Update doc changes for HA (#8974)

* Update doc changes

Signed-off-by: Rensy Thomas <rensy.cinuthomas@progress.com>

* Update doc changes

Signed-off-by: Rensy Thomas <rensy.cinuthomas@progress.com>

* Editorial improvements to create_amazon_opensearch.md

Signed-off-by: Lisa Barry <lbarry@progress.com>

* Editorial improvements to create_amazon_opensearch.md

Signed-off-by: Lisa Barry <lbarry@progress.com>

* Editorial improvements to create_amazon_rds.md

Signed-off-by: Lisa Barry <lbarry@progress.com>

* Editorial improvements to ha_add_nodes_to_the_deployment.md

Signed-off-by: Lisa Barry <lbarry@progress.com>

* Editorial improvements to ha_on_premises_deployment_prerequisites.md

Signed-off-by: Lisa Barry <lbarry@progress.com>

* Editorial improvements to ha_remove_single_node_from_cluster.md

Signed-off-by: Lisa Barry <lbarry@progress.com>

* Editorial improvements to ha_verification_check.md

Signed-off-by: Lisa Barry <lbarry@progress.com>

---------

Signed-off-by: Rensy Thomas <rensy.cinuthomas@progress.com>
Signed-off-by: Lisa Barry <lbarry@progress.com>
Co-authored-by: lbarry316 <118758673+lbarry316@users.noreply.github.com>

Author: rensycthomas

components/docs-chef-io/content/automate/create_amazon_opensearch.md

@@ -24,54 +24,54 @@ Below is our guide on the steps required to create an Amazon OpenSearch cluster.
 
 Before proceeding, make sure you have the following prerequisites in place:
 
-- An active AWS account
-- Sufficient permissions to create Amazon OpenSearch clusters
+1. An active AWS account
+2. Sufficient permissions to create Amazon OpenSearch clusters
 
 ## Step 1: Sign in to the AWS Management Console
 
 1. Open your preferred web browser and go to the [AWS Management Console](https://console.aws.amazon.com/).
-1. Sign in to your AWS account using your credentials.
+2. Sign in to your AWS account using your credentials.
 
 ## Step 2: Navigate to the Amazon OpenSearch Service Dashboard
 
 1. Once logged in to the AWS Management Console, search for **OpenSearch** in the search bar at the top of the page.
-1. Click on the **Amazon OpenSearch Service** service from the search results to open the Amazon OpenSearch Service dashboard.
+2. Select the **Amazon OpenSearch Service** service from the search results to open the Amazon OpenSearch Service dashboard.
 
 ## Step 3: Create a New Amazon OpenSearch 1.3 Cluster
 
 1. Click on **Create a new domain** button in the Amazon OpenSearch Service dashboard.
-1. Enter a new **Domain name** for your OpenSearch cluster.
-1. In **Domain creation method**, select **Standard create**.
-1. Choose the appropriate deployment configuration, such as development or production, based on your requirements.
-1. Under the **Engine options** section, select **1.3** as the version for your cluster.
-1. In the **Networks** section, provide the following information:
+2. Enter a new **Domain name** for your OpenSearch cluster.
+3. In **Domain creation method**, select **Standard create**.
+4. Choose the appropriate deployment configuration, such as development or production, based on your requirements.
+5. Under the **Engine options** section, select **1.3** as the version for your cluster.
+6. In the **Networks** section, provide the following information:
    - **VPC**: Select the VPC in which you have your automate cluster.
    - **Subnets**: Select all three private subnets available in your VPC.
    - **Security groups**: Select a security block with incoming access from your VPC CIDR range.
-1. In **Fine-grained access control**,
-   - Enable **Fine-grained access control**
-   - Choose **Create master user**
-   - Enter the **Master username** and **Master password** you want to create
-1. In **Access policy**,
-   - Select **Configure domain level access policy**
-   - Choose action **Allow**.
-1. Configure the remaining settings per your requirements, such as the number of nodes and storage options.
-1. Review all the settings and make sure they are accurate.
-1. Click the **Confirm** button to start the cluster creation process.
+7. In **Fine-grained access control**:
+   - Enable **Fine-grained access control**.
+   - Choose **Create master user**.
+   - Enter the **Master username** and **Master password** you want to create.
+8. In **Access policy**:
+   - Select **Configure domain level access policy**.
+   - Select **Allow**.
+9. Configure the remaining settings per your requirements, such as the number of nodes and storage options.
+10. Review all the settings and ensure they are accurate.
+11. Select **Confirm** to start the cluster creation process.
 
 ## Step 4: Wait for the Amazon OpenSearch Cluster to be Created
 
 1. The Amazon OpenSearch cluster creation process may take several minutes. Wait for the process to complete.
-1. You can monitor the progress of the cluster creation on the Amazon OpenSearch Service dashboard.
+2. You can monitor the progress of the cluster creation on the Amazon OpenSearch Service dashboard.
 
 ## Step 5: Retrieve Connection Details
 
 You can obtain the necessary connection details once the Amazon OpenSearch 1.3 cluster is created successfully.
 
 1. Go to the Amazon OpenSearch Service dashboard.
-1. Find and select your newly created cluster from the list.
-1. In the cluster details view, navigate to the **Endpoint** tab.
-1. Here, you will find the following connection details:
+2. Find and select your newly created cluster from the list.
+3. In the cluster details view, select the **Endpoint** tab.
+4. Here, you will find the following connection details:
    - **Domain name**: This is the domain name we gave for this OpenSearch cluster.
    - **Domain URL**: This is the endpoint or hostname of your OpenSearch cluster. It will look something like `my-opensearch-cluster-1234567890.us-east-1.es.amazonaws.com`.
    - **Username**: The username for accessing your OpenSearch cluster.

components/docs-chef-io/content/automate/create_amazon_rds.md

@@ -24,64 +24,64 @@ Below is our guide on the steps required to create an Amazon RDS PostgreSQL inst
 
 Before proceeding, make sure you have the following prerequisites in place:
 
-- An active AWS account
-- Sufficient permissions to create Amazon RDS instances
+- An active AWS account.
+- Sufficient permissions to create Amazon RDS instances.
 
 ## Step 1: Sign in to the AWS Management Console
 
 1. Open your preferred web browser and go to the [AWS Management Console](https://console.aws.amazon.com/).
-1. Sign in to your AWS account using your credentials.
+2. Sign in to your AWS account using your credentials.
 
 ## Step 2: Navigate to the Amazon RDS Dashboard
 
 1. Once logged in to the AWS Management Console, search for **RDS** in the search bar at the top of the page.
-1. Click on the **Amazon RDS** service from the search results to open the Amazon RDS dashboard.
+2. Select the **Amazon RDS** service from the search results to open the Amazon RDS dashboard.
 
 ## Step 3: Create a New Amazon RDS PostgreSQL Instance
 
 1. Click on **Create database** button in the Amazon RDS dashboard.
-1. On the **Choose a database creation method** page, select the **Standard Create** option.
-1. Under the **Engine options** section, select **PostgreSQL** as the database engine.
-1. Choose **PostgreSQL 13.18-R1**.
-1. Under the **Templates** section, select the template that suits your needs or choose the default template.
-1. In the **Settings** section, provide the following information:
+2. On the **Choose a database creation method** page, select the **Standard Create** option.
+3. Under the **Engine options** section, select **PostgreSQL** as the database engine.
+4. Select **PostgreSQL 13.22-R2**.
+5. Under the **Templates** section, select the template that suits your needs or choose the default template.
+6. In the **Settings** section, provide the following information:
    - **DB instance identifier**: Enter a unique identifier for your RDS instance.
    - **Master username**: Specify the username for the master user account.
    - **Master password**: Set a secure password for the master user account.
-1. In the **Instance configuration** section, select the appropriate instance size for your needs.
-1. In the **Connectivity** section,
+7. In the **Instance configuration** section, select the appropriate instance size for your needs.
+8. In the **Connectivity** section:
     - In **Compute resource**, select **Don't connect to an EC2 compute resource**.
     - Select **Network type** as per your requirements.
     - In **Virtual private cloud**, select the VPC you want to use for your Automate cluster.
     - In **DB subnet group**, choose any private subnet available in your VPC.
     - In **Public Access** select **NO**
-1. Configure the remaining settings as per your requirements.
-1. Review all the settings and make sure they are accurate.
-1. Click on the **Create database** button to start the creation process.
+9. Configure the remaining settings as per your requirements.
+10. Review all the settings and ensure they are accurate.
+11. Select **Create database** to start the creation process.
 
 ## Step 4: Wait for the Amazon RDS Instance to be Created
 
 1. The RDS instance creation process may take a few minutes. Wait for the process to complete.
-1. You can monitor the progress of the instance creation on the Amazon RDS dashboard.
+2. You can monitor the progress of the instance creation on the Amazon RDS dashboard.
 
 ## Step 5: Open the port in the RDS security group
 
 1. Go to the Amazon RDS dashboard.
-1. Find and select your newly created PostgreSQL instance from the list.
-1. In the instance details view, navigate to the **Connectivity & security** tab.
-1. Open the Security Group under **VPC security groups**.
-1. Under **Inbound Rules**, edit and select **Type** as **PostgreSQL**.
-1. Select **Source** as **custom** and give appropriate cidr block for your VPC.
-1. Click on **Save Rules**.
+2. Find and select your newly created PostgreSQL instance from the list.
+3. In the instance details view, select the **Connectivity & security** tab.
+4. Open the Security Group under **VPC security groups**.
+5. Under **Inbound Rules**, edit and select **Type** as **PostgreSQL**.
+6. Select **Source** as **custom** and give appropriate cidr block for your VPC.
+7. Click on **Save Rules**.
 
 ## Step 6: Retrieve Connection Details
 
 Once the Amazon RDS PostgreSQL instance is created successfully, you can obtain the necessary connection details.
 
 1. Go to the Amazon RDS dashboard.
-1. Find and select your newly created PostgreSQL instance from the list.
-1. In the instance details view, navigate to the **Connectivity & security** tab.
-1. Here, you will find the following connection details:
+2. Find and select your newly created PostgreSQL instance from the list.
+3. In the instance details view, select the **Connectivity & security** tab.
+4. Here, you will find the following connection details:
    - **Instance URL**: This is the endpoint or hostname of your RDS instance. It will look something like `my-rds-instance.abcdefg12345.us-east-1.rds.amazonaws.com`.
    - **Port**: The port number your PostgreSQL instance listens to. The default port is usually `5432`.
    - **Username**: The username of the master user account you specified during instance creation.

components/docs-chef-io/content/automate/ha_add_nodes_to_the_deployment.md

@@ -99,6 +99,7 @@ Eg: `chef-automate node add --postgresql-ips 10.0.1.42 --opensearch-ips 10.0.1.4
 Notice, both OpenSearch and PostgreSQL IPs are same
 - Similarly for frontend services (Automate and Chef Server), add both services in the same command with the same IPs
 Eg: `chef-automate node add --automate-ips 10.0.1.52 --chef-server-ips 10.0.1.52`
+- Adding a new PostgreSQL node to the cluster may lead to increased replication lag on follower nodes because multiple nodes will concurrently attempt to sync data from the leader.
 {{< /note >}}
 
 Once the command executes, it will add the supplied nodes to your automate setup. The changes might take a while.

components/docs-chef-io/content/automate/ha_aws_deployment_prerequisites.md

@@ -70,17 +70,17 @@ We do not support **Chef Manage** integration in the ongoing Automate version.
 
 Current Automate HA integrates with the following non-Chef tools:
 
-**In AWS Deployment**
+#### In AWS Deployment
 
--   **SQL Database:** External not supported
--   **NoSQL Database:** External not supported
--   **Load Balancer:** External not supported
+- **SQL Database:** External not supported
+- **NoSQL Database:** External not supported
+- **Load Balancer:** External not supported
 
-**In AWS Managed Services**
+#### In AWS Managed Services
 
--   **SQL Database:** AWS RDS PostgreSQL: 13.18
--   **NoSQL Database:** AWS OpenSearch: 1.3
--   **Load Balancer:** External not supported
+- **SQL Database:** AWS RDS PostgreSQL: 13.22-R2
+- **NoSQL Database:** AWS OpenSearch: 1.3
+- **Load Balancer:** External not supported
 
 ## Hardware Requirements
 

components/docs-chef-io/content/automate/ha_on_premises_deployment_prerequisites.md

@@ -76,10 +76,10 @@ We do not support **Chef Manage** integration in the ongoing Automate version.
 
 Current Automate HA integrates with the following non-Chef tools:
 
-- **SQL Database:** PostgreSQL: 13.18
-- **NoSQL Database:** OpenSearch: 1.3.7
-- **Load Balancer:** 
-  - [Kemp LoadMaster](https://kemptechnologies.com/?_gl=1*jfw3dz*_gcl_au*MTIzMDA0NzAwNC4xNzM4NjA3NTQ3*_ga*MTk4NzcyMzc0My4xNzM4NjA3NTQ3*_ga_9JSNBCSF54*MTc0NDYxNTI1MS4xNC4xLjE3NDQ2MzQ4NTcuMzUuMC4w) (Preferred)
+- **SQL Database:** PostgreSQL: 13.22
+- **NoSQL Database:** OpenSearch: 1.3.20
+- **Load Balancer:**
+  - [Progress Kemp LoadMaster](https://kemptechnologies.com/?_gl=1*jfw3dz*_gcl_au*MTIzMDA0NzAwNC4xNzM4NjA3NTQ3*_ga*MTk4NzcyMzc0My4xNzM4NjA3NTQ3*_ga_9JSNBCSF54*MTc0NDYxNTI1MS4xNC4xLjE3NDQ2MzQ4NTcuMzUuMC4w) (Preferred)
   - NGINX: 1.21.3
   - HA Proxy: 2.2.18
   - AWS Application Load Balancer
@@ -216,15 +216,15 @@ Set up the databases with password-based authentication.
 
 ### AWS Managed
 
-- AWS RDS PostgreSQL: 13.14
+- AWS RDS PostgreSQL: 13.22-R2
 - AWS OpenSearch: 1.3
 
 Configure the backup only with **S3** when using AWS managed databases.
 
 ### Customer Managed
 
-- PostgreSQL: 13.14
-- OpenSearch: 1.3.7
+- PostgreSQL: 13.22
+- OpenSearch: 1.3.20
 
 ## Upgrade
 

components/docs-chef-io/content/automate/ha_remove_single_node_from_cluster.md

@@ -19,7 +19,7 @@ Chef Automate HA comes with five different types of deployment flows. This page
 
 {{< warning >}}
 
-- We do not recommend removing any node from the backend cluster, but replacing it is recommended. To learn more, see the [replace node in automate ha cluster](#replace-node-in-automate-ha-cluster) section.
+- We do not recommend removing any node from the backend cluster, but replacing it is recommended. To replace a backend node, first [add a node to the cluster](/automate/ha_add_nodes_to_the_deployment/) and then [remove the relevant node from the cluster](/automate/ha_remove_single_node_from_cluster/).
 
 - Removal of nodes for PostgreSQL or OpenSearch is at your own risk and may result in data loss. Consult your database administrator before trying to delete PostgreSQL or OpenSearch nodes.
 - Below process can be done for `chef-server` and `automate`.

components/docs-chef-io/content/automate/ha_verification_check.md

@@ -33,6 +33,12 @@ chef-automate verify --config config.toml
 
 The above command will trigger the `config.toml` file with config, the one you want to deploy.
 
+To view detailed debug logs in the console, you can use the debug flag:
+
+```bash
+chef-automate verify --config config.toml -d
+```
+
 The post deployment CLI command is as follows:
 
 ```bash
@@ -75,4 +81,28 @@ An example of a checks performed are shown in the below image:
 
 The above image shows the checks performed for Automate node. The checks in the above image are also performed on all the nodes in Automate HA, i.e., Chef Server, PostgreSQL, OpenSearch, and Chef Automate (the one showed above).
 
-THe verify command checks all the nodes in Automate HA and with that it also provides the remediation steps for failures.
+The verify command checks all the nodes in Automate HA and it also provides the remediation steps for failures.
+
+## Additional Verification in System Logs
+
+In addition to running the chef-automate verify command, you can inspect system logs for deeper insights into the verification service.
+
+### On the Bastion Host
+
+To view logs related to the automate-verify service on the bastion host, use:
+
+```bash
+journalctl -u automate-verify
+```
+
+This helps identify which API checks may have failed during verification.
+
+### On Individual Nodes
+
+Based on the failed API identified from the bastion logs, you can run the same command on the corresponding node to validate the service response:
+
+```bash
+journalctl -u automate-verify
+```
+
+This provides node-level visibility into the verification process and helps when troubleshooting specific failures.