Merge branch 'main' into patch-2

Author: vvnginx

content/includes/licensing-and-reporting/download-certificates-from-myf5.md

@@ -0,0 +1,9 @@
+---
+files:
+- content/includes/use-cases/credential-download-instructions.md
+---
+
+1. Log in to [MyF5](https://my.f5.com/manage/s/).
+1. Go to **My Products & Plans > Subscriptions** to see your active subscriptions.
+1. Find your NGINX subscription, and select the **Subscription ID** for details.
+1. Download the **SSL Certificate** and **Private Key** files from the subscription page.

content/includes/licensing-and-reporting/download-jwt-from-myf5.md

@@ -1,8 +1,19 @@
 ---
 docs:
+files:
+- content/includes/nim/docker/docker-registry-login.md
+- content/includes/use-cases/credential-download-instructions.md
+- content/nap-waf/v5/admin-guide/install.md
+- content/nginx/admin-guide/installing-nginx/installing-nginx-plus.md
+- content/nginx-one/connect-instances/connect-nginx-plus-container-images-to-nginx-one.md
+- content/nim/admin-guide/add-license.md
+- content/nim/deploy/docker/deploy-nginx-plus-and-agent-docker.md
+- content/nim/disconnected/add-license-disconnected-deployment.md
+- content/solutions/about-subscription-licenses.md
+- content/solutions/r33-pre-release-guidance-for-automatic-upgrades.md
 ---
 
 1. Log in to [MyF5](https://my.f5.com/manage/s/).
-2. Go to **My Products & Plans > Subscriptions** to see your active subscriptions.
-3. Find your NGINX products or services subscription, and select the **Subscription ID** for details.
-4. Download the **JSON Web Token** from the subscription page.
+1. Go to **My Products & Plans > Subscriptions** to see your active subscriptions.
+1. Find your NGINX subscription, and select the **Subscription ID** for details.
+1. Download the **JSON Web Token** file from the subscription page.

content/includes/use-cases/credential-download-instructions.md

@@ -0,0 +1,25 @@
+---
+files:
+- content/nginx/admin-guide/installing-nginx/installing-nginx-docker.md
+- content/nic/installation/nic-images/registry-download.md
+---
+
+In order to obtain a container image, you will need the JSON Web Token file or SSL certificate and private key files provided with your NGINX Plus subscription. 
+
+These files grant access to the package repository from which the script will download the NGINX Plus package:
+
+{{< tabs name="product_keys" >}}
+
+{{% tab name="JSON Web Token" %}}
+
+{{< include "licensing-and-reporting/download-jwt-from-myf5.md" >}}
+
+{{% /tab %}}
+
+{{% tab name="SSL" %}}
+
+{{< include "licensing-and-reporting/download-certificates-from-myf5.md" >}}
+
+{{% /tab %}}
+
+{{< /tabs >}}

content/includes/use-cases/docker-registry-instructions.md

@@ -0,0 +1,49 @@
+---
+files:
+- content/nginx/admin-guide/installing-nginx/installing-nginx-docker.md
+- content/nic/installation/nic-images/registry-download.md
+---
+
+This step describes how to use Docker to communicate with the F5 Container Registry located at `private-registry.nginx.com`.
+
+{{< call-out "note" >}}
+
+The steps provided are for Linux. For Mac or Windows, see the [Docker for Mac](https://docs.docker.com/docker-for-mac/#add-client-certificates) or [Docker for Windows](https://docs.docker.com/docker-for-windows/#how-do-i-add-client-certificates) documentation. 
+
+For more details on Docker Engine security, you can refer to the [Docker Engine Security documentation](https://docs.docker.com/engine/security/).
+
+{{< /call-out >}}
+
+{{< tabs name="docker_login" >}}
+
+{{% tab name="JSON Web Token"%}}
+
+Open the JSON Web Token file previously downloaded from [MyF5](https://my.f5.com) customer portal (for example, `nginx-repo-12345abc.jwt`) and copy its contents.
+
+Log in to the Docker registry using the contents of the JSON Web Token file:
+
+```shell
+docker login private-registry.nginx.com --username=<output_of_jwt_token> --password=none
+```
+
+{{% /tab %}}
+
+{{% tab name="SSL" %}}
+
+Create a directory and copy your certificate and key to this directory:
+
+```shell
+mkdir -p /etc/docker/certs.d/private-registry.nginx.com
+cp <path-to-your-nginx-repo.crt> /etc/docker/certs.d/private-registry.nginx.com/client.cert
+cp <path-to-your-nginx-repo.key> /etc/docker/certs.d/private-registry.nginx.com/client.key
+```
+
+Log in to the Docker registry:
+
+```shell
+docker login private-registry.nginx.com
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}

content/includes/use-cases/monitoring/n1c-dashboard-overview.md

@@ -23,7 +23,7 @@ Navigating the dashboard:
 | <i class="fas fa-desktop"></i> **Operating systems** | Find out which operating systems your instances are running on. | |
 | <i class="fas fa-certificate"></i> **Certificates** | Monitor the status of your SSL certificates to know which are expiring soon and which are still valid. | |
 | <i class="fas fa-cogs"></i> **Config recommendations** | Get configuration recommendations to optimize your instances' settings. | |
-| <i class="fas fa-shield-alt"></i> **CVEs (Common Vulnerabilities and Exposures)** | Evaluate the severity and number of potential security threats in your instances. | - **Major**: Indicates a high-severity threat that needs immediate attention. <br> - **Medium**: Implies a moderate threat level. <br> - **Minor** and **Low**: Represent less critical issues that still require monitoring. <br> - **Other**: Encompasses any threats that don't fit the standard categories. |
+| <i class="fas fa-shield-alt"></i> **CVEs (Common Vulnerabilities and Exposures)** | Evaluate the severity and number of potential security threats in your instances. | - **High**: Indicates a high-severity threat that needs immediate attention. NGINX CVSS score = 7.0-10.0 <br> - **Medium**: Implies a moderate threat level. NGINX CVSS score = 4.0-6.9  <br> - **Low**: Represent less critical issues that still require monitoring. NGINX CVSS score = 0.1-3.9. <br> - **None**: NGINX CVSS score = 0.0|
 | <i class="fas fa-microchip"></i> **CPU utilization** | Track CPU usage trends and pinpoint instances with high CPU demand. | |
 | <i class="fas fa-memory"></i> **Memory utilization** | Watch memory usage patterns to identify instances using significant memory. | |
 | <i class="fas fa-hdd"></i> **Disk space utilization** | Monitor how much disk space your instances are using and identify those nearing capacity. | |

content/nginx-one/agent/configure-instance-reporting/configuration-overview.md

@@ -49,8 +49,8 @@ sudo docker run \
   --env=NGINX_AGENT_LOG_LEVEL=debug \
   -d agent
 ```
-<details>
-<summary>NGINX Agent configuration options</summary>
+
+### NGINX Agent configuration options
 
 {{< bootstrap-table "table table-striped table-bordered" >}}
 | **Environment Variable**                         | **Command-Line Option**                             | **Description**                                                                                              | **Default Value**                                      |
@@ -83,5 +83,4 @@ sudo docker run \
 | NGINX_AGENT_COLLECTOR_EXTENSIONS_TLS_CERT     | --collector-extensions-health-tls-cert          | TLS Certificate file path for communication with OTel health server.                                         | N/A                                                    |
 | NGINX_AGENT_COLLECTOR_EXTENSIONS_TLS_KEY      | --collector-extensions-health-tls-key           | File path for TLS key used when connecting with OTel health server.                                           | N/A                                                    |
 | NGINX_AGENT_COLLECTOR_PROCESSORS_BATCH_SEND_BATCH_TIMEOUT    | --collector-processors-batch-send-batch-timeout                                               | Maximum time duration for sending batch data metrics regardless of size.                                      | 200ms
-{{< /bootstrap-table >}}                             |%
-</details>
+{{< /bootstrap-table >}}

content/nginx-one/connect-instances/connect-nginx-plus-container-images-to-nginx-one.md

@@ -73,13 +73,13 @@ For more details, see [About subscription licenses]({{< ref "solutions/about-sub
 ```sh
 sudo docker run \
 --env=NGINX_LICENSE_JWT="YOUR_JWT_HERE" \
---env=NGINX_AGENT_SERVER_GRPCPORT=443 \
---env=NGINX_AGENT_SERVER_HOST=agent.connect.nginx.com \
---env=NGINX_AGENT_SERVER_TOKEN="YOUR_NGINX_ONE_DATA_PLANE_KEY_HERE" \
---env=NGINX_AGENT_TLS_ENABLE=true \
+--env=NGINX_AGENT_COMMAND_SERVER_PORT=443 \
+--env=NGINX_AGENT_COMMAND_SERVER_HOST=agent.connect.nginx.com \
+--env=NGINX_AGENT_COMMAND_AUTH_TOKEN="DPK" \
+--env=NGINX_AGENT_COMMAND_TLS_SKIP_VERIFY=false \
 --restart=always \
 --runtime=runc \
--d private-registry.nginx.com/nginx-plus/agent:<version-tag>
+-d private-registry.nginx.com/nginx-plus/agentv3:<version-tag>
 ```
 
 <br>
@@ -90,13 +90,13 @@ To start the container with the `debian` image:
 ```sh
 sudo docker run \
 --env=NGINX_LICENSE_JWT="YOUR_JWT_HERE" \
---env=NGINX_AGENT_SERVER_GRPCPORT=443 \
---env=NGINX_AGENT_SERVER_HOST=agent.connect.nginx.com \
---env=NGINX_AGENT_SERVER_TOKEN="YOUR_NGINX_ONE_DATA_PLANE_KEY_HERE" \
---env=NGINX_AGENT_TLS_ENABLE=true \
+--env=NGINX_AGENT_COMMAND_SERVER_PORT=443 \
+--env=NGINX_AGENT_COMMAND_SERVER_HOST=agent.connect.nginx.com \
+--env=NGINX_AGENT_COMMAND_AUTH_TOKEN="DPK" \
+--env=NGINX_AGENT_COMMAND_TLS_SKIP_VERIFY=false \
 --restart=always \
 --runtime=runc \
--d private-registry.nginx.com/nginx-plus/agent:debian
+-d private-registry.nginx.com/nginx-plus/agentv3:debian
 ```
 
 {{</call-out>}}

content/nginx-one/nginx-configs/config-sync-groups/manage-config-sync-groups.md

@@ -114,7 +114,7 @@ You can add existing NGINX instances that are already registered with NGINX One
 
    ``` text
    labels:
-      config_sync_group: <config_sync_group>
+      config-sync-group: <config_sync_group>
    ```
 
 4. Restart NGINX Agent:

content/nginx/admin-guide/installing-nginx/installing-nginx-docker.md

@@ -88,61 +88,13 @@ where:
 
 - the `jq` command is used to format the JSON output for easier reading and requires the [jq](https://jqlang.github.io/jq/) JSON processor to be installed.
 
+### Download your subscription credential files
 
+{{< include "use-cases/credential-download-instructions.md" >}}
 
-### Download the JSON Web Token or NGINX Plus certificate and key {#myf5-download}
+### Set up Docker for the F5 Container Registry
 
-Before you get a container image, you should provide the JSON Web Token file or SSL certificate and private key files provided with your NGINX Plus subscription. These files grant access to the package repository from which the script will download the NGINX Plus package:
-
-{{<tabs name="product_keys">}}
-
-{{%tab name="JSON Web Token"%}}
-{{< include "licensing-and-reporting/download-jwt-from-myf5.md" >}}
-{{% /tab %}}
-
-{{%tab name="SSL"%}}
-1. Log in to the [MyF5](https://my.f5.com) customer portal.
-2. Go to **My Products and Plans** > **Subscriptions**.
-3. Select the product subscription.
-4. Download the **SSL Certificate** and **Private Key** files.
-{{% /tab %}}
-
-{{% /tabs %}}
-
-### Set up Docker for NGINX Plus container registry
-
-Set up Docker to communicate with the NGINX Container Registry located at `private-registry.nginx.com`.
-
-{{<tabs name="docker_login">}}
-
-{{%tab name="JSON Web Token"%}}
-Open the JSON Web Token file previously downloaded from [MyF5](https://my.f5.com) customer portal (for example, `nginx-repo-12345abc.jwt`) and copy its contents.
-
-Log in to the docker registry using the contents of the JSON Web Token file:
-
-```shell
-docker login private-registry.nginx.com --username=<output_of_jwt_token> --password=none
-```
-{{% /tab %}}
-
-{{%tab name="SSL"%}}
-Create a directory and copy your certificate and key to this directory:
-
-```shell
-mkdir -p /etc/docker/certs.d/private-registry.nginx.com
-cp <path-to-your-nginx-repo.crt> /etc/docker/certs.d/private-registry.nginx.com/client.cert
-cp <path-to-your-nginx-repo.key> /etc/docker/certs.d/private-registry.nginx.com/client.key
-```
-The steps provided are for Linux. For Mac or Windows, see the [Docker for Mac](https://docs.docker.com/docker-for-mac/#add-client-certificates) or [Docker for Windows](https://docs.docker.com/docker-for-windows/#how-do-i-add-client-certificates) documentation. For more details on Docker Engine security, you can refer to the [Docker Engine Security documentation](https://docs.docker.com/engine/security/).
-
-Log in to the docker registry:
-
-```shell
-docker login private-registry.nginx.com
-```
-{{% /tab %}}
-
-{{% /tabs %}}
+{{< include "use-cases/docker-registry-instructions.md" >}}
 
 ### Pull the image
 
@@ -192,7 +144,6 @@ For NGINX modules, run:<!-- Is this enough info?-->
 docker pull private-registry.nginx.com/nginx-plus/modules:<version-tag>
 ```
 
-
 {{< include "security/jwt-password-note.md" >}}
 
 ### Push the image to your private registry

content/nic/installation/build-nginx-ingress-controller.md

@@ -199,5 +199,5 @@ If you prefer not to build your own NGINX Ingress Controller image, you can use
 
 **NGINX Plus Ingress Controller**: You have two options for this:
 
-- Download the image using your NGINX Ingress Controller subscription certificate and key. View the [Get NGINX Ingress Controller from the F5 Registry]({{< ref "/nic/installation/nic-images/get-registry-image" >}}) topic.
-- Use your NGINX Ingress Controller subscription JWT token to get the image. View the [Get the NGINX Ingress Controller image with JWT]({{< ref "/nic/installation/nic-images/get-image-using-jwt.md" >}}) topic.
+- Download the image using your NGINX Ingress Controller subscription certificate and key. View the [Download NGINX Ingress Controller from the F5 Registry]({{< ref "/nic/installation/nic-images/registry-download.md" >}}) topic.
+- Use your NGINX Ingress Controller subscription JWT token to get the image. View the [Add an NGINX Ingress Controller image to your cluster]({{< ref "/nic/installation/nic-images/add-image-to-cluster.md" >}}) topic.