ManageIQ
diff --git a/‎CHANGELOG.md
-28 b/‎CHANGELOG.md
-28
diff --git a/‎_distro_map.yml
-51 b/‎_distro_map.yml
-51
diff --git a/‎_images/.gitkeep b/‎_images/.gitkeep
diff --git a/‎_includes/app-self_signed_ca.md
+32 b/‎_includes/app-self_signed_ca.md
+32
diff --git a/‎_includes/appe-appliance-console-cli.md
+122 b/‎_includes/appe-appliance-console-cli.md
+122
diff --git a/‎_includes/automate-custom-button-group.md
+18 b/‎_includes/automate-custom-button-group.md
+18
diff --git a/‎_includes/automate-custom-button.md
+71 b/‎_includes/automate-custom-button.md
+71
diff --git a/‎_includes/cap-util-assign-server-roles.md
+21 b/‎_includes/cap-util-assign-server-roles.md
+21
diff --git a/‎_includes/cap-util-note-metrics-collection.md
+4 b/‎_includes/cap-util-note-metrics-collection.md
+4
@@ -0,0 +1,32 @@
+## Using a Self-Signed CA Certificate
+
+Adding a self-signed Certificate Authority (CA) certificate for SSL
+authentication requires additional configuration on OpenStack Platform
+and Microsoft System Center Virtual Machine Manager (SCVMM) providers.
+
+<div class="note">
+
+This procedure is not required for OpenShift Container Platform, Red Hat
+Virtualization, or middleware manager providers, which have the option
+to select **SSL trusting custom CA** as a **Security Protocol** in the
+user interface. These steps are needed only for providers without this
+option in the user interface.
+
+</div>
+
+Before adding the provider, configure the following:
+
+1.  Copy your provider’s CA certificate in PEM format to
+    `/etc/pki/ca-trust/source/anchors/` on your {{ site.data.product.title_short }}
+    appliance.
+
+2.  Update the trust settings on the appliance:
+
+        # update-ca-trust
+
+3.  Restart the EVM processes on the server:
+
+        # rake evm:restart
+
+The CA certificate is added to the appliance, and you can add the
+provider to {{ site.data.product.title_short }}.
@@ -0,0 +1,122 @@
+Currently, the `appliance_console_cli` feature is a subset of the full
+functionality of the `appliance_console` itself, and covers functions
+most likely to be scripted using the command-line interface (CLI).
+
+1.  After starting the {{ site.data.product.title }} appliance, log in with a user
+    name of `root` and the default password of `smartvm`. This displays
+    the Bash prompt for the root user.
+
+2.  Enter the `appliance_console_cli` or `appliance_console_cli --help`
+    command to see a list of options available with the command, or
+    simply enter `appliance_console_cli --option <argument>` directly to
+    use a specific option.
+
+|                  |                                                                                            |
+| ---------------- | ------------------------------------------------------------------------------------------ |
+| Option           | Description                                                                                |
+| \--region (-r)   | region number (create a new region in the database - requires database credentials passed) |
+| \--internal (-i) | internal database (create a database on the current appliance)                             |
+| \--dbdisk        | database disk device path (for configuring an internal database)                           |
+| \--hostname (-h) | database hostname                                                                          |
+| \--port          | database port (defaults to `5432`)                                                         |
+| \--username (-U) | database username (defaults to `root`)                                                     |
+| \--password (-p) | database password                                                                          |
+| \--dbname (-d)   | database name (defaults to `vmdb_production`)                                              |
+
+Database Configuration Options
+
+|                   |                                                            |
+| ----------------- | ---------------------------------------------------------- |
+| Option            | Description                                                |
+| \--key (-k)       | create a new v2\_key                                       |
+| \--fetch-key (-K) | fetch the v2\_key from the given host                      |
+| \--force-key (-f) | create or fetch the key even if one exists                 |
+| \--sshlogin       | ssh username for fetching the v2\_key (defaults to `root`) |
+| \--sshpassword    | ssh password for fetching the v2\_key                      |
+
+v2\_key Options
+
+|                       |                                                                                                  |
+| --------------------- | ------------------------------------------------------------------------------------------------ |
+| Option                | Description                                                                                      |
+| \--host (-H)          | set the appliance hostname to the given name                                                     |
+| \--ipaserver (-e)     | IPA server FQDN                                                                                  |
+| \--ipaprincipal (-n)  | IPA server principal (default: `admin`)                                                          |
+| \--ipapassword (-w)   | IPA server password                                                                              |
+| \--ipadomain (-o)     | IPA server domain (optional). Will be based on the appliance domain name if not specified.       |
+| \--iparealm (-l)      | IPA server realm (optional). Will be based on the domain name of the ipaserver if not specified. |
+| \--uninstall-ipa (-u) | uninstall IPA client                                                                             |
+
+IPA Server Options
+
+<div class="note">
+
+  - In order to configure authentication through an IPA server, in
+    addition to using **Configure External Authentication (httpd)** in
+    the `appliance_console`, external authentication can be optionally
+    configured via the `appliance_console_cli` (command-line interface).
+
+  - Specifying **--host** will update the hostname of the appliance. If
+    this step was already performed via the `appliance_console` and the
+    necessary updates made to `/etc/hosts` if DNS is not properly
+    configured, the **--host** option can be omitted.
+
+</div>
+
+|                              |                                                                                 |
+| ---------------------------- | ------------------------------------------------------------------------------- |
+| Option                       | Description                                                                     |
+| \--ca (-c)                   | CA name used for certmonger (default: `ipa`)                                    |
+| \--postgres-client-cert (-g) | install certs for postgres client                                               |
+| \--postgres-server-cert      | install certs for postgres server                                               |
+| \--http-cert                 | install certs for http server (to create certs/httpd\* values for a unique key) |
+| \--extauth-opts (-x)         | external authentication options                                                 |
+
+Certificate Options
+
+<div class="note">
+
+The certificate options augment the functionality of the `certmonger`
+tool and enable creating a certificate signing request (CSR), and
+specifying `certmonger` the directories to store the keys.
+
+</div>
+
+|                 |                                                                                     |
+| --------------- | ----------------------------------------------------------------------------------- |
+| Option          | Description                                                                         |
+| \--logdisk (-l) | log disk path                                                                       |
+| \--tmpdisk      | initialize the given device for temp storage (volume mounted at `/var/www/miq_tmp`) |
+| \--verbose (-v) | print more debugging info                                                           |
+
+Other Options
+
+**Example Usage.**
+
+    $ ssh [email protected]
+
+To create a new database locally on the server using `/dev/sdb`:
+
+    # appliance_console_cli --internal --dbdisk /dev/sdb --region 0 --password smartvm
+
+To copy the v2\_key from a host *some.example.com* to local machine:
+
+    # appliance_console_cli --fetch-key some.example.com --sshlogin root --sshpassword smartvm
+
+You could combine the two to join a region where *db.example.com* is the
+appliance hosting the database:
+
+    # appliance_console_cli --fetch-key db.example.com --sshlogin root --sshpassword smartvm --hostname db.example.com --password mydatabasepassword
+
+To configure external authentication:
+
+    # appliance_console_cli --host appliance.test.company.com
+                            --ipaserver ipaserver.test.company.com
+                            --ipadomain test.company.com
+                            --iparealm TEST.COMPANY.COM
+                            --ipaprincipal admin
+                            --ipapassword smartvm1
+
+To uninstall external authentication:
+
+    # appliance_console_cli  --uninstall-ipa
@@ -0,0 +1,18 @@
+1.  Navigate to menu:Automation\[Automate \> Customization\].
+
+2.  Click the **Buttons** accordion.
+
+3.  From the **Object Types** tree, select the type of object you want
+    to create the button group for.
+
+4.  Click ![image](/images/1847.png)(**Configuration**),
+    ![image](/images/1862.png) (**Add a new Button Group**).
+
+5.  Type in a **Button Group Text** and **Button Group Hover Text**, and
+    select the **Button Group Image** you want to use.
+
+6.  If custom buttons have already been created, assign them to the
+    button group. If not, see [???](#create-a-custom-button) to create
+    custom buttons.
+
+7.  Click **Add**.
@@ -0,0 +1,71 @@
+1.  Navigate to menu:Automation\[Automate \> Customization\].
+
+2.  Click the **Buttons** accordion.
+
+3.  From the **Object Types** tree, select the type of object you want
+    to create the button for.
+
+4.  Click **Unassigned Buttons**.
+
+5.  Click ![image](/images/1847.png)(**Configuration**), then
+    ![image](/images/1862.png) (**Add a new Button**).
+
+    <div class="note">
+
+    If ![image](/images/1862.png) (**Add a new Button**) is not
+    available, that means you have not created a button group for that
+    object. To continue, create a button group first. See
+    [???](#create-custom-button-group)
+
+    </div>
+
+6.  Under the **Options** tab:
+
+    1.  Select the **Button** type from the list.
+
+    2.  Enter button **Text** and **Hover Text**, and select the
+        **Icon** and **Icon Color** to use.
+
+    3.  Select a **Dialog** if applicable.
+
+    4.  Check **Open URL** to open a browser window for the custom URL
+        returned when the button is executed.
+
+    5.  Choose a **Display For** option for the button.
+
+    6.  Select a **Submit** parameter to choose how to submit objects to
+        automate. Selecting *Submit All* will pass all objects at once
+        when the button is executed, while choosing *One by one* will
+        run execute the button action each time per object.
+
+7.  Under the **Advanced** tab:
+
+    1.  Set button **Enablement**. Click **Define Expression** to access
+        the expression editor tool. Enter **Disabled Button Text** to
+        display when the custom button is disabled.
+
+    2.  Use **Visibility** to determine button appearance based on a
+        custom expression. Click **Define Expression** to access the
+        expression editor tool.
+
+        <div class="note">
+
+        For more about setting visibility and enablement for a custom
+        button, see [???](#filtering-actions-custom-buttons).
+
+        </div>
+
+    3.  In **Object Details**, select **Request** from the
+        `/System/Process/` dropdown. By default, the message is
+        `create`. Do not change it.
+
+    4.  Enter a **Request** name for the `/System/Process/Request`
+        instance.
+
+    5.  Enter the **Attribute/Value Pairs** fields if applicable.
+
+    6.  Set **Role Access**. Selecting *\<By Role\>* will display
+        available roles. Check applicable roles.
+
+8.  Click **Add** when you have confirmed that the button accomplishes
+    the task you want.
@@ -0,0 +1,21 @@
+1.  Click **Configuration**, then select the server to configure from
+    menu:Settings\[Zone\] in the accordion menu on the left.
+
+2.  Navigate to the **Server Roles** list in the menu:Server\[Server
+    Control\] section. From there, set the required capacity and
+    utilization roles to **ON**, namely:
+
+    1.  **Capacity & Utilization Coordinator**
+
+    2.  **Capacity & Utilization Data Collector**
+
+    3.  **Capacity & Utilization Data Processor**
+
+3.  Click **Save**.
+
+Data collection is enabled immediately. However, the first collection
+begins 5 minutes after the server is started, and every 10 minutes after
+that. Therefore, the longest the collection takes after enabling the
+Capacity & Utilization Collector role is 10 minutes. The first
+collection from a particular provider may take a few minutes since
+{{ site.data.product.title }} is gathering data points going one month back in time.
@@ -0,0 +1,4 @@
+For metrics collection to work properly, you also need to configure
+{{ site.data.product.title }} to allow for all three **Capacity & Utilization** server
+roles, which are available from the settings menu under
+menu:Configuration\[Server \> Server Control\].