webapp
+spec:
+  components:
+    - name: express-server
+      type: webservice
+      properties:
+        image: zzxwill/flask-web-application:v0.3.1-crossplane
+        ports: 80
+      traits:
+        - type: service-binding
+          properties:
+            envMappings:
+              # environments refer to db-conn secret
+              DB_PASSWORD:
+                secret: db-conn                                   # 1) If the env name is the same as the secret key, secret key can be omitted.
+              endpoint:
+                secret: db-conn
+                key: DB_HOST                                      # 2) If the env name is different from secret key, secret key has to be set.
+              username:
+                secret: db-conn
+                key: DB_USER
+              # environments refer to oss-conn secret
+              BUCKET_NAME:
+                secret: oss-conn
+
+    - name: sample-db
+      type: alibaba-rds
+      properties:
+        instance_name: sample-db
+        account_name: oamtest
+        password: U34rfwefwefffaked
+        writeConnectionSecretToRef:
+          name: db-conn
+
+    - name: sample-oss
+      type: alibaba-oss
+      properties:
+        bucket: vela-website
+        acl: private
+        writeConnectionSecretToRef:
+          name: oss-conn
+```
+
+The component `express-server` consume OSS and RDS by trait [Service Binding](../../traits/service-binding).
+
+Deploy and verify the application.
+
+```shell
+$ vela ls
+APP   	COMPONENT     	TYPE       	TRAITS         	PHASE         	HEALTHY  	STATUS	CREATED-TIME
+webapp	express-server	webservice 	service-binding	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
+├─    	sample-db     	alibaba-rds	               	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
+└─    	sample-oss    	alibaba-oss	               	running     	healthy  	      	2021-09-08 16:50:41 +0800 CST
+```
+
+```shell
+$ sudo kubectl port-forward deployment/express-server 80:80
+
+Forwarding from 127.0.0.1:80 -> 80
+Forwarding from [::1]:80 -> 80
+Handling connection for 80
+Handling connection for 80
+```
+
+![](../../../resources/crossplane-visit-application.jpg)

docs/platform-engineers/components/component-terraform.md

@@ -2,142 +2,29 @@
 title: Terraform Component
 ---
 
-In this documentation, we will use Alibaba Cloud's RDS (Relational Database Service), and Alibaba Cloud's OSS (Object Storage System) as examples to show how to enable cloud services as part of the application deployment.
+To enable the ability to provision cloud resources by Terraform, the credential for a cloud provider needs to be applied.
 
-These cloud services are provided by Terraform.
 
-## Prepare Terraform Controller
+### Apply the credential for a Cloud Provider
 
-<details>
-
-Download the latest chart, like `terraform-controller-chart-0.1.8.tgz`, from the latest [releases list](https://github.com/oam-dev/terraform-controller/releases) and install it.
+Taking Alibaba Cloud as an example, for other cloud providers, please refer to [Terraform controller getting started](https://github.com/oam-dev/terraform-controller/blob/master/getting-started.md).
 
 ```shell
-$ helm install terraform-controller terraform-controller-0.1.8.tgz
-NAME: terraform-controller
-LAST DEPLOYED: Mon Apr 26 15:55:35 2021
-NAMESPACE: default
-STATUS: deployed
-REVISION: 1
-TEST SUITE: None
+$ export ALICLOUD_ACCESS_KEY=xxx; export ALICLOUD_SECRET_KEY=yyy
 ```
 
-### Apply Provider Credentials
-
-By applying Terraform Provider credentials, Terraform controller can be authenticated to deploy and manage cloud resources.
-
-Please refer to [Terraform controller getting started](https://github.com/oam-dev/terraform-controller/blob/master/getting-started.md) on how to apply Provider for Alibaba Cloud or AWS.
-
-</details>
-
-### Register `alibaba-rds` Component
-
-Register [alibaba-rds](https://github.com/oam-dev/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/ComponentDefinition-alibaba-rds.yaml) to KubeVela.
-
-```yaml
-apiVersion: core.oam.dev/v1alpha2
-kind: ComponentDefinition
-metadata:
-  name: alibaba-rds
-  annotations:
-    definition.oam.dev/description: Terraform configuration for Alibaba Cloud RDS object
-    type: terraform
-spec:
-  workload:
-    definition:
-      apiVersion: terraform.core.oam.dev/v1beta1
-      kind: Configuration
-  schematic:
-    terraform:
-      configuration: |
-        module "rds" {
-          source = "terraform-alicloud-modules/rds/alicloud"
-          engine = "MySQL"
-          engine_version = "8.0"
-          instance_type = "rds.mysql.c1.large"
-          instance_storage = "20"
-          instance_name = var.instance_name
-          account_name = var.account_name
-          password = var.password
-        }
-
-        output "DB_NAME" {
-          value = module.rds.this_db_instance_name
-        }
-        output "DB_USER" {
-          value = module.rds.this_db_database_account
-        }
-        output "DB_PORT" {
-          value = module.rds.this_db_instance_port
-        }
-        output "DB_HOST" {
-          value = module.rds.this_db_instance_connection_string
-        }
-        output "DB_PASSWORD" {
-          value = module.rds.this_db_instance_port
-        }
-
-        variable "instance_name" {
-          description = "RDS instance name"
-          type = string
-          default = "poc"
-        }
-
-        variable "account_name" {
-          description = "RDS instance user account name"
-          type = "string"
-          default = "oam"
-        }
-
-        variable "password" {
-          description = "RDS instance account password"
-          type = "string"
-          default = "Xyfff83jfewGGfaked"
-        }
-
+If you'd like to use Alicloud Security Token Service, also export `ALICLOUD_SECURITY_TOKEN`.
+```shell
+$ export ALICLOUD_SECURITY_TOKEN=zzz
 ```
 
-### Register `alibaba-oss` Component
-
-Register [alibaba-oss](https://github.com/oam-dev/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/ComponentDefinition-alibaba-oss.yaml) to KubeVela.
-
-
-```yaml
-apiVersion: core.oam.dev/v1alpha2
-kind: ComponentDefinition
-metadata:
-  name: alibaba-oss
-  annotations:
-    definition.oam.dev/description: Terraform configuration for Alibaba Cloud OSS object
-    type: terraform
-spec:
-  workload:
-    definition:
-      apiVersion: terraform.core.oam.dev/v1beta1
-      kind: Configuration
-  schematic:
-    terraform:
-      configuration: |
-        resource "alicloud_oss_bucket" "bucket-acl" {
-          bucket = var.bucket
-          acl = var.acl
-        }
-
-        output "BUCKET_NAME" {
-          value = "${alicloud_oss_bucket.bucket-acl.bucket}.${alicloud_oss_bucket.bucket-acl.extranet_endpoint}"
-        }
-
-        variable "bucket" {
-          description = "OSS bucket name"
-          default = "vela-website"
-          type = string
-        }
-
-        variable "acl" {
-          description = "OSS bucket ACL, supported 'private', 'public-read', 'public-read-write'"
-          default = "private"
-          type = string
-        }
-
-
+```
+$ sh https://raw.githubusercontent.com/oam-dev/terraform-controller/master/hack/prepare-alibaba-credentials.sh
+
+$ kubectl get secret -n vela-system
+NAME                                              TYPE                                  DATA   AGE
+alibaba-account-creds                             Opaque                                1      11s
+
+$ kubectl apply -f https://raw.githubusercontent.com/oam-dev/terraform-controller/master/examples/alibaba/provider.yaml
+provider.terraform.core.oam.dev/default created
 ```

i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/provider-and-consume-cloud-services.md

@@ -1,36 +1,32 @@
 ---
-title:  集成云资源 // Deprecated
+title:  集成云资源
 ---
 
 在面向云开发逐渐成为范式的这个时代，我们希望集成来源不同、类型不同云资源的需求非常迫切。不管是最基本的对象存储、云数据库，还是更多的负载均衡等等，也面临着混合云、多云等复杂环境所带来的挑战，而 KubeVela 都可以很好满足你的需要。
 
 KubeVela 通过云资源组件（Component）和运维特征（Trait）里的资源绑定功能，高效安全地完成不同类型云资源的集成工作。目前你可以直接调用阿里云容器服务 Kubernetes 版（ACK ）、阿里云对象存储服务（OSS）和阿里云关系型数据库服务（RDS）这些默认组件。同时在未来，更多新的云资源也会在社区的支撑下逐渐成为默认选项，让你标准化统一地去使用各种厂商的云资源。
 
+> ⚠️ 请确认管理员已经安装了 [Terraform 插件 'terraform/provider-alicloud'](../../../platform-engineers/components/component-terraform).
+
+## 支持的云资源列表
+编排类型 | 云服务商 | 云资源 | 描述
+------------ | ------------- | ------------- | -------------
+Terraform | Alibaba Cloud | [ACK](./terraform/alibaba-ack) | 用于部署阿里云 ACK 的 Terraform Configuration 的 ComponentDefinition
+| |  | [OSS](./terraform/alibaba-oss) | 用于部署阿里云 OSS 的 Terraform Configuration 的 ComponentDefinition
+| |  | [RDS](./terraform/alibaba-rds) | 用于部署阿里云 RDS 的 Terraform Configuration 的 ComponentDefinition
+
 ## 查看 KubeVela 的云资源组件
 
-我们通过 [KubeVela CLI](../install#3-安装-kubevela-cli)来查看，当前系统中可用的云资源组件类型：
+我们通过 [KubeVela CLI](../../../install#3-安装-kubevela-cli)来查看，当前系统中可用的云资源组件类型：
 
 ```shell
-$ vela components
+$ vela components --label type=terraform
 NAME        NAMESPACE  	WORKLOAD                             	DESCRIPTION                                                            
 alibaba-ack	vela-system	configurations.terraform.core.oam.dev	Terraform configuration for Alibaba Cloud ACK cluster       
 alibaba-oss	vela-system	configurations.terraform.core.oam.dev	Terraform configuration for Alibaba Cloud OSS object        
 alibaba-rds	vela-system	configurations.terraform.core.oam.dev	Terraform configuration for Alibaba Cloud RDS object        
 ```
 
-KubeVela 对云资源的集成流程大致如下：
-
- - 熟悉各云服务商的鉴权机制，获取并准备需要的 secret 或者 token 等密钥
- - 将鉴权信息保存到 Terraform 的全局配置中，下一步校验
- - KubeVela 通过 Terraform 控制器完成鉴权校验，通过后自动拉起对应云资源
-
-## 激活云资源权限
-
-首先准备好，要访问对应云厂商的密钥信息后，使用 `vela addon enable` 指令来全局配置鉴权信息：
-```shell
-vela addon enable terraform/provider-alicloud --ALICLOUD_ACCESS_KEY_ID=<你的秘钥 Key ID> -ALICLOUD_SECRET_ACCESS_KEY=<你的秘钥密码>
-```
-
 下面我们以阿里云关系型数据库（RDS）的例子，作为示例进行讲解。
 
 ### 部署云资源
@@ -121,11 +117,11 @@ EOF
 
 ## 自定义云资源
 
-如果我们提供的开箱即用云资源没有覆盖你的研发需求，你依然可以通过灵活的[Terraform 组件](../platform-engineers/components/component-terraform)去自定义业务所需要的云资源。
+如果我们提供的开箱即用云资源没有覆盖你的研发需求，你依然可以通过灵活的[Terraform 组件](../../../platform-engineers/components/component-terraform)去自定义业务所需要的云资源。
 
 ## 下一步
 
-- [组件可观测性](./component-observability)
-- [应用组件间的依赖和参数传递](./component-dependency-parameter)
-- [多应用、多环境、多集群编排](./multi-app-env-cluster)
+- [组件可观测性](../../component-observability)
+- [应用组件间的依赖和参数传递](../../component-dependency-parameter)
+- [多应用、多环境、多集群编排](../../multi-app-env-cluster)
 

i18n/zh/docusaurus-plugin-content-docs/version-v1.0/end-user/components/cloud-resources.md

@@ -235,4 +235,4 @@ $ kubectl port-forward deployment/express-server 80:80
 
 我们看到云资源已经正常地被应用使用了
 
-![](../resources/crossplane-visit-application.jpg)
+![](../../resources/crossplane-visit-application.jpg)

sidebars.js

@@ -31,13 +31,19 @@ module.exports = {
           'Components': [
             'end-user/components/helm',
             'end-user/components/kustomize',
-            {
-              'Cloud Services': [
-                'end-user/components/cloud-services/alibaba-ack',
-                'end-user/components/cloud-services/alibaba-rds',
-                'end-user/components/cloud-services/alibaba-oss',
-              ]
-            },
+              {
+                  'Cloud Services': [{
+                      "Terraform": [
+                          'end-user/components/cloud-services/terraform/alibaba-ack',
+                          'end-user/components/cloud-services/terraform/alibaba-rds',
+                          'end-user/components/cloud-services/terraform/alibaba-oss',
+                      ],
+
+                  },
+                      'end-user/components/cloud-services/provider-and-consume-cloud-services',
+                  ],
+
+              },
             {
               'CUE Component': [
                 'end-user/components/cue/webservice',