feat: Set up NGF integration to N1 Console (#902)

* feat: Set up NGF integration to N1 Console

* delete unneeded file

* Apply suggestions from code review

Co-authored-by: bjee19 <[email protected]>

* Apply suggestions from code review

Co-authored-by: Alan Dooley <[email protected]>

* Update helm install ngf with agent options

* Set up new page for ngf w/manifests. Add includes

* fix

* Update commands for nginx-gateway namespace

* Apply suggestions from code review

* Update content/nginx-one/k8s/add-ngf-manifests.md

* Add ref links

* Add common k8s secret include

* Update dp key update

* Apply suggestions from code review

Co-authored-by: Saylor Berman <[email protected]>

* Apply suggestions from code review

* Use another include

* Update content/nginx-one/k8s/add-ngf-manifests.md

Co-authored-by: Saylor Berman <[email protected]>

* troubleshooting include

* More feedback

* Apply suggestions from code review

* Include to verify connection

* Move file

---------

Co-authored-by: bjee19 <[email protected]>
Co-authored-by: Alan Dooley <[email protected]>
Co-authored-by: Saylor Berman <[email protected]>

Author: 4 people

content/includes/ngf/installation/deploy-ngf-crds.md

@@ -0,0 +1,18 @@
+---
+nd-docs: "DOCS-000"
+files:
+- content/ngf/install/manifests.md
+- content/nginx-one/ngf/add-ngf-manifests.md
+---
+
+#### Stable release
+
+```shell
+kubectl apply --server-side -f https://raw.githubusercontent.com/nginx/nginx-gateway-fabric/v{{< version-ngf >}}/deploy/crds.yaml
+```
+
+#### Edge version
+
+```shell
+kubectl apply --server-side -f https://raw.githubusercontent.com/nginx/nginx-gateway-fabric/main/deploy/crds.yaml
+```

content/includes/ngf/installation/deploy-ngf-manifests.md

@@ -0,0 +1,115 @@
+---
+nd-docs: "DOCS-000"
+files:
+- content/ngf/install/manifests.md
+- content/nginx-one/ngf/add-ngf-manifests.md
+---
+
+{{< call-out "note" >}} By default, NGINX Gateway Fabric is installed in the **nginx-gateway** namespace. You can deploy in another namespace by modifying the manifest files. {{< /call-out >}}
+
+{{<tabs name="install-manifests">}}
+
+{{%tab name="Default"%}}
+
+Deploys NGINX Gateway Fabric with NGINX OSS.
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/nginx/nginx-gateway-fabric/v{{< version-ngf >}}/deploy/default/deploy.yaml
+```
+
+{{% /tab %}}
+
+{{%tab name="AWS NLB"%}}
+
+Deploys NGINX Gateway Fabric with NGINX OSS.
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/nginx/nginx-gateway-fabric/v{{< version-ngf >}}/deploy/default/deploy.yaml
+```
+
+To set up an AWS Network Load Balancer service, add these annotations to your Gateway infrastructure field:
+
+```yaml
+spec:
+  infrastructure:
+    annotations:
+      service.beta.kubernetes.io/aws-load-balancer-type: "external"
+      service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"
+```
+
+{{% /tab %}}
+
+{{%tab name="Azure"%}}
+
+Deploys NGINX Gateway Fabric with NGINX OSS and `nodeSelector` to deploy on Linux nodes.
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/nginx/nginx-gateway-fabric/v{{< version-ngf >}}/deploy/azure/deploy.yaml
+```
+
+{{% /tab %}}
+
+{{%tab name="NGINX Plus"%}}
+
+Deploys NGINX Gateway Fabric with NGINX Plus. The image is pulled from the
+NGINX Plus Docker registry, and the `imagePullSecretName` is the name of the Secret to use to pull the image.
+The NGINX Plus JWT Secret used to run NGINX Plus is also specified in a volume mount and the `--usage-report-secret` parameter. These Secrets are created as part of the [Before you begin](#before-you-begin) section.
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/nginx/nginx-gateway-fabric/v{{< version-ngf >}}/deploy/nginx-plus/deploy.yaml
+```
+
+{{% /tab %}}
+
+{{%tab name="Experimental"%}}
+
+Deploys NGINX Gateway Fabric with NGINX OSS and experimental features.
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/nginx/nginx-gateway-fabric/v{{< version-ngf >}}/deploy/experimental/deploy.yaml
+```
+
+{{< call-out "note" >}} Requires the Gateway APIs installed from the experimental channel. {{< /call-out >}}
+
+{{% /tab %}}
+
+{{%tab name="NGINX Plus Experimental"%}}
+
+Deploys NGINX Gateway Fabric with NGINX Plus and experimental features. The image is pulled from the
+NGINX Plus Docker registry, and the `imagePullSecretName` is the name of the Secret to use to pull the image.
+The NGINX Plus JWT Secret used to run NGINX Plus is also specified in a volume mount and the `--usage-report-secret` parameter. These Secrets are created as part of the [Before you begin](#before-you-begin) section.
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/nginx/nginx-gateway-fabric/v{{< version-ngf >}}/deploy/nginx-plus-experimental/deploy.yaml
+```
+
+{{< call-out "note" >}} Requires the Gateway APIs installed from the experimental channel. {{< /call-out >}}
+
+{{% /tab %}}
+
+{{%tab name="NodePort"%}}
+
+Deploys NGINX Gateway Fabric with NGINX OSS using a Service type of `NodePort`.
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/nginx/nginx-gateway-fabric/v{{< version-ngf >}}/deploy/nodeport/deploy.yaml
+```
+
+{{% /tab %}}
+
+{{%tab name="OpenShift"%}}
+
+Deploys NGINX Gateway Fabric with NGINX OSS on OpenShift.
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/nginx/nginx-gateway-fabric/v{{< version-ngf >}}/deploy/openshift/deploy.yaml
+```
+
+{{% /tab %}}
+
+{{</tabs>}}
+
+### Provision an NGINX data plane
+
+To deploy the NGINX data plane to connect to the NGINX One Console, follow this guide: [Deploy a Gateway for data plane instances]({{< ref "/ngf/install/deploy-data-plane.md" >}}).
+

content/includes/ngf/installation/install-manifests-prereqs.md

@@ -0,0 +1,13 @@
+---
+nd-docs: "DOCS-000"
+files:
+- content/ngf/install/manifests.md
+- content/nginx-one/ngf/add-ngf-manifests.md
+---
+
+To complete this guide, you'll need to install:
+
+- [kubectl](https://kubernetes.io/docs/tasks/tools/), a command-line interface for managing Kubernetes clusters.
+- [Add certificates for secure authentication]({{< ref "/ngf/install/secure-certificates.md" >}}) in a production environment.
+
+{{< call-out "important" >}} If you’d like to use NGINX Plus, some additional setup is also required: {{< /call-out >}}

content/includes/nginx-one/how-to/generate-data-plane-key.md

@@ -3,6 +3,9 @@ docs:
 files:
   - content/nginx-one/secure-your-fleet/set-up-security-alerts.md
   - content/nginx-one/getting-started.md
+  - content/nginx-one/ngf/add-nic.md
+  - content/nginx-one/ngf/add-ngf-helm.md
+  - content/nginx-one/ngf/add-ngf-manifests.md
 ---
 
 A data plane key is a security token that ensures only trusted NGINX instances can register and communicate with NGINX One.
@@ -17,3 +20,5 @@ Data plane keys are displayed only once and cannot be retrieved later. Be sure t
 
 Data plane keys expire after one year. You can change this expiration date later by [editing the key]({{< ref "nginx-one/connect-instances/create-manage-data-plane-keys.md#change-expiration-date" >}}). If you [revoke a data plane key]({{< ref "nginx-one/connect-instances/create-manage-data-plane-keys.md#revoke-data-plane-key" >}}) you disconnect all instances registered with that key.
 {{</call-out>}}
+
+For more options associated with data plane keys, see [Create and manage data plane keys]({{< ref "/nginx-one/connect-instances/create-manage-data-plane-keys.md" >}}).

content/includes/nginx-one/how-to/k8s-secret-dp-key.md

@@ -0,0 +1,20 @@
+---
+nd-docs: "DOCS-000"
+files:
+- content/nginx-one/k8s/add-ngf-manifests.md
+- content/nginx-one/k8s/add-ngf-helm.md
+---
+
+To create a Kubernetes secret, you'll need:
+
+- The Data Plane Key
+- The `nginx-gateway` namespace must exist. You can create it with the following command: `kubectl create namespace nginx-gateway`
+
+   - Then create the secret with the following command. The key must be named `dataplane.key`:
+
+   ```shell
+   kubectl create secret generic dataplane-key \
+     --from-literal=dataplane.key=<Your Dataplane Key> \
+     -n nginx-gateway
+   ```
+

content/includes/nginx-one/how-to/ngf-troubleshooting.md

@@ -0,0 +1,26 @@
+---
+nd-docs: "DOCS-000"
+files:
+- content/nginx-one/k8s/add-ngf-manifests.md
+- content/nginx-one/k8s/add-ngf-helm.md
+---
+
+If you encounter issues connecting your instances to NGINX One Console, try the following commands:
+
+Check the NGINX Agent version:
+
+```shell
+kubectl exec -it -n <namespace> <nginx_pod_name> -- nginx-agent -v
+```
+
+Check the NGINX Agent configuration:
+
+```shell
+kubectl exec -it -n <namespace> <nginx_pod_name> -- cat /etc/nginx-agent/nginx-agent.conf
+```
+
+Check NGINX Agent logs:
+
+```shell
+kubectl exec -it -n <namespace> <nginx_pod_name> -- nginx-agent
+```

content/includes/nginx-one/how-to/verify-connection.md

@@ -0,0 +1,14 @@
+---
+nd-docs: "DOCS-000"
+files:
+- content/nginx-one/k8s/add-ngf-manifests.md
+- content/nginx-one/k8s/add-ngf-helm.md
+---
+
+After deploying NGINX Gateway Fabric with NGINX Agent, you can verify the connection to NGINX One Console.
+Log in to your F5 Distributed Cloud Console account. 
+
+- Select **NGINX One > Visit Service**. 
+- In the dashboard, select **Manage > Control Planes**.  You should see your Control Planes listed by name, product, and version. Each control plane is associated with one or more instances.
+- Select the name of the Control Plane. In the **Instances** section, select the instance of your choice. You can review instance details, including the name of the **Control Plane**.
+

content/nginx-one/connect-instances/create-manage-data-plane-keys.md

@@ -24,7 +24,12 @@ Data plane keys are displayed only once and cannot be retrieved later. Be sure t
 
 Data plane keys expire after one year. You can change this expiration date later by editing the key.
 
-Revoking a data plane key disconnects all instances that were registered with that key.
+You can disconnect all instances associated with a data plane key in the following ways:
+
+- Revoke the data plane key
+- Let the data plane key expire
+
+Either action disconnects all instances registered with that key.
 {{</call-out>}}
 
 ## Create a new data plane key

content/nginx-one/getting-started.md

@@ -110,20 +110,9 @@ The following instructions include minimal information, sufficient to "get start
 
 ### Generate a data plane key {#generate-data-plane-key}
 
-A data plane key is a security token that ensures only trusted NGINX instances can register and communicate with NGINX One.
-
-To generate a data plane key:
-
-- **For a new key:** In the **Add Instance** pane, select **Generate Data Plane Key**.
-- **To reuse an existing key:** If you already have a data plane key and want to use it again, select **Use existing key**. Then, enter the key's value in the **Data Plane Key** box.
-
-{{<call-out "caution" "Data plane key guidelines" "fas fa-key" >}}
-Data plane keys are displayed only once and cannot be retrieved later. Be sure to copy and store this key securely.
-
-Data plane keys expire after one year. You can change this expiration date later by [editing the key]({{< ref "nginx-one/connect-instances/create-manage-data-plane-keys.md#change-expiration-date" >}}).
+{{< include "/nginx-one/how-to/generate-data-plane-key.md" >}}
 
 [Revoking a data plane key]({{< ref "nginx-one/connect-instances/create-manage-data-plane-keys.md#revoke-data-plane-key" >}}) disconnects all instances that were registered with that key.
-{{</call-out>}}
 
 ### Add an instance
 
@@ -132,7 +121,6 @@ Depending on whether this is your first time using NGINX One Console or you've u
 - **For first-time users:** On the welcome screen, select **Add Instance**.
 - **For returning users:** If you've added instances previously and want to add more, select **Instances** on the left menu, then select **Add Instance**.
 
-
 ### Install NGINX Agent
 
 After entering your data plane key, you'll see a `curl` command similar to the one below. Copy and run this command on each NGINX instance to install NGINX Agent. Once installed, NGINX Agent typically registers with NGINX One within a few seconds.