Making CNV and SM same as master/4.1

_topic_map.yml

@@ -662,9 +662,6 @@ Topics:
   - Name: Enabling features using FeatureGates
     File: nodes-cluster-enabling-features
     Distros: openshift-enterprise,openshift-origin
-  - Name: Disabling features using FeatureGates
-    File: nodes-cluster-disabling-features
-    Distros: openshift-enterprise,openshift-origin
 ---
 Name: Logging
 Dir: logging
@@ -791,50 +788,148 @@ Topics:
 - Name: Administrator CLI commands
   File: administrator-cli-commands
   Distros: openshift-enterprise,openshift-origin
-#---
-#Name: Serverless applications
-#Dir: serverless
-#Distros: openshift-enterprise
-#Topics:
-# - Name:
-#  File:
-#---
-#Name: Container-native Virtualization
-#Dir: cnv
-#Distros: openshift-enterprise
-#Topics:
-#- Name: Container-native Virtualization Installation
-#  Dir: cnv_install
-#  Topics:
-#  - Name: CNV Install Assemblies Placeholder
-#    File: cnv-install-placeholder
-#- Name: Container-native Virtualization User's Guide
-#  Dir: cnv_users_guide
-#  Topics:
-#  - Name: CNV User's Guide Assemblies Placeholder
-#    File: cnv-users-guide-placeholder
-#  - Name: Controlling virtual machines states
-#    File: cnv-controlling-vm-states
-#  - Name: Accessing virtual machine consoles
-#    File: cnv-accessing-vm-consoles
-#- Name: Container-native Virtualization Release Notes
-#  Dir: cnv_release_notes
-#  Topics:
-#  - Name: CNV Release Notes Placeholder
-#    File: cnv-release-notes-placeholder
-#---
-#Name: Service Mesh
-#Dir: service_mesh
-#Distros: openshift-enterprise
-#Topics:
-#- Name: Service Mesh Installation
-#  Dir: service_mesh_install
-#  Topics:
-#  - Name: Service Mesh Insatll Assemblies Placeholder
-#    File: service-mesh-install-placeholder
-#- Name: Service Mesh Release Notes
-#  Dir: service_mesh_release_notes
-#  Topics:
-#  - Name: Service Mesh Release Notes Placeholder
-#    File: service-mesh-release-notes-placeholder
-#---
+---
+Name: Service Mesh
+Dir: service_mesh
+Distros: openshift-enterprise
+Topics:
+- Name: Service Mesh Installation
+  Dir: service_mesh_install
+  Topics:
+  - Name: Understanding service mesh
+    File: understanding-ossm
+  - Name: Preparing to install service mesh
+    File: preparing-ossm-installation
+  - Name: Installing service mesh
+    File: installing-ossm
+  - Name: Installing a multi-tenant service mesh
+    File: installing-mt-ossm
+  - Name: Deploying applications on service mesh
+    File: prepare-to-deploy-applications-ossm
+  - Name: Example application
+    File: ossm-example-bookinfo
+  - Name: Kiali tutorial
+    File: ossm-tutorial-kiali
+  - Name: Distributed tracing tutorial
+    File: ossm-tutorial-jaeger-tracing
+  - Name: Grafana tutorial
+    File: ossm-tutorial-grafana
+  - Name: Prometheus tutorial
+    File: ossm-tutorial-prometheus
+  - Name: Removing service mesh
+    File: removing-ossm
+- Name: 3scale adapter
+  Dir: threescale_adapter
+  Topics:
+  - Name: Using the 3scale Istio adapter
+    File: threescale-adapter
+- Name: Service Mesh Release Notes
+  File: servicemesh-release-notes
+---
+Name: Container-native Virtualization
+Dir: cnv
+Distros: openshift-enterprise
+Topics:
+- Name: Container-native Virtualization installation
+  Dir: cnv_install
+  Topics:
+  - Name: About Container-native Virtualization
+    File: cnv-about-cnv
+  - Name: Preparing your OpenShift cluster for Container-native Virtualization
+    File: preparing-cluster-for-cnv
+  - Name: Installing Container-native Virtualization
+    File: installing-container-native-virtualization
+  - Name: Installing the `virtctl` client
+    File: cnv-installing-virtctl
+  - Name: Uninstalling Container-native Virtualization
+    File: uninstalling-container-native-virtualization
+- Name: Container-native Virtualization user's guide
+  Dir: cnv_users_guide
+  Topics:
+### VIRTUAL MACHINE CHESS SALAD (silly name to highlight that the commented out assemblies need to be checked against merged filenams)
+  - Name: Creating virtual machines
+    File: cnv-create-vms
+### Importing virtual machines
+  - Name: Importing a VMware virtual machine or template with the virtual machine wizard
+    File: cnv-importing-vmware-vm
+  - Name: Importing virtual machine images with DataVolumes
+    File: cnv-importing-virtual-machine-images-datavolumes
+### VM CHESS SALAD cont'd
+  - Name: Editing virtual machines
+    File: cnv-edit-vms
+  - Name: Deleting virtual machines
+    File: cnv-delete-vms
+  - Name: Controlling virtual machines states
+    File: cnv-controlling-vm-states
+  - Name: Accessing virtual machine consoles
+    File: cnv-accessing-vm-consoles
+  - Name: Using the CLI tools
+    File: cnv-using-the-cli-tools
+### Virtual machine networking
+  - Name: Using the default Pod network with Container-native Virtualization
+    File: cnv-using-the-default-pod-network-with-cnv
+  - Name: Attaching a virtual machine to multiple networks
+    File: cnv-attaching-vm-multiple-networks
+  - Name: Installing the QEMU guest agent on virtual machines
+    File: cnv-installing-qemu-guest-agent
+  - Name: Viewing the IP address of vNICs on a virtual machine
+    File: cnv-viewing-ip-of-vm-vnic
+### Advanced virtual machine configuration
+  - Name: Configuring PXE booting for virtual machines
+    File: cnv-configuring-pxe-booting
+  - Name: Managing guest memory
+    File: cnv-managing-guest-memory
+### Templates
+  - Name: Creating virtual machine templates
+    File: cnv-creating-vm-template
+  - Name: Editing a virtual machine template
+    File: cnv-editing-vm-template
+  - Name: Deleting a virtual machine template
+    File: cnv-deleting-vm-template
+### Cloning virtual machines
+  - Name: Cloning a virtual machine disk into a new DataVolume
+    File: cnv-cloning-vm-disk-into-new-datavolume
+  - Name: Cloning a virtual machine by using a DataVolumeTemplate
+    File: cnv-cloning-vm-using-datavolumetemplate
+### A BETTER NAME THAN 'STORAGE 4 U'
+  - Name: Uploading local disk images by using the virtctl tool
+    File: cnv-uploading-local-disk-images-virtctl
+  - Name: Expanding virtual storage by adding blank disk images
+    File: cnv-expanding-virtual-storage-with-blank-disk-images
+### Virtual machine live migration
+  - Name: Virtual machine live migration
+    File: cnv-live-migration
+  - Name: Live migration limits and timeouts
+    File: cnv-live-migration-limits
+  - Name: Migrating a virtual machine instance to another node
+    File: cnv-migrate-vmi
+  - Name: Monitoring live migration of a virtual machine instance
+    File: cnv-monitor-vmi-migration
+  - Name: Cancelling the live migration of a virtual machine instance
+    File: cnv-cancel-vmi-migration
+### Node maintenance mode
+  - Name: Node maintenance mode
+    File: cnv-node-maintenance
+  - Name: Configuring virtual machine eviction strategy
+    File: cnv-configuring-vmi-eviction-strategy
+  - Name: Setting a node to maintenance mode
+    File: cnv-setting-node-maintenance
+  - Name: Resuming a node from maintenance mode
+    File: cnv-resuming-node
+### Installing VirtIO drivers on Windows virtual machines
+  - Name: Installing VirtIO driver on an existing Windows virtual machine
+    File: cnv-installing-virtio-drivers-on-existing-windows-vm
+  - Name: Installing VirtIO driver on a new Windows virtual machine
+    File: cnv-installing-virtio-drivers-on-new-windows-vm
+### Logging, events, and monitoring
+  - Name: Viewing logs
+    File: cnv-logs
+  - Name: Viewing events
+    File: cnv-events
+  - Name: OpenShift cluster monitoring
+    File: cnv-openshift-cluster-monitoring
+- Name: Container-native Virtualization 2.0 release notes
+  Dir: cnv_release_notes
+  Topics:
+  - Name: Container-native Virtualization 2.0 release notes
+    File: cnv-release-notes

cnv/cnv_install/cnv-about-cnv.adoc

@@ -1,5 +1,5 @@
 [id="cnv-about-cnv"]
-= About {ProductName}
+= About Container-native Virtualization
 include::modules/cnv-document-attributes.adoc[]
 :context: cnv-about-cnv
 toc::[]

modules/ossm-architecture.adoc

@@ -0,0 +1,21 @@
+// Module included in the following assemblies:
+//
+// * service_mesh/service_mesh_install/understanding-ossm.adoc
+
+[id="ossm-architecture_{context}"]
+= {ProductName} Architecture
+
+{ProductName} is logically split into a data plane and a control plane:
+
+The *data plane* is a set of intelligent proxies deployed as sidecars. These proxies intercept and control all inbound and outbound network communication between microservices in the service mesh. Sidecar proxies also communicate with Mixer, the general-purpose policy and telemetry hub.
+
+* *Envoy proxy* intercepts all inbound and outbound traffic for all services in the service mesh. Envoy is deployed as a sidecar to the relevant service in the same pod.
+
+The *control plane* manages and configures proxies to route traffic, and configures Mixers to enforce policies and collect telemetry.
+
+* *Mixer* enforces access control and usage policies (such as authorization, rate limits, quotas, authentication, request tracing) and collects telemetry data from the Envoy proxy and other services.
+* *Pilot* configures the proxies at runtime. Pilot provides service discovery for the Envoy sidecars, traffic management capabilities for intelligent routing (for example, A/B tests or canary deployments), and resiliency (timeouts, retries, and circuit breakers).
+* *Citadel* issues and rotates certificates. Citadel provides strong service-to-service and end-user authentication with built-in identity and credential management. You can use Citadel to upgrade unencrypted traffic in the service mesh. Operators can enforce policies based on service identity rather than on network controls using Citadel.
+* *Galley* ingests the service mesh configuration, then validates, processes, and distributes the configuration. Galley protects the other service mesh components from obtaining user configuration details from {product-title}.
+
+{ProductName} also uses the *istio-operator* to manage the installation of the control plane. An _Operator_ is a piece of software that enables you to implement and automate common activities in your OpenShift cluster. It acts as a controller, allowing you to set or change the desired state of objects in your cluster.

modules/ossm-automatic-sidecar-injection.adoc

@@ -0,0 +1,43 @@
+// Module included in the following assemblies:
+//
+// * service_mesh/service_mesh_install/prepare-to-deploy-applications-ossm.adoc
+
+[id="ossm-automatic-sidecar-injection_{context}"]
+= Enabling automatic sidecar injection
+When deploying an application into the {ProductName} you must opt in to injection by specifying the `sidecar.istio.io/inject` annotation with a value of `true`. Opting in ensures that the sidecar injection does not interfere with other OpenShift features such as builder pods used by numerous frameworks within the OpenShift ecosystem.
+
+.Prerequisites
+
+* Identify the deployments for which you want to enable automatic sidecar injection.
+* Locate the application's yaml configuration file.
+
+.Procedure
+
+. Open the application's configuration yaml file in an editor.
+
+. Add `sidecar.istio.io/inject` to the configuration yaml with a value of `true` as illustrated here:
++
+.Sleep test application example
+[source,yaml]
+----
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: sleep
+spec:
+  replicas: 1
+  template:
+    metadata:
+      annotations:
+        sidecar.istio.io/inject: "true"
+      labels:
+        app: sleep
+    spec:
+      containers:
+      - name: sleep
+        image: tutum/curl
+        command: ["/bin/sleep","infinity"]
+        imagePullPolicy: IfNotPresent
+----
+
+. Save the configuration file.

modules/ossm-configure-security-constraints.adoc

@@ -0,0 +1,41 @@
+// Module included in the following assemblies:
+//
+// * service_mesh/service_mesh_install/prepare-to-deploy-applications-ossm.adoc
+
+
+[id="ossm-configure-security-constraints_{context}"]
+= Configuring {ProductName} security constraints
+
+Configure service accounts that require additional permissions to run in the {ProductShortName} with `anyuid` or `privileged` Security Context Constraints (SCCs).
+
+[NOTE]
+====
+You do not need to follow this procedure if you are using {product-title} 4.1.
+====
+
+.Prerequisites
+
+* Identify the service accounts that require SCC changes.
+* Identify the namespaces associated with the service accounts that require SCC changes.
+
+
+.Procedure
+
+. Identify the service account(s) that require relaxed privileges.
++
+[NOTE]
+====
+Replace `<service account>` and `<namespace>` with values specific to your application in the commands in this procedure.
+====
+
+. Run this command for each service account that requires the `anyuid` SCC for its associated sidecar container.
++
+----
+$ oc adm policy add-scc-to-user anyuid -z <service account> -n <namespace>
+----
+
+. Run this command for each service account that requires the `privileged` SCC to allow successful updates to its pod's networking configuration:
++
+----
+$ oc adm policy add-scc-to-user privileged -z <service account> -n <namespace>
+----

modules/ossm-control-plane-deploy.adoc

@@ -0,0 +1,48 @@
+// Module included in the following assemblies:
+//
+// * service_mesh/service_mesh_install/installing-ossm.adoc
+
+[id="ossm-control-plane-deploy_{context}"]
+
+= Deploying the control plane
+
+With the introduction of {product-title} 4.1, the network capabilities of the host are now based on nftables rather than iptables. This change impacts the initialization of the {ProductName} application components. {ProductShortName} needs to know what host operating system OpenShift is running on to correctly initialize {ProductShortName} networking components.
+
+[NOTE]
+====
+You do not need to follow this procedure if you are using {product-title} 4.1.
+====
+
+If the OpenShift installation is deployed on a Red Hat Enterprise Linux (RHEL) 7 host, then the custom resource must explicitly request the RHEL 7 `proxy-init` container image by including the following:
+
+.Enabling the proxy-init container for RHEL 7 hosts
+
+[subs=+macros]
+----
+  apiVersion: maistra.io/v1
+   kind: ServiceMeshControlPlane
+   spec:
+     istio:
+       global:
+        pass:quotes[*proxy_init:*]
+          pass:quotes[*image: proxy-init*]
+----
+
+Use the custom resource definition file you created to deploy the {ProductShortName} control plane.
+
+
+.Procedure
+
+. Create a custom resource definition file named `istio-installation.yaml`.
+
+. Run this command to deploy the control plane:
++
+----
+$ oc create -n istio-system -f istio-installation.yaml
+----
+
+. Run this command to watch the progress of the pods during the installation process:
++
+----
+$ oc get pods -n istio-system -w
+----