open-horizon
diff --git a/‎docs/SUMMARY.md
Lines changed: 8 additions & 3 deletions b/‎docs/SUMMARY.md
Lines changed: 8 additions & 3 deletions
diff --git a/‎docs/admin/accessing_logs.md
Lines changed: 2 additions & 2 deletions b/‎docs/admin/accessing_logs.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎docs/admin/backup_recovery.md
Lines changed: 14 additions & 10 deletions b/‎docs/admin/backup_recovery.md
Lines changed: 14 additions & 10 deletions
diff --git a/‎docs/admin/multi_tenancy.md
Lines changed: 9 additions & 9 deletions b/‎docs/admin/multi_tenancy.md
Lines changed: 9 additions & 9 deletions
diff --git a/‎docs/api/agent_api.md
Lines changed: 3 additions & 3 deletions b/‎docs/api/agent_api.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎docs/cli/cloudctl_oc_cli.md
Lines changed: 47 additions & 34 deletions b/‎docs/cli/cloudctl_oc_cli.md
Lines changed: 47 additions & 34 deletions
diff --git a/‎docs/cli/exploring_hzn.md
Lines changed: 3 additions & 3 deletions b/‎docs/cli/exploring_hzn.md
Lines changed: 3 additions & 3 deletions
@@ -1,6 +1,6 @@
 # Summary
 
- * [{{site.data.keyword.edge}} 4.2](kc_welcome_containers.html)
+ * [{{site.data.keyword.edge}} {{site.data.keywork.version}}](kc_welcome_containers.html)
  * [Release notes](getting_started/release_notes.md)
    * [What's new](getting_started/whats_new.md)
    * [Known issues and limitations](getting_started/known_issues.md)
@@ -9,16 +9,19 @@
    * [Supported languages](getting_started/languages.md)
    * [Conventions used in this document](getting_started/document_conventions.md)
  * [Overview of {{site.data.keyword.ieam}}](getting_started/overview_ieam.md)
+   * [Overview of Secrets Manager](getting_started/overview_sm.md)
    * [Further reading](hub/overview.md)
  * [Installing the management hub](hub/hub.md)
    * [Passport Advantage](hub/part_numbers.md)
    * [Sizing and system requirements](hub/cluster_sizing.md)
    * [Configuration](hub/configuration.md)
    * [Installation](hub/installation.md)
      * [Install {{site.data.keyword.ieam}}](hub/online_installation.md)
+     * [Installing {{site.data.keyword.ieam}} in an air gap environment](installing/airgap_install.md)
      * [Post installation](hub/post_install.md)
      * [Gather edge node files](hub/gather_files.md)
-     * [Prepare for setting up edge nodes](hub/prepare_for_edge_nodes.md)
+     * [Creating your API key](hub/prepare_for_edge_nodes.md)
+   * [Upgrade](hub/upgrade.md)
    * [Uninstall](hub/uninstalling_hub.md)
  * [Installing edge nodes](installing/installing_edge_nodes.md)
    * [Edge devices](installing/edge_devices.md)
@@ -57,6 +60,7 @@
        * [Model management details](developing/model_management_details.md)
        * [Container deployment options](developing/container_deployment_options.md)
        * [CI-CD process for Edge services](developing/cicd_process.md)
+       * [Secrets Manager details](developing/secrets_details.md)
   * [Developing an edge service for clusters](developing/developing_clusters.md)
     * [Developing a Kubernetes operator](developing/service_operators.md)
     * [Creating your own hello world for clusters](developing/creating_hello_world.md)
@@ -80,7 +84,7 @@
       * [GDPR considerations](user_management/gdpr.md)
  * [Using the management console](console/accessing_ui.md)
       * [Supported browsers](console/browsers.md)
-      * [Exploring the console](console/exploring_console.md)  
+      * [Exploring the console](console/exploring_console.md)
  * [Using the CLI](cli/using_cli.md)
       * [Installing the hzn CLI](cli/hzn_cli.md)
       * [Exploring the hzn CLI](cli/exploring_hzn.md)
@@ -91,6 +95,7 @@
    * [Exchange API](api/exchange_swagger.json)
    * [MMS API](api/mms_swagger.json)
    * [SDO API](api/sdo_swagger.json)
+   * [Agbot secure API](api/agbot_secure_api.json)
  <!--* [Integration with other products](developing/integration.md) Q3-->
  * [Troubleshooting tips and frequently asked questions](troubleshoot/troubleshooting.md)
      * [Troubleshooting tips](troubleshoot/troubleshooting_devices.md)
 
@@ -1,8 +1,8 @@
 ---
 
 copyright:
-years: 2020
-lastupdated: "2020-04-7"
+years: 2020 - 2022
+lastupdated: "2022-03-17"
 title: Accessing logs
 description: Accessing management hub logs.
 ---
 
@@ -1,8 +1,8 @@
 ---
 
 copyright:
-years: 2020
-lastupdated: "2020-10-28"
+years: 2020 - 2022
+lastupdated: "2022-03-17"
 title: Backup
 description: Data Backup and recovery
 ---
@@ -20,6 +20,10 @@ description: Data Backup and recovery
 
 ## {{site.data.keyword.open_shift_cp}} backup and recovery
 
+For more information about cluster-wide data backup and recovery, see:
+
+* [{{site.data.keyword.open_shift_cp}} 4.6 backup etcd](https://docs.openshift.com/container-platform/4.6/backup_and_restore/control_plane_backup_and_restore/backing-up-etcd.html).
+
 If you have not downloaded the {{site.data.keyword.semver}} bundle, use the following commands with your [Entitled Registry Key](https://myibm.ibm.com/products-services/containerlibrary):
 
 ```
@@ -77,7 +81,7 @@ If you are using your own remote databases, ensure that those databases are back
    ibm-eam-{{site.data.keyword.semver}}-bundle/tools/ieam-backup.sh -h
    ```
    {: codeblock}
-   
+
    **Note**: The backup script automatically detects the type of databases that are used during installation.
 
    * If you run the following example with no options, it generates a folder where the script ran. The folder follows this naming pattern **ibm-edge-backup/$DATE/**:
@@ -86,7 +90,7 @@ If you are using your own remote databases, ensure that those databases are back
      ibm-eam-{{site.data.keyword.semver}}-bundle/tools/ieam-backup.sh
      ```
      {: codeblock}
-     
+
      If a **local database** installation was detected, your backup contains a **customresource** directory, a **databaseresources** directory, and two yaml files:
 
      ```
@@ -97,9 +101,9 @@ If you are using your own remote databases, ensure that those databases are back
 	  -rw-r--r--  1 staff  staff   3689 Oct 26 21:51 ibm-edge-config.yaml
      ```
      {: codeblock}
-     
+
 	  If a **remote database** installation was detected, you see the same directories that are listed previously, but three yaml files instead of 2.
-	  
+
 	  ```
      $ ls -l ibm-edge-backup/20201026_215518/
 	  drwxr-xr-x  3 staff  staff     96 Oct 26 21:55 customresource
@@ -118,14 +122,14 @@ To restore backups, an identical {{site.data.keyword.mgmt_hub}} must be installe
 
 This situation occurs when the edge node recognizes that it no longer exists in the exchange because the database is now empty. Enable **ieam\_maintenance\_mode** to avoid this by starting the database resources only for the {{site.data.keyword.mgmt_hub}}. This allows restoration to complete before the remaining {{site.data.keyword.mgmt_hub}} resources (which use those databases) are started.
 
-**Notes**: 
+**Notes**:
 
 * Restore backups to the same {{site.data.keyword.ieam}} version where the backup was taken; for example, a 4.2 {{site.data.keyword.ieam}} backup can only be restored to a 4.2 {{site.data.keyword.ieam}} installation.
 
 * When your **Custom Resource** file was backed up, it was automatically modified to enter **ieam\_maintenance\_mode** immediately upon reapplication to the cluster.
 
 * The restore scripts examine the **\[path/to/backup\]/customresource/eamhub-cr.yaml** file to determine what type of database was used previously.
-	
+
 
 1. As a cluster administrator, ensure that you are connected to your cluster with **cloudctl login** or **oc login** and that a valid backup was created. On the cluster where the backup was made, run the following command to delete the **eamhub** custom resource (this assumes the default name of **ibm-edge** was used for the custom resource):
 	```
@@ -164,7 +168,7 @@ This situation occurs when the edge node recognizes that it no longer exists in
 	{: codeblock}
 
    Wait until all the database, SDO, and vault pods are running before proceeding. It is possible that vault may continually restart, the vault bootstrap may reach an `Error` state, and/or SDO will likely be in a `0/1 Running` state and may reach a `CrashLoopBackOff` state. These are expected, and it is ok to proceed with those pods in those states.
-	
+
 6. Scale down the **eamhub** operator deployment to pause the operator and end the current control loop:
 	```
     oc scale deploy ibm-eamhub-controller-manager --replicas=0
@@ -176,7 +180,7 @@ This situation occurs when the edge node recognizes that it no longer exists in
 	ibm-eam-{{site.data.keyword.semver}}-bundle/tools/ieam-restore-data.sh -f ibm-edge-backup/20201026_215738/
 	```
 	{: codeblock}
-	
+
 8. After the script completes and your data has been restored, scale the operator back up to restart the control loop:
 	```
     oc scale deploy ibm-eamhub-controller-manager --replicas=1
 
@@ -1,8 +1,8 @@
 ---
 
 copyright:
-years: 2021
-lastupdated: "2021-02-20"
+years: 2020 - 2022
+lastupdated: "2022-03-17"
 title: Multitenacy
 description: Software architecture in which a single instance of software runs on server and server multiplies tenants.
 
@@ -28,10 +28,10 @@ description: Software architecture in which a single instance of software runs o
 
 Two broad use cases are used to leverage multi-tenancy in {{site.data.keyword.ieam}}:
 
-* An enterprise has multiple business units, where each business unit is a separate organization in the same {{site.data.keyword.ieam}} management hub. Consider the legal, business, or technical reasons why each business unit ought to be a separate organization with its own set of {{site.data.keyword.ieam}} resources which are by default not accessible by the other business units. Note that even with separate organizations, the enterprise still has the option to use a common group of organization administrators to manage all of the organizations.
-* An enterprise hosts {{site.data.keyword.ieam}} as a service for its customers, where each of their customers has one or more organizations in the management hub. In this case, the organization administrators are unique to each customer.
+* An enterprise has multiple business units, where each business unit is a separate organization in the same {{site.data.keyword.ieam}} management hub. Consider the legal, business, or technical reasons why each business unit ought to be a separate organization with its own set of {{site.data.keyword.ieam}} resources, which are by default not accessible by the other business units. Even with separate organizations, the enterprise has the option to use a common group of organization administrators to manage all of the organizations.
+* An enterprise hosts {{site.data.keyword.ieam}} as a service for its clients, where each of their clients has one or more organizations in the management hub. In this case, the organization administrators are unique to each client.
 
-The use case you choose determines how you configure {{site.data.keyword.ieam}} and Identity and Access Manager ([IAM](https://www.ibm.com/support/knowledgecenter/SSHKN6/iam/landing_iam.html)).
+The use case that you choose determines how you configure {{site.data.keyword.ieam}} and Identity and Access Manager ([IAM](https://www.ibm.com/support/knowledgecenter/SSHKN6/iam/landing_iam.html)).
 
 ### Types of {{site.data.keyword.ieam}} users
 {: #user-types}
@@ -52,9 +52,9 @@ See [Role-based access control](../user_management/rbac.md) for a description of
 
 The IAM (Identity and Access Manager) service manages users for all Cloud Pak based products, including {{site.data.keyword.ieam}}. IAM in turn uses LDAP to store the users. Each IAM user can be a member of one or more IAM teams. Because each IAM team is associated with an IAM account, an IAM user can indirectly be a member of one or more IAM accounts. See [IAM multi-tenancy](https://www.ibm.com/support/knowledgecenter/SSHKN6/iam/3.x.x/multitenancy/multitenancy.html) for details.
 
-The {{site.data.keyword.ieam}} exchange provides authentication and authorization services for the other {{site.data.keyword.ieam}} components. The exchange delegates the authentication of users to IAM, which means IAM user credentials are passed to the exchange and it relies on IAM to determine if they are valid. Each user role (hub admin, organization admin, or regular user) is defined in the exchange, and that determines the actions that users are allowed to perform in {{site.data.keyword.ieam}}.
+The {{site.data.keyword.ieam}} exchange provides authentication and authorization services for the other {{site.data.keyword.ieam}} components. The exchange delegates the authentication of users to IAM, which means IAM user credentials are passed to the exchange and it relies on IAM to determine whether they are valid. Each user role (hub admin, organization admin, or regular user) is defined in the exchange, and that determines the actions that users are allowed to perform in {{site.data.keyword.ieam}}.
 
-Each organization in the {{site.data.keyword.ieam}} exchange is associated with an IAM account. Therefore IAM users in an IAM account are automatically members of the corresponding {{site.data.keyword.ieam}} organization. The one exception to this rule is that the {{site.data.keyword.ieam}} hub admin role is considered to be outside of any specific organization; therefore, it does not matter what IAM account the hub admin IAM user is in.
+Each organization in the {{site.data.keyword.ieam}} exchange is associated with an IAM account. Therefore, IAM users in an IAM account are automatically members of the corresponding {{site.data.keyword.ieam}} organization. The one exception to this rule is that the {{site.data.keyword.ieam}} hub admin role is considered to be outside of any specific organization; therefore, it does not matter what IAM account the hub admin IAM user is in.
 
 To summarize the mapping between IAM and {{site.data.keyword.ieam}}:
 
@@ -77,7 +77,7 @@ By default, an organization was created during {{site.data.keyword.ieam}} instal
 
 The IBM organization is a unique organization that provides predefined services and patterns that are intended to be technology examples that are usable by any user in any organization. The IBM organization is automatically created when the {{site.data.keyword.ieam}} management hub is installed.
 
-**Note:** Although the resources in the IBM organization are public, the IBM organization is not intended to hold all public content in the {{site.data.keyword.ieam}} management hub.
+**Note**: Although the resources in the IBM organization are public, the IBM organization is not intended to hold all public content in the {{site.data.keyword.ieam}} management hub.
 
 ## Organization Configuration
 {: #org-config}
@@ -89,7 +89,7 @@ Every {{site.data.keyword.ieam}} organization has the following settings. The de
 | `description` | A description of the organization. |
 | `label` | The name of the organization. This value is used to display the organization name in the {{site.data.keyword.ieam}} management console. |
 | `heartbeatIntervals` | How often edge node agents in the organization poll the management hub for instructions. See the following section for details. |
-| `limits` | Limits for this organization. Currently the only limit is `maxNodes`, which is the maximum number of edge nodes allowed in this organization. There is a practical limit to the total number of edge nodes that a single {{site.data.keyword.ieam}} management hub can support. This setting enables the hub admin user to limit the number of nodes that each organization can have, which prevents one organization from using all of the capacity. A value of `0` means no limit. |
+| `limits` | Limits for this organization. Currently, the only limit is `maxNodes`, which is the maximum number of edge nodes that are allowed in this organization. There is a practical limit to the total number of edge nodes that a single {{site.data.keyword.ieam}} management hub can support. This setting enables the hub admin user to limit the number of nodes that each organization can have, which prevents one organization from using all of the capacity. A value of `0` means no limit. |
 {: caption="Table 3. Organization settings" caption-side="top"}
 
 ### Agent heartbeat polling interval
 
@@ -1,10 +1,10 @@
 ---
 
 copyright:
-years: 2021
-lastupdated: "2021-02-20"
+years: 2020 - 2022
+lastupdated: "2022-03-17"
 title: Agent API
-description: Agent APIs are REST APIs for the Horizon agent running on an edge node.
+description: Agent APIs are REST APIs for the {{site.data.keyword.horizon}} agent running on an edge node.
 ---
 
 {:new_window: target="blank"}
 
@@ -1,8 +1,8 @@
 ---
 
 copyright:
-years: 2021
-lastupdated: "2021-02-20"
+years: 2020 - 2022
+lastupdated: "2022-03-17"
 title: "Installing cloudctl, kubectl, and oc"
 description: ""
 ---
@@ -16,52 +16,65 @@ description: ""
 {:childlinks: .ullinks}
 
 # Installing cloudctl, kubectl, and oc
+{: #cloudctl_oc_cli}
 
-Follow these steps to install the command line tools that are needed to manage aspects of the IBM Edge Application Manager (IEAM) management hub and edge clusters:
+Follow these steps to install the command line tools that are needed to manage aspects of the {{site.data.keyword.edge_notm}} ({{site.data.keyword.ieam}}) management hub and edge clusters:
 
-### cloudctl
+## cloudctl
 
-1. Browse your IEAM web UI at: https://<CLUSTER_URL>/common-nav/cli
-2. Expand the __IBM Cloud Pak CLI__ section and select your __OS__.
-3. Copy the displayed __curl__ command and run it to download the __cloudctl__ binary.
-4. Make the file executable and move it to __/usr/local/bin__:
+1. Browse your {{site.data.keyword.ieam}} web UI at: `https://&lt;CLUSTER_URL&gt;/common-nav/cli`
 
-    ```sh
-    chmod 755 cloudctl-*
-    sudo mv cloudctl-* /usr/local/bin/cloudctl
-    ```
-5. Ensure __/usr/local/bin__ is in your PATH and then verify that cloudctl is working:
+2. Expand the **IBM Cloud Pak CLI** section and select your **OS**.
 
-    ```sh
-    cloudctl --help
-    ```
+3. Copy the displayed **curl** command and run it to download the **cloudctl** binary.
 
+4. Make the file executable and move it to **/usr/local/bin**:
+  
+   ```bash
+   chmod 755 cloudctl-*
+   sudo mv cloudctl-* /usr/local/bin/cloudctl
+   ```
+   {: codeblock}
+
+5. Ensure **/usr/local/bin** is in your PATH and then verify that **cloudctl** is working:
+  
+   ```bash
+   cloudctl --help
+   ```
+   {: codeblock}
+
+## oc
 
-### OC
+1. Download the {{site.data.keyword.open_shift_cp}} CLI tar file from [OpenShift client CLI (oc)](https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest/). Select the file **openshift-client-\*-\*.tar.gz** for your operating system.
 
-1. Download the OpenShift Container Platform CLI tar file from OpenShift client CLI (oc). Select the file __openshift-client-*-*.tar.gz__ for your operating system.
 2. Find the downloaded tar file and unpack it:
-   
-   ```sh
+  
+   ```bash
    tar -zxvf openshift-client-*-*.tar.gz
    ```
-3. Move the oc command to __/usr/local/bin__:
-   
-   ```sh
+   {: codeblock}
+
+3. Move the **oc** command to **/usr/local/bin**:
+  
+   ```bash
    sudo mv oc /usr/local/bin/
    ```
-4. Ensure /usr/local/bin is in your PATH and verify that oc is working:
-
-    ```sh
-    oc --help
-    ```
+   {: codeblock}
 
-Alternatively, use [homebrew](https://www.ibm.com/links?url=https%3A%2F%2Fbrew.sh%2F) to install __oc__ on macOS:
+4. Ensure **/usr/local/bin** is in your PATH and verify that **oc** is working:
+  
+   ```bash
+   oc --help
+   ```
+   {: codeblock}
 
-```sh
-brew install openshift-cli
-```
+Alternatively, use [homebrew](https://brew.sh/) to install **oc** on {{site.data.keyword.macOS_notm}}:
+  
+   ```bash
+   brew install openshift-cli
+   ```
+   {: codeblock}
 
-### Kubectl
+## Kubectl
 
-Follow the instructions in [Install and Set Up kubectl](https://www.ibm.com/links?url=https%3A%2F%2Fkubernetes.io%2Fdocs%2Ftasks%2Ftools%2Finstall-kubectl%2F).
+Follow the instructions in [Install and Set Up kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/).
@@ -1,8 +1,8 @@
 ---
 
 copyright:
-years: 2021
-lastupdated: "2021-02-20"
+yyears: 2020 - 2022
+lastupdated: "2022-03-17"
 title: hzn Command
 description: ""
 ---
@@ -15,7 +15,7 @@ description: ""
 {:child: .link .ulchildlink}
 {:childlinks: .ullinks}
 
-# Exploring the hzn command
+# Exploring the hzn CLI
 {: #exploring-hzn}
 
 On {{site.data.keyword.horizon}} edge nodes, use the `hzn` command to inspect many aspects of the state of the local system and of the larger {{site.data.keyword.edge_notm}} ecosystem outside your edge node. Use the `hzn` command to interact with the system and change the state of resources you own.