openshift · jboxman-rh · Aug 5, 2022 · Jul 27, 2022
diff --git a/_topic_maps/_topic_map_rosa.yml b/_topic_maps/_topic_map_rosa.yml
@@ -316,6 +316,93 @@ Topics:
 # - Name: Using the internal registry
 #   File: rosa-using-internal-registry
 ---
+Name: Service Mesh
+Dir: service_mesh
+Distros: openshift-rosa
+Topics:
+- Name: Service Mesh 2.x
+  Dir: v2x
+  Topics:
+  - Name: About OpenShift Service Mesh
+    File: ossm-about
+  - Name: Service Mesh 2.x release notes
+    File: servicemesh-release-notes
+  - Name: Service Mesh architecture
+    File: ossm-architecture
+  - Name: Service Mesh deployment models
+    File: ossm-deployment-models
+  - Name: Service Mesh and Istio differences
+    File: ossm-vs-community
+  - Name: Preparing to install Service Mesh
+    File: preparing-ossm-installation
+  - Name: Installing the Operators
+    File: installing-ossm
+  - Name: Creating the ServiceMeshControlPlane
+    File: ossm-create-smcp
+  - Name: Adding workloads to a service mesh
+    File: ossm-create-mesh
+  - Name: Enabling sidecar injection
+    File: prepare-to-deploy-applications-ossm
+  - Name: Upgrading Service Mesh
+    File: upgrading-ossm
+  - Name: Managing users and profiles
+    File: ossm-profiles-users
+  - Name: Security
+    File: ossm-security
+  - Name: Traffic management
+    File: ossm-traffic-manage
+  - Name: Metrics, logs, and traces
+    File: ossm-observability
+  - Name: Performance and scalability
+    File: ossm-performance-scalability
+  - Name: Deploying to production
+    File: ossm-deploy-production
+  - Name: Federation
+    File: ossm-federation
+  - Name: Extensions
+    File: ossm-extensions
+  - Name: 3scale WebAssembly for 2.1
+    File: ossm-threescale-webassembly-module
+  - Name: 3scale Istio adapter for 2.0
+    File: threescale-adapter
+  - Name: Troubleshooting Service Mesh
+    File: ossm-troubleshooting-istio
+  - Name: Control plane configuration reference
+    File: ossm-reference-smcp
+  - Name: Kiali configuration reference
+    File: ossm-reference-kiali
+  - Name: Jaeger configuration reference
+    File: ossm-reference-jaeger
+  - Name: Uninstalling Service Mesh
+    File: removing-ossm
+- Name: Service Mesh 1.x
+  Dir: v1x
+  Topics:
+  - Name: Service Mesh 1.x release notes
+    File: servicemesh-release-notes
+  - Name: Service Mesh architecture
+    File: ossm-architecture
+  - Name: Service Mesh and Istio differences
+    File: ossm-vs-community
+  - Name: Preparing to install Service Mesh
+    File: preparing-ossm-installation
+  - Name: Installing Service Mesh
+    File: installing-ossm
+  - Name: Security
+    File: ossm-security
+  - Name: Traffic management
+    File: ossm-traffic-manage
+  - Name: Deploying applications on Service Mesh
+    File: prepare-to-deploy-applications-ossm
+  - Name: Data visualization and observability
+    File: ossm-observability
+  - Name: Custom resources
+    File: ossm-custom-resources
+  - Name: 3scale Istio adapter for 1.x
+    File: threescale-adapter
+  - Name: Removing Service Mesh
+    File: removing-ossm
+---
 Name: Serverless
 Dir: serverless
 Distros: openshift-rosa

diff --git a/build.yml b/build.yml
@@ -197,11 +197,11 @@ variants:
        - web_console/**/*.adoc
        - whats_new/**/*.adoc
        - windows_containers/**/*.adoc
- - name: openshift-rosa
-   attributes:
-    - _attributes/rosa-attributes.adoc
-    - _attributes/attributes-openshift-dedicated.adoc
-   build: false
+- name: openshift-rosa
+  attributes:
+   - _attributes/rosa-attributes.adoc
+   - _attributes/attributes-openshift-dedicated.adoc
+  build: false
    files:
      included:
        - adding_service_cluster/**/*.adoc

diff --git a/modules/ossm-auto-route-annotations.adoc b/modules/ossm-auto-route-annotations.adoc
@@ -5,6 +5,11 @@
 [id="ossm-auto-route-annotations_{context}"]
 = {SMProductName} route annotations
 
-Sometimes specific annotations are needed in an OpenShift Route. For example, some advanced features in OpenShift Routes are managed via xref:../../networking/routes/route-configuration.adoc[special annotations]. For this and other use cases, {SMProductName} will copy all annotations present in the Istio Gateway resource (with the exception of those starting with `kubectl.kubernetes.io`) into the managed OpenShift Route resource.
+Sometimes specific annotations are needed in an OpenShift Route.
+ifdef::openshift-enterprise[]
+For example, some advanced features in OpenShift Routes are managed via xref:../../networking/routes/route-configuration.adoc[special annotations].
+endif::[]
+
+For this and other use cases, {SMProductName} will copy all annotations present in the Istio Gateway resource (with the exception of those starting with `kubectl.kubernetes.io`) into the managed OpenShift Route resource.
 
 If you need specific annotations in the OpenShift Routes created by {SMProductShortName}, create them in the Istio Gateway resource and they will be copied into the OpenShift Route resources managed by the {SMProductShortName}.
diff --git a/modules/ossm-config-sampling.adoc b/modules/ossm-config-sampling.adoc
@@ -21,7 +21,10 @@ In a basic installation, `spec.tracing.sampling` is set to `10000`, which sample
 ====
 The Envoy proxy sampling rate applies for applications that are available to a Service Mesh, and use the Envoy proxy. This sampling rate determines how much data the Envoy proxy collects and tracks.
 
-The Jaeger remote sampling rate applies to applications that are external to the Service Mesh, and do not use the Envoy proxy, such as a database. This sampling rate determines how much data the distributed tracing system collects and stores. For more information, see xref:../../distr_tracing/distr_tracing_install/distr-tracing-deploying-jaeger.adoc#distr-tracing-config-sampling_deploying-distributed-tracing-platform[Distributed tracing configuration options].
+The Jaeger remote sampling rate applies to applications that are external to the Service Mesh, and do not use the Envoy proxy, such as a database. This sampling rate determines how much data the distributed tracing system collects and stores.
+ifdef::openshift-enterprise[]
+For more information, see xref:../../distr_tracing/distr_tracing_install/distr-tracing-deploying-jaeger.adoc#distr-tracing-config-sampling_deploying-distributed-tracing-platform[Distributed tracing configuration options].
+endif::[]
 ====
 
 .Procedure

diff --git a/modules/ossm-configuring-the-threescale-wasm-auth-module.adoc b/modules/ossm-configuring-the-threescale-wasm-auth-module.adoc
@@ -10,7 +10,12 @@ Cluster administrators on {product-title} can configure the `threescale-wasm-aut
 [id="the-service-mesh-extension_{context}"]
 == The Service Mesh extension
 
-{SMProductShortName} provides a xref:../../operators/understanding/crds/crd-extending-api-with-crds.adoc#crd-extending-api-with-crds[custom resource definition] to specify and apply Proxy-WASM extensions to sidecar proxies, known as xref:../../service_mesh/v2x/ossm-extensions.adoc#ossm-extensions[`ServiceMeshExtension`]. {SMProductShortName} applies this custom resource to the set of workloads that require HTTP API management with 3scale.
+
+{SMProductShortName} provides a custom resource definition to specify and apply Proxy-WASM extensions to sidecar proxies, known as xref:../../service_mesh/v2x/ossm-extensions.adoc#ossm-extensions[`ServiceMeshExtension`].  {SMProductShortName} applies this custom resource to the set of workloads that require HTTP API management with 3scale.
+
+ifdef::openshift-enterprise[]
+See xref:../../operators/understanding/crds/crd-extending-api-with-crds.adoc#crd-extending-api-with-crds[custom resource definition] for more information.
+endif::[]
 
 [NOTE]
 ====

diff --git a/modules/ossm-routing-ingress.adoc b/modules/ossm-routing-ingress.adoc
@@ -23,7 +23,10 @@ That command returns the `NAME`, `TYPE`, `CLUSTER-IP`, `EXTERNAL-IP`,    `PORT(S
 
 If the `EXTERNAL-IP` value is set, your environment has an external load balancer that you can use for the ingress gateway.
 
-If the `EXTERNAL-IP` value is `<none>`, or perpetually `<pending>`, your environment does not provide an external load balancer for the ingress gateway. You can access the gateway using the service's xref:../../networking/configuring-node-port-service-range.adoc[node port].
+If the `EXTERNAL-IP` value is `<none>`, or perpetually `<pending>`, your environment does not provide an external load balancer for the ingress gateway.
+ifdef::openshift-enterprise[]
+You can access the gateway using the service's xref:../../networking/configuring-node-port-service-range.adoc[node port].
+endif::[]
 
 Determine the ingress according to your environment. For an environment with load balancer support, xref:../../service_mesh/v2x/ossm-traffic-manage.adoc#ossm-routing-config-ig-lb_routing-traffic[Determining ingress ports with a load balancer]. For an environment without load balancer support, xref:../../service_mesh/v2x/ossm-traffic-manage.adoc#ossm-routing-config-ig-no-lb_routing-traffic[Determining ingress ports without a load balancer]. After you have determined the ingress ports, see xref:../../service_mesh/v2x/ossm-traffic-manage.adoc#ossm-routing-gateways_routing-traffic[Configuring ingress using a gateway] to complete your configuration.
 

diff --git a/service_mesh/v1x/installing-ossm.adoc b/service_mesh/v1x/installing-ossm.adoc
@@ -54,7 +54,9 @@ include::modules/ossm-member-roll-modify.adoc[leveloffset=+1]
 If you choose to update manually, the Operator Lifecycle Manager (OLM) controls the installation, upgrade, and role-based access control (RBAC) of Operators in a cluster. OLM runs by default in {product-title}.
 OLM uses CatalogSources, which use the Operator Registry API, to query for available Operators as well as upgrades for installed Operators.
 
+ifdef::openshift-enterprise[]
 * For more information about how {product-title} handled upgrades, refer to the xref:../../operators/understanding/olm/olm-understanding-olm.adoc#olm-overview_olm-understanding-olm[Operator Lifecycle Manager] documentation.
+endif::[]
 
 include::modules/ossm-update-app-sidecar.adoc[leveloffset=+2]
 

diff --git a/service_mesh/v1x/ossm-custom-resources.adoc b/service_mesh/v1x/ossm-custom-resources.adoc
@@ -23,7 +23,9 @@ include::modules/ossm-cr-istio-global.adoc[leveloffset=+2]
 
 include::modules/ossm-cr-gateway.adoc[leveloffset=+2]
 
+ifdef::openshift-enterprise[]
 Cluster administrators can refer to xref:../../networking/ingress-operator.html#using-wildcard-routes_configuring-ingress[Using wildcard routes] for instructions on how to enable subdomains.
+endif::[]
 
 include::modules/ossm-cr-mixer.adoc[leveloffset=+2]
 
@@ -39,6 +41,8 @@ include::modules/ossm-jaeger-config-elasticsearch-v1x.adoc[leveloffset=+2]
 
 include::modules/ossm-jaeger-config-es-cleaner-v1x.adoc[leveloffset=+2]
 
+ifdef::openshift-enterprise[]
 For more information about configuring Elasticsearch with {product-title}, see  xref:../../logging/config/cluster-logging-log-store.adoc[Configuring the log store].
+endif::[]
 
 include::modules/ossm-cr-threescale.adoc[leveloffset=+1]
diff --git a/service_mesh/v1x/ossm-traffic-manage.adoc b/service_mesh/v1x/ossm-traffic-manage.adoc
@@ -22,6 +22,8 @@ include::modules/ossm-routing-ingress.adoc[leveloffset=+1]
 
 include::modules/ossm-auto-route-1x.adoc[leveloffset=+1]
 
+ifdef::openshift-enterprise[]
 == Links
 
 For more information about configuring an {product-title} wildcard policy, see xref:../../networking/ingress-operator.adoc#using-wildcard-routes_configuring-ingress[Using wildcard routes].
+endif::[]
diff --git a/service_mesh/v1x/preparing-ossm-installation.adoc b/service_mesh/v1x/preparing-ossm-installation.adoc
@@ -13,6 +13,8 @@ Before you can install {SMProductName}, review the installation activities, ensu
 == Prerequisites
 
 * Possess an active {product-title} subscription on your Red Hat account. If you do not have a subscription, contact your sales representative for more information.
+
+ifdef::openshift-enterprise[]
 * Review the xref:../../architecture/architecture-installation.adoc#installation-overview_architecture-installation[{product-title} {product-version} overview].
 * Install {product-title} {product-version}.
 ** xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[Install {product-title} {product-version} on AWS]
@@ -25,13 +27,19 @@ Before you can install {SMProductName}, review the installation activities, ensu
 If you are installing {SMProductName} on a xref:../../installing/installing-preparing.adoc#supported-installation-methods-for-different-platforms[restricted network], follow the instructions for your chosen {product-title} infrastructure.
 ====
 +
+endif::[]
+
 * Install the version of the {product-title} command line utility (the `oc` client tool) that matches your {product-title} version and add it to your path.
+
+ifdef::openshift-enterprise[]
 ** If you are using {product-title} {product-version}, see xref:../../cli_reference/openshift_cli/getting-started-cli.adoc#cli-about-cli_cli-developer-commands[About the OpenShift CLI].
+endif::[]
 
 include::modules/ossm-supported-configurations-v1x.adoc[leveloffset=+1]
 
 include::modules/ossm-installation-activities.adoc[leveloffset=+1]
 
+ifdef::openshift-enterprise[]
 [WARNING]
 ====
 See xref:../../logging/config/cluster-logging-log-store.adoc[Configuring the log store] for details on configuring the default Jaeger parameters for Elasticsearch in a production environment.
@@ -40,3 +48,4 @@ See xref:../../logging/config/cluster-logging-log-store.adoc[Configuring the log
 == Next steps
 
 * xref:../../service_mesh/v1x/installing-ossm.adoc#installing-ossm-v1x[Install {SMProductName}] in your {product-title} environment.
+endif::[]
diff --git a/service_mesh/v2x/ossm-observability.adoc b/service_mesh/v2x/ossm-observability.adoc
@@ -26,7 +26,9 @@ include::modules/ossm-config-sampling.adoc[leveloffset=+2]
 
 include::modules/ossm-jaeger-accessing-console.adoc[leveloffset=+1]
 
+ifdef::openshift-enterprise[]
 For more information about configuring Jaeger, see the xref:../../distr_tracing/distr_tracing_install/distr-tracing-deploying-jaeger.adoc#distr-tracing-deploy-default_deploying-distributed-tracing-platform[distributed tracing documentation].
+endif::[]
 
 include::modules/ossm-access-grafana.adoc[leveloffset=+1]
 

diff --git a/service_mesh/v2x/ossm-reference-jaeger.adoc b/service_mesh/v2x/ossm-reference-jaeger.adoc
@@ -26,9 +26,11 @@ include::modules/distr-tracing-config-sampling.adoc[leveloffset=+2]
 
 include::modules/distr-tracing-config-storage.adoc[leveloffset=+2]
 
+ifdef::openshift-enterprise[]
 For more information about configuring Elasticsearch with {product-title}, see xref:../../logging/config/cluster-logging-log-store.adoc[Configuring the log store] or xref:../../distr_tracing/distr_tracing_install/distr-tracing-deploying-jaeger.adoc[Configuring and deploying distributed tracing].
 
 //TO DO For information about connecting to an external Elasticsearch instance, see xref:../../distr_tracing/distr_tracing_install/distr-tracing-deploying-jaeger.adoc#jaeger-config-external-es_jaeger-deploying[Connecting to an existing Elasticsearch instance].
+endif::[]
 
 include::modules/distr-tracing-config-query.adoc[leveloffset=+2]
 

diff --git a/service_mesh/v2x/ossm-threescale-webassembly-module.adoc b/service_mesh/v2x/ossm-threescale-webassembly-module.adoc
@@ -29,10 +29,12 @@ The `threescale-wasm-auth` module is designed to be fully compatible with all im
 
 Because of its self-contained design, it is possible to configure this module to work with Proxy-WASM proxies independently of {SMProductShortName}, as well as 3scale Istio adapter deployments.
 
+ifdef::openshift-enterprise[]
 [id="prerequisites_ossm-threescale-webassembly-module"]
 == Prerequisites
 
 * The module works with all supported 3scale releases, except when configuring a service to use xref:../../authentication/identity_providers/configuring-oidc-identity-provider.adoc#configuring-oidc-identity-provider[OpenID connect (OIDC)], which requires 3scale 2.11 or later.
+endif::[]
 
 include::modules/ossm-configuring-the-threescale-wasm-auth-module.adoc[leveloffset=+1]
 

diff --git a/service_mesh/v2x/ossm-traffic-manage.adoc b/service_mesh/v2x/ossm-traffic-manage.adoc
@@ -32,7 +32,11 @@ OpenShift routes for Istio Gateways are automatically managed in {SMProductShort
 [id="ossm-auto-route-subdomains_{context}"]
 === Subdomains
 
-{SMProductName} creates the route with the subdomain, but {product-title} must be configured to enable it. Subdomains, for example `*.domain.com`, are supported but not by default. Configure an {product-title} wildcard policy before configuring a wildcard host Gateway. For more information, see xref:../../networking/ingress-operator.adoc#using-wildcard-routes_configuring-ingress[Using wildcard routes].
+{SMProductName} creates the route with the subdomain, but {product-title} must be configured to enable it. Subdomains, for example `*.domain.com`, are supported but not by default. Configure an {product-title} wildcard policy before configuring a wildcard host Gateway.
+
+ifdef::openshift-enterprise[]
+For more information, see xref:../../networking/ingress-operator.adoc#using-wildcard-routes_configuring-ingress[Using wildcard routes].
+endif::[]
 
 include::modules/ossm-auto-route.adoc[leveloffset=+2]
 

diff --git a/service_mesh/v2x/ossm-troubleshooting-istio.adoc b/service_mesh/v2x/ossm-troubleshooting-istio.adoc
@@ -14,6 +14,7 @@ include::modules/ossm-understanding-versions.adoc[leveloffset=+1]
 
 == Troubleshooting Operator installation
 
+ifdef::openshift-enterprise[]
 In addition to the information in this section, be sure to review the following topics:
 
 * xref:../../operators/understanding/olm-what-operators-are.adoc[What are Operators?]
@@ -23,6 +24,7 @@ In addition to the information in this section, be sure to review the following
 * xref:../../support/troubleshooting/troubleshooting-operator-issues.adoc[OpenShift Operator troubleshooting section].
 
 * xref:../../support/troubleshooting/troubleshooting-installations.adoc[OpenShift installation troubleshooting section].
+endif::[]
 
 include::modules/ossm-validating-operators.adoc[leveloffset=+2]
 
@@ -52,7 +54,9 @@ For more information about sidecar injection, see xref:../../service_mesh/v2x/pr
 
 include::modules/ossm-troubleshooting-proxy.adoc[leveloffset=2]
 
+ifdef::openshift-enterprise[]
 For more information about troubleshooting pod issues, see xref:../../support/troubleshooting/investigating-pod-issues.adoc[Investigating pod issues]
+endif::[]
 
 include::modules/support.adoc[leveloffset=+1]
 

diff --git a/service_mesh/v2x/prepare-to-deploy-applications-ossm.adoc b/service_mesh/v2x/prepare-to-deploy-applications-ossm.adoc
@@ -8,7 +8,11 @@ toc::[]
 
 After adding the namespaces that contain your services to your mesh, the next step is to enable automatic sidecar injection in the Deployment resource for your application. You must enable automatic sidecar injection for each deployment.
 
-If you have installed the Bookinfo sample application, the application was deployed and the sidecars were injected as part of the installation procedure. If you are using your own project and service, deploy your applications on {product-title}. For more information, see the {product-title} documentation, xref:../../applications/deployments/what-deployments-are.html[Understanding Deployment and DeploymentConfig objects].
+If you have installed the Bookinfo sample application, the application was deployed and the sidecars were injected as part of the installation procedure. If you are using your own project and service, deploy your applications on {product-title}.
+
+ifdef::openshift-enterprise[]
+For more information, see the {product-title} documentation, xref:../../applications/deployments/what-deployments-are.html[Understanding Deployment and DeploymentConfig objects].
+endif::[]
 
 == Prerequisites
 

diff --git a/service_mesh/v2x/preparing-ossm-installation.adoc b/service_mesh/v2x/preparing-ossm-installation.adoc
@@ -11,6 +11,8 @@ Before you can install {SMProductName}, you must subscribe to {product-title} an
 == Prerequisites
 
 * Maintain an active {product-title} subscription on your Red Hat account. If you do not have a subscription, contact your sales representative for more information.
+
+ifdef::openshift-enterprise[]
 * Review the xref:../../architecture/architecture-installation.adoc#installation-overview_architecture-installation[{product-title} {product-version} overview].
 * Install {product-title} {product-version}. If you are installing {SMProductName} on a xref:../../installing/installing-preparing.adoc#supported-installation-methods-for-different-platforms[restricted network], follow the instructions for your chosen {product-title} infrastructure.
 ** xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[Install {product-title} {product-version} on AWS]
@@ -19,9 +21,12 @@ Before you can install {SMProductName}, you must subscribe to {product-title} an
 ** xref:../../installing/installing_vsphere/installing-vsphere.adoc#installing-vsphere[Install {product-title} {product-version} on vSphere]
 ** xref:../../installing/installing_ibm_z/installing-ibm-z.adoc#installing-ibm-z[Install {product-title} {product-version} on IBM Z and LinuxONE]
 ** xref:../../installing/installing_ibm_power/installing-ibm-power.adoc#installing-ibm-power[Install {product-title} {product-version} on IBM Power]
-+
+endif::[]
+
 * Install the version of the {product-title} command line utility (the `oc` client tool) that matches your {product-title} version and add it to your path.
+ifdef::openshift-enterprise[]
 ** If you are using {product-title} {product-version}, see xref:../../cli_reference/openshift_cli/getting-started-cli.adoc#cli-about-cli_cli-developer-commands[About the OpenShift CLI].
+endif::[]
 
 For additional information about {SMProductName} lifecycle and supported platforms, refer to the link:https://access.redhat.com/support/policy/updates/openshift#ossm[Support Policy].