Overhaul CMX Docs

docs/intro-replicated.mdx

@@ -27,7 +27,7 @@ The following diagram demonstrates the process of using the Replicated Platform
 
 [View a larger version of this image](/images/replicated-platform.png)
 
-The diagram above shows an application that is packaged with the [**Replicated SDK**](/vendor/replicated-sdk-overview). The application is tested in clusters provisioned with the [**Replicated Compatibility Matrix (CMX)**](/vendor/testing-about), then added to a new release in the [**Vendor Portal**](/vendor/releases-about) using an automated CI/CD pipeline.
+The diagram above shows an application that is packaged with the [**Replicated SDK**](/vendor/replicated-sdk-overview). The application is tested in clusters provisioned with the [**Replicated Compatibility Matrix (CMX)**](/vendor/cmx-overview), then added to a new release in the [**Vendor Portal**](/vendor/releases-about) using an automated CI/CD pipeline.
 
 The application is then installed by a customer ("Big Bank") on a VM. To install, the customer downloads their license, which grants proxy access to the application images through the [**Replicated proxy registry**](/vendor/private-images-about). They also download the installation assets for the [**Replicated Embedded Cluster**](/vendor/embedded-overview) installer.
 
@@ -103,7 +103,7 @@ The following shows an example of the Enterprise Portal dashboard:
 
 Replicated Compatibility Matrix (CMX) can be used to create VMs or Kubernetes clusters within minutes or less. You can interact with CMX through the Vendor Portal or the Replicated CLI, making it possible to integrate CMX into your existing CI/CD workflows to programmatically create test environments.
 
-For more information, see [About CMX](/vendor/testing-about).
+For more information, see [About CMX](/vendor/cmx-overview).
 
 The following shows the CMX page for creating a cluster:
 
@@ -145,7 +145,7 @@ For more information about using the Replicated SDK, see [About the Replicated S
 
 The CMX can be used to quickly provision ephemeral VMs and Kubernetes clusters. When integrated into existing CI/CD workflows, the CMX can be used to automatically create a variety of customer-representative environments for testing code changes.
 
-For more information, see [About CMX](/vendor/testing-about).
+For more information, see [About CMX](/vendor/cmx-overview).
 
 ### License
 
@@ -186,5 +186,5 @@ ISVs can also set up email and Slack notifications to get alerted of important i
 Support teams can use Replicated features to more quickly diagnose and resolve application issues. For example:
 
 - Customize and generate support bundles, which collect and analyze redacted information from the customer's cluster, environment, and application instance. See [About Preflight Checks and Support Bundles](/vendor/preflight-support-bundle-about).
-- Provision customer-representative environments with CMX to recreate and diagnose issues. See [About CMX](/vendor/testing-about).
+- Provision customer-representative environments with CMX to recreate and diagnose issues. See [About CMX](/vendor/cmx-overview).
 - Get insights into an instance's status by accessing telemetry data, which covers the health of the application, the current application version, and details about the infrastructure and cluster where the application is running. For more information, see [Customer Reporting](/vendor/customer-reporting). For more information, see [Customer Reporting](/vendor/customer-reporting).

docs/intro.mdx

@@ -248,7 +248,7 @@ import clsx from 'clsx';
         <div className={clsx("row", "browse-docs-links")}>
           <div className={clsx("col", "col--4")}>
             <div className="browse-docs-link-container">
-              <a href="/vendor/testing-about" className="browse-docs-link">Overview</a>
+              <a href="/vendor/cmx-overview" className="browse-docs-link">Overview</a>
               <p className="browse-docs-link-description">Test your application across customer-representative environments</p>
             </div>
           </div>
@@ -272,7 +272,7 @@ import clsx from 'clsx';
           </div>
           <div className={clsx("col", "col--4")}>
             <div className="browse-docs-link-container">
-              <a href="/vendor/testing-how-to" className="browse-docs-link">Use CMX Clusters</a>
+              <a href="/vendor/testing-how-to" className="browse-docs-link">CMX Clusters</a>
               <p className="browse-docs-link-description">Create and manage Kubernetes clusters for testing</p>
             </div>
           </div>

docs/partials/cmx/_prerequisites.mdx

@@ -2,4 +2,4 @@
 
 * Install the Replicated CLI and then authorize the CLI using your vendor account. See [Install the Replicated CLI](/reference/replicated-cli-installing).
 
-* If you have a contract, you can purchase more credits by going to [**Compatibility Matrix > Buy additional credits**](https://vendor.replicated.com/compatibility-matrix). Otherwise, you can request credits by going to [**Compatibility Matrix > Request more credits**](https://vendor.replicated.com/compatibility-matrix) in the Vendor Portal. For more information, see [Billing and Credits](/vendor/testing-about#billing-and-credits).
+* If you have a contract, you can purchase more credits by going to [**Compatibility Matrix > Buy additional credits**](https://vendor.replicated.com/compatibility-matrix). Otherwise, you can request credits by going to [**Compatibility Matrix > Request more credits**](https://vendor.replicated.com/compatibility-matrix) in the Vendor Portal. For more information, see [Billing and Credits](/vendor/cmx-overview#billing-and-credits).

docs/release-notes/rn-vendor-platform.md

@@ -6,7 +6,7 @@ pagination_prev: null
 
 # Vendor Platform Release Notes
 
-This topic contains release notes for the Replicated Vendor Platform, which includes the [Vendor Portal](/vendor/vendor-portal-creating-account), the [Replicated CLI](/reference/replicated-cli-installing), and [Compatibility Matrix](/vendor/testing-about). The release notes list new features, improvements, bug fixes, known issues, and breaking changes.
+This topic contains release notes for the Replicated Vendor Platform, which includes the [Vendor Portal](/vendor/vendor-portal-creating-account), the [Replicated CLI](/reference/replicated-cli-installing), and [Compatibility Matrix](/vendor/cmx-overview). The release notes list new features, improvements, bug fixes, known issues, and breaking changes.
 
 <!--RELEASE_NOTES_PLACEHOLDER-->
 

docs/vendor/ci-overview.md

@@ -16,7 +16,7 @@ The following are Replicated's best practices and recommendations for CI/CD:
 
 * Include unique workflows for development and for releasing your application. This allows you to run tests on every commit, and then to promote releases to internal and customer-facing channels only when ready. For more information about the workflows that Replicated recommends, see [Recommended CI/CD Workflows](ci-workflows).
 
-* Integrate Replicated Compatibility Matrix (CMX) into your CI/CD workflows to quickly create multiple different types of clusters where you can deploy and test your application. Supported distributions include OpenShift, GKE, EKS, and more. For more information, see [About CMX](testing-about).
+* Integrate Replicated Compatibility Matrix (CMX) into your CI/CD workflows to quickly create multiple different types of clusters where you can deploy and test your application. Supported distributions include OpenShift, GKE, EKS, and more. For more information, see [About CMX](cmx-overview).
 
 * If you use the GitHub Actions CI/CD platform, integrate the custom GitHub actions that Replicated maintains to replace repetitive tasks related to distributing application with Replicated or using CMX. For more information, see [Use Replicated GitHub Actions in CI/CD](/vendor/ci-workflows-github-actions).
 

docs/vendor/ci-workflows.mdx

@@ -6,7 +6,7 @@ This topic provides Replicated's recommended development and release workflows f
 
 ## Overview
 
-Replicated recommends that you maintain unique CI/CD workflows for development (continuous integration) and for releasing your software (continuous delivery). The development and release workflows in this topic describe the recommended steps and jobs to include in your own workflows, including how to integrate Replicated Compatibility Matrix (CMX) into your workflows for testing. For more information about CMX, see [About CMX](testing-about).
+Replicated recommends that you maintain unique CI/CD workflows for development (continuous integration) and for releasing your software (continuous delivery). The development and release workflows in this topic describe the recommended steps and jobs to include in your own workflows, including how to integrate Replicated Compatibility Matrix (CMX) into your workflows for testing. For more information about CMX, see [About CMX](cmx-overview).
 
 For each step, the corresponding Replicated CLI command is provided. Additionally, for users of the GitHub Actions platform, a corresponding custom GitHub action that is maintained by Replicated is also provided. For more information about using the Replicated CLI, see [Install the Replicated CLI](/reference/replicated-cli-installing). For more information about the Replicated GitHub actions, see [Use Replicated GitHub Actions in CI/CD](ci-workflows-github-actions).
 

docs/vendor/cmx-airgap.md

@@ -0,0 +1,207 @@
+# Test in Air Gap Environments
+
+This topic describes how to change the network policy of a virtual machine (VM) or a VM-based cluster with Replicated Compatibility Matrix (CMX), and how to collect and analyze network events to understand your application's behavior in air-gapped environments.
+
+## Set Network Policy to `airgap`
+
+VMs and [VM-based clusters](/vendor/testing-supported-clusters#vm-clusters) created with CMX can use one of the following network policies:
+
+| Network Policy | Description |
+| :---- | :---- |
+| `open` | No restrictions on network traffic. |
+| `airgap` | Restrict all network traffic. |
+
+By default, all VMs and clusters are created with an `open` network policy. You can change the network policy to `airgap` to simulate an air-gapped environment with no outbound internet access. This `airgap` network policy is particularly useful for previewing how your application will perform in air-gapped end customer environments.
+
+Network policies are configured at the network level and apply to all VMs and VM-based clusters within the network. 
+
+### For VM-Based Clusters
+
+To set the network policy of a VM-based cluster:
+
+1. Create a cluster:
+
+    ```bash
+    replicated cluster create --distribution VM_BASED_DISTRIBUTION
+    ```
+    Where `VM_BASED_DISTRIBUTION` is the target VM-based cluster distribution. For a list of supported distributions, see [VM Clusters](/vendor/testing-supported-clusters#vm-clusters).
+
+1. Watch until the cluster status is `running`:
+
+    ```bash
+    replicated cluster ls --watch
+    ```
+
+1. Access the cluster in a shell:
+
+    ```
+    replicated cluster shell CLUSTER_ID
+    ```
+    Where `CLUSTER_ID` is the ID of the cluster that you created from the output of the `cluster ls` command.      
+
+1. Change the network policy to `airgap`:
+
+    ```bash
+    replicated network update NETWORK_ID --policy airgap
+    ```
+    Where `NETWORK_ID` is the ID of the network from the output of the `cluster ls` command.
+
+1. Verify that the cluster's policy is `airgap` and the status is `running`:
+
+    ```bash
+    replicated cluster ls
+    ```
+
+    ```bash
+    ID       NAME                STATUS       CREATED                 EXPIRES                POLICY   HAS REPORT
+    bdeb3515 gifted_antonelli    running      2025-01-28 18:45 PST    2025-01-28 19:45 PST   airgap   off 
+    ```
+
+    The air gap network is enabled when the status is `running`.
+
+1. (Optional) To verify that there is no outbound connectivity from the cluster, enable network reporting and view network events. See [Collect and View Network Reports](#collect-and-view-network-reports).
+
+1. (Optional) Test an air gap installation of your application in the cluster. See [Install and Update with Helm in Air Gap Environments](/vendor/helm-install-airgap).   
+
+### For VMs
+
+To set the network policy of a VM:
+
+1. Create a VM:
+
+    ```bash
+    replicated vm create --distribution ubuntu
+    ```
+
+1. Wait until the VM status is running:
+
+    ```bash
+    replicated vm ls
+    ```
+
+1. SSH onto the VM:
+
+   ```bash
+   ssh VM_ID@replicatedvm.com
+   ```  
+   Where `VM_ID` is the ID of the VM from the output of the `vm ls` command.
+
+   For more information and additional options, see [Connect to a VM](/vendor/cmx-vms#connect-to-a-vm).
+
+1. Set the network policy to `airgap`:
+
+    ```bash
+    replicated network update NETWORK_ID --policy airgap
+    ```
+    Where `NETWORK_ID` is the ID of the network from the output of the `vm ls` command.
+
+    **Example:**
+
+    ```bash
+    replicated network update 85eb50a8 --policy airgap
+    ```
+
+    ```bash
+    ID       NAME                STATUS        CREATED                 EXPIRES                POLICY   HAS REPORT
+    85eb50a8 silly_rosalind      updating      2025-01-28 16:16 PST    2025-01-28 17:18 PST   airgap   off
+    ```
+
+1. (Optional) To verify that there is no outbound connectivity from the VM, enable network reporting and view network events. See [Collect and View Network Reports](#collect-and-view-network-reports).
+
+## Collect and View Network Reports
+
+CMX network reporting helps you understand your application's network activity. To provide flexibility in testing, you can enable network reporting to capture all network activity, whether the network policy is set to `open` or `airgap`. Even when the network policy is set to `airgap` and network egress is blocked, all connection attempts and DNS queries are still captured in the report. This helps you identify unexpected network calls before deploying to an air-gapped environment.
+
+Network reporting is not enabled by default. For information about how to collect and view reports through the Vendor Portal or the Replicated CLI, see the sections below.
+
+There are two types of network reports:
+
+| Report Type | Contents |
+|---|---|
+| **Running Report**<br />See all network events<br />captured in near real-time | <ul><li>Timestamp (with microseconds)</li><li>Source IP, Source Port, Source PID</li><li>Source Command, Source Pod</li><li>Destination IP, Destination Port</li><li>DNS Query Name</li><li>Protocol</li><li>Likely Service</li></ul> |
+| **Report Summary**<br />Aggregated analysis of<br />captured network events| <ul><li>Total Events Count</li><li>Time Range (start/end)</li><li>Report Creation Date</li><li>Domain Names Requested (Domain, Count)</li><li>Destination IP Addresses Connected To (IP, Port, Count)</li><li>Source Details (expandable): Source IP, Service, Command, Pod</li></ul> |
+
+### Vendor Portal
+
+To set the network policy and collect and view reports in the Vendor Portal:
+
+1. Go to **Compatibility Matrix** > **Network Policy**.
+
+2. To collect a network report, toggle on the switch under **Reporting**.
+
+3. (Optional) Toggle from `open` to `airgap` under **Policy Type** to block all network egress.
+
+4. Where available, click "View report" under **Report** to see the reporting table. You can also click "Export JSON" to download the raw report data.
+
+   :::note
+   When reporting is **ON** for an active network, all network events display in a **Running Report**. Once the network is terminated, the **Report Summary** is automatically generated.
+   :::
+
+   **Running Report**
+
+   ![Network Policy page with running report, showing all network events captured](/images/cmx-network-report.png)
+
+   [View a larger version of this image](/images/cmx-network-report.png)
+
+   **Report Summary**
+
+   ![Network Policy page with report summary, showing domain names and destination IPs](/images/cmx-network-report-summary.png)
+
+   [View a larger version of this image](/images/cmx-network-report-summary.png)
+
+### CLI
+
+To collect and view a network report from the CLI:
+
+1. Turn on network reporting:
+
+     ```bash
+     replicated network update NETWORK_ID --collect-report
+     ```
+     Where `NETWORK_ID` is the ID of the network. You can get the network ID by running `replicated network ls`.
+
+1. (Optional) Confirm that reporting is **ON** for the network:
+
+     ```bash
+     replicated network ls
+     ```
+
+     **Example output:**
+
+     ```
+     ID          NAME                   STATUS          CREATED                    EXPIRES                    POLICY        HAS REPORT
+     a1b2c3d4    example_network_1      running         2025-01-28 16:04 PST       2025-01-28 18:06 PST       open          off
+     e5f6g7h8    example_network_2      running         2025-01-28 12:10 PST       2025-01-28 20:11 PST       airgap        on
+     ```
+1. View the network report:
+
+    See network event summary that aggregates all unique domains and destination IPs, with connection counts and other details (JSON format):
+
+    ```bash
+    replicated network report NETWORK_ID --summary
+    ```
+
+   See all network events (JSON format):
+
+    ```bash
+    replicated network report NETWORK_ID
+    ```
+
+   Watch as new network events occur (JSON format):
+
+    ```bash
+    replicated network report NETWORK_ID --watch
+    ```
+
+    :::note
+    Network events are batched for display in the report, so appear with a short delay.
+    :::
+
+
+## Related Topics
+
+* [Air Gap Installation with Embedded Cluster](/enterprise/installing-embedded-air-gap)
+* [Install and Update with Helm in Air Gap Environments](/vendor/helm-install-airgap)
+
+
+