diff --git a/content/en/blog/releases/2023.X/2023.9.md b/content/en/blog/releases/2023.X/2023.9.md
new file mode 100644
index 000000000..e01d545b3
--- /dev/null
+++ b/content/en/blog/releases/2023.X/2023.9.md
@@ -0,0 +1,331 @@
+---
+title: "2023.9"
+linkTitle: "2023.9"
+date: 2023-10-16
+author: Paul Arnold ([@paulmarnold](https://twitter.com/paulmarnold))
+---
+
+## Summary
+
+The 2023.9 Release is now available.
+
+## Download Artefacts
+
+Installation artefacts can be requested by raising a case in the [{{% ctx %}} Service Portal][CORTEX Service Portal].
+
+## Release Notes
+
+### Overview
+
+2023.9 is the fifth [Fast Track][] release of the next generation of {{% ctx %}} and continues our journey to improve on the previous 7.X generation in the following areas:
+
+* Capability
+* Documentation
+
+The following new services have been added to the [HA Platform][]:
+
+* [Triggers Service][] - Allows for the execution of flows based on specific triggers. Currently, the Triggers Service allows for triggering executions of flows within the {{% ctx %}} Innovation platform when specific SNMP Traps are received.
+
+Six [new Blocks][New Blocks] have been added to the [{{% ctx %}} Block Packages][Blocks], adding new functionality to work with:
+
+* [Data Storage][] - Allowing for communication between flows by using the shared Data Storage within the HA Platform
+
+{{% ctx %}} Gateway has been [rebranded][CORTEX Gateway Rebranding] and theme support for light and dark mode has been added.
+
+Support for [Windows Server 2022][Windows Server 2022 Support] has been added to the Innovation Platform as part of the 2023.9 release, and support for [Windows Server 2016][Windows Server 2016 Support] has been removed.
+
+Finally, this [Product Portal][] has been updated to reflect the [new services][HA Platform], and reference documentation has been added for the [new blocks][New Blocks].
+
+### Components
+
+| Release Component | Version | Updated This Release | Update Type | Notes |
+|---------------------------------------------------------------------------------------------------------|---------------|----------------------|---------------|-------------------------------------------------------------------------------------------------------|
+| [{{% ctx %}} Innovation Core Application][CORTEX Innovation Core Application] | 37.1.0.23430 | Yes | Major | |
+| > [{{% ctx %}} API Gateway Service][CORTEX API Gateway Service] | 30.7.0.23420 | Yes | Minor | |
+| > [{{% ctx %}} Authorisation Service][CORTEX Authorisation Service] | 2.4.9.23420 | Yes | Patch | |
+| > [{{% ctx %}} Concurrency Management Service][CORTEX Concurrency Management Service] | 1.1.6.23420 | Yes | Patch | |
+| > [{{% ctx %}} Configuration Management Service][CORTEX Configuration Management Service] | 1.5.6.23420 | Yes | Patch | |
+| > [{{% ctx %}} Data Storage Service][CORTEX Data Storage Service] | 2.2.1.23420 | Yes | Minor | |
+| > [{{% ctx %}} Execution Management Service][CORTEX Execution Management Service] | 2.3.8.23420 | Yes | Patch | |
+| > [{{% ctx %}} Licence Management Service][CORTEX Licence Management Service] | 1.1.7.23420 | Yes | Patch | |
+| > [{{% ctx %}} Package Management Service][CORTEX Package Management Service] | 6.0.8.23420 | Yes | Patch | |
+| > [{{% ctx %}} Provisioning Service][CORTEX Provisioning Service] | 6.5.1.23430 | Yes | Minor | |
+| > [{{% ctx %}} Scheduling Service][CORTEX Scheduling Service] | 2.1.12.23430 | Yes | Patch | |
+| > [{{% ctx %}} Triggers Service][CORTEX Triggers Service] | 3.2.0.23430 | Yes | First Release | |
+| [{{% ctx %}} Innovation Execution Application][CORTEX Innovation Execution Application] | 9.3.2.23420 | Yes | Minor | |
+| > [{{% ctx %}} Execution Service][CORTEX Execution Service] | 9.3.2.23420 | Yes | Minor | |
+| [{{% ctx %}} Gateway][Gateway], including [{{% ctx %}} Studio][CORTEX Studio] | 7.1.0.23430 | Yes | Major | |
+| [{{% ctx %}} Blocks Package][Blocks] | 40.0.0.23420 | Yes | Major | [Potential breaking change][FlowExecutionStoppedException renamed to FlowExecutionCancelledException] |
+| [{{% ctx %}} Interaction Portal][Interaction Portal] | | Yes | | |
+
+### Features
+
+#### Expansion of the HA Platform
+
+##### New Triggers Service
+
+The [Triggers][CORTEX Triggers Service] service has been added to the HA Platform, which allows for triggering executions of flows within the {{% ctx %}} Innovation platform when specific SNMP Traps are received.
+
+SNMP Triggers can be added, or deleted, when managing a version of a package within [{{% ctx %}} Gateway][Gateway].
+
+Triggers can be configured to control when the execution occurs, and a trigger can be created with input variables that are passed in to the execution. Currently, triggers for both SNMPV1 and SNMPV2 traps have been added, allowing for the running of flows based on specific filters related to these SNMP Versions, including:
+
+* Device Address
+* Device Port
+* Trap OID
+* Community (Available for SNMPV1 and SNMPV2)
+* Agent Address (Available for SNMPV1)
+
+Support for SNMPV3 will be added in a future release, this is targeted for 2023.11 or 2024.1.
+
+Additional types of trigger (e.g. Files created, emails received, Kafka topic notifications) will also be added in future releases.
+
+Affected Components:
+
+* [{{% ctx %}} Innovation Core Application][CORTEX Innovation Core Application]
+ * [{{% ctx %}} API Gateway Service][CORTEX API Gateway Service]
+ * [{{% ctx %}} Triggers Service][CORTEX Triggers Service]
+* [{{% ctx %}} Gateway][Gateway]
+
+#### New Blocks
+
+Six new [Blocks][] have been added to the Innovation platform to work with:
+
+* [Data Storage][] - Allowing for communication using the shared Data Storage within the HA Platform
+ * [Wait For Collection To Exist][]
+ * [Wait For Collection To Not Exist][]
+ * [Wait For Key In Collection To Exist][]
+ * [Wait For Key In Collection To Not Exist][]
+ * [Wait For Key In Collection To Contain Value][]
+ * [Wait For Key In Collection To Be Set][]
+
+Affected Components:
+
+* [{{% ctx %}} Innovation Core Application][CORTEX Innovation Core Application]
+ * [{{% ctx %}} Data Storage Service][CORTEX Data Storage Service]
+* [{{% ctx %}} Innovation Execution Application][CORTEX Innovation Execution Application]
+ * [{{% ctx %}} Execution Service][CORTEX Execution Service]
+* [{{% ctx %}} Block Packages][Blocks]
+
+#### CORTEX Gateway Rebranding
+
+{{% ctx %}} Gateway has been rebranded, this includes:
+
+* Updating the fonts and colours
+* Refreshing the icons
+* Updating the debug token shown when debugging flows
+
+Also, theme support has been added, and both light and dark themes have been included. It is possible to switch themes by clicking the user icon on the top right hand corner of the home page, selecting settings, and choosing light or dark theme. The choice of selected theme is persisted within your browser's local storage.
+
+Affected Components:
+
+* [{{% ctx %}} Gateway][Gateway]
+
+#### Windows Server 2022 Support
+
+Support for Windows Server 2022 has been added to the Innovation Platform as part of the 2023.9 release, and support for [Windows Server 2016][Windows Server 2016 Support] has been removed.
+
+Affected Components:
+
+* None
+
+#### Product Portal
+
+The documentation has been updated to reflect the [new services][HA Platform], and reference documentation has been added for the [new blocks][New Blocks].
+
+### Bug Fixes
+
+The following bugs have been fixed in the 2023.9 release:
+
+#### Some Cortex DataTypes could not be Serialised
+
+Some {{% ctx %}} [Data Types][] were not serialisable within the Innovation platform, all [Data Types][] have been verified and updated to be serialisable.
+
+#### Updating Certificates with Different Casing for Node Names Caused the Certificates to be Invalid
+
+When updating certificates within the Innovation platform, any nodes with different casing from the previous certificate would not be valid. This has been fixed, and certificates with different casing will now match the nodes correctly.
+
+#### TLS Bug with CortexSSLBestPractices Script
+
+The CortexSSLBestPractices script previously did not correctly disable TLS1.1.
+
+#### Write Data with Key Block does not Accept Null Values
+
+The [Write Data with Key] block previously threw an exception when `null` was passed into the `Data` property, this has now been fixed and `null` can be saved to the [Data Storage Service][CORTEX Data Storage Service].
+
+#### Grafana Promtail Incorrectly Reporting of 4XX and 5XX Error Codes as Successful
+
+Grafana Promtail was previously reporting 4XX and 5XX error codes within problem details as successful requests but now report correctly.
+
+#### Running Parallel Flows can Cause an Exception to Occur
+
+The same flow being called asynchronously and running in parallel could cause an exception to be thrown when two flows were executing the same block. This issue has been fixed, and concurrent execution of the same flows no longer throw exceptions in this case.
+
+#### Scope Default Value is not set until the Block was Updated
+
+Previously, any block that used [Scope][] would not have a default value set when placing the block on a flow for the first time, until the block had been updated.
+
+#### Incorrect Help Links for Data Storage Blocks
+
+The following [Data Storage][] blocks had incorrect links to their documentation pages:
+
+* [Read Data with Key][]
+* [Write Data with Key][]
+* [Delete Data with Key][]
+
+This was due to their namespaces being incorrect, this is a [potentially breaking change][Data Storage Block Namespace Change] if you were using these blocks within a flow.
+
+### Deprecated Features
+
+The following features were previously deprecated in the 2022.9 release:
+
+* SQL Server will no longer be required by [Gateway][] in a future release; this was targeted for removal in 2023.3 or 2023.5, but has been pushed out, currently targeting the 2024.1 release
+
+### Removed Features
+
+The following features have been removed in the 2023.9 release:
+
+#### Windows Server 2016 Support
+
+Support for Windows Server 2016 has been removed as part of the 2023.9 release, and [support for Windows Server 2022][Windows Server 2022 Support] has been added.
+
+### Potential Breaking Changes
+
+The following may potentially break interactions with the {{% ctx %}} Innovation Platform.
+
+#### FlowExecutionStoppedException renamed to FlowExecutionCancelledException
+
+The FlowExecutionStoppedException has been renamed to FlowExecutionCancelledException.
+
+This is potentially breaking if you were interacting with the exception and using its name to make decisions within a flow. Any occurrence of this will need to be updated to use the new name.
+
+#### Data Storage Block Namespace Change
+
+The following [Data Storage][] blocks, have had their namespaces changed to be:
+
+* [Read Data with Key][] - Cortex.Blocks.DataStorage.ReadData.ReadDataWithKeyBlock
+* [Write Data with Key][] - Cortex.Blocks.DataStorage.WriteData.WriteDataWithKeyBlock
+* [Delete Data with Key][] - Cortex.Blocks.DataStorage.DeleteData.DeleteDataWithKeyBlock
+
+This is potentially breaking if you were using these blocks within a flow. Any flow using these blocks will need to be upgraded in order to continue working; please request assistance with upgrading flows by raising a case in the [{{% ctx %}} Service Portal][CORTEX Service Portal].
+
+### Breaking Changes
+
+There are no known breaking changes as part of this release of the platform.
+
+### Known Limitations
+
+There are no known limitations added as part of this release of the platform.
+
+## Version Support
+
+### Operating Systems
+
+| OS Type | Supported Versions |
+|-|-|-|
+| Windows | |
+| Linux | Linux is not currently supported |
+
+### Databases
+
+| Database Type | Supported Versions |
+|---------------|-----------------------------------------------------------|
+| SQL Server | - SQL Server 2016
- SQL Server 2019
|
+| Other | No other databases are currently supported |
+
+Note: This is for the platform's functionality and does not represent the databases that can be connected to and interacted with using the platform.
+
+### 7.X Compatibility
+
+| 7.X Version | Is compatible? | Notes |
+|-------------|----------------|----------------------------------------------|
+| 7.2 | Yes | |
+| 7.1 | No | Need to upgrade 7.1 to 7.2 for compatibility |
+| 7.0 | No | Need to upgrade 7.0 to 7.2 for compatibility |
+
+## Install Instructions
+
+If you are installing a new 2023.9 platform or adding it to an existing 7.2 Installation see the guidance below; otherwise, if you are upgrading from an existing 2023.7 platform refer to the [Upgrade Instructions][].
+
+Installing Innovation Only:
+
+* [Multiple Server - With HA][Innovation Only - Multiple Server - With HA]
+* [Single Server - Without HA][Innovation Only - Single Server - Without HA]
+
+Adding Innovation to a 7.2 Installation:
+
+* [Multiple Server - With HA][Adding Innovation to a 7.2 Installation - Multiple Server - With HA]
+* [Single Server - Without HA][Adding Innovation to a 7.2 Installation - Single Server - Without HA]
+
+## Upgrade Instructions
+
+If you have installed 2023.7 release and want to upgrade to 2023.9; please request assistance by raising a case in the [{{% ctx %}} Service Portal][CORTEX Service Portal].
+
+## Upcoming Releases
+
+Releases are currently forecast to be made available on:
+
+| Release | Release Type | Forecast Release Date |
+|---------|----------------|-------------------------------------|
+| 2023.11 | [Fast Track][] | Week commencing 4th December 2023 |
+| 2024.1 | [Release][] | Week commencing 12th February 2024 |
+
+Any changes to these forecasts will be announced via the [News channel][].
+
+[CORTEX Innovation Core Application]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.MainDoc" version="2023.9" >}}
+[CORTEX API Gateway Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.ApiGatewayService.MainDoc" version="2023.9" >}}
+[CORTEX Authorisation Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.AuthorisationService.MainDoc" version="2023.9" >}}
+[CORTEX Concurrency Management Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.ConcurrencyManagementService.MainDoc" version="2023.9" >}}
+[CORTEX Configuration Management Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.ConfigurationManagementService.MainDoc" version="2023.9" >}}
+[CORTEX Data Storage Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.DataStorageService.MainDoc" version="2023.9" >}}
+[CORTEX Execution Management Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.ExecutionManagementService.MainDoc" version="2023.9" >}}
+[CORTEX Licence Management Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.LicenceManagementService.MainDoc" version="2023.9" >}}
+[CORTEX Package Management Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.PackageManagementService.MainDoc" version="2023.9" >}}
+[CORTEX Provisioning Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.ProvisioningService.MainDoc" version="2023.9" >}}
+[CORTEX Scheduling Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.SchedulingService.MainDoc" version="2023.9" >}}
+[CORTEX Triggers Service]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.TriggersService.MainDoc" version="2023.9" >}}
+[CORTEX Innovation Execution Application]: {{< url path="Cortex.Guides.CortexInnovation.ExecutionApplication.MainDoc" version="2023.9" >}}
+[CORTEX Execution Service]: {{< url path="Cortex.Guides.CortexInnovation.ExecutionApplication.Services.ExecutionService.MainDoc" version="2023.9" >}}
+[Interaction Portal]: {{< url path="Cortex.Guides.CortexInteractionPortal.MainDoc" version="2023.9" >}}
+
+[HA Platform]: {{< ref "#expansion-of-the-ha-platform" >}}
+[New Blocks]: {{< ref "#new-blocks" >}}
+[Product Portal]: {{< ref "#product-portal" >}}
+[Upgrade Instructions]: {{< ref "#upgrade-instructions" >}}
+[Triggers Service]: {{< ref "#new-triggers-service" >}}
+[FlowExecutionStoppedException renamed to FlowExecutionCancelledException]: {{< ref "#flowexecutionstoppedexception-renamed-to-flowexecutioncancelledexception" >}}
+[Windows Server 2022 Support]: {{< ref "#windows-server-2022-support" >}}
+[Data Storage Block Namespace Change]: {{< ref "#data-storage-block-namespace-change" >}}
+[CORTEX Gateway Rebranding]: {{< ref "#cortex-gateway-rebranding" >}}
+[Windows Server 2016 Support]: {{< ref "#windows-server-2016-support" >}}
+
+[News channel]: {{< url path="Cortex.Blogs.News.MainDoc" >}}
+
+[Blocks]: {{< url path="Cortex.Reference.Blocks.MainDoc" version="2023.9" >}}
+[Data Storage]: {{< url path="Cortex.Reference.Blocks.DataStorage.MainDoc" version="2023.9" >}}
+[Wait For Collection To Exist]: {{< url path="Cortex.Reference.Blocks.DataStorage.WaitForCollection.WaitForCollectionToExistBlock.MainDoc" version="2023.9" >}}
+[Wait For Collection To Not Exist]: {{< url path="Cortex.Reference.Blocks.DataStorage.WaitForCollection.WaitForCollectionToNotExistBlock.MainDoc" version="2023.9" >}}
+[Wait For Key In Collection To Exist]: {{< url path="Cortex.Reference.Blocks.DataStorage.WaitForKeyInCollection.WaitForKeyInCollectionToExistBlock.MainDoc" version="2023.9" >}}
+[Wait For Key In Collection To Not Exist]: {{< url path="Cortex.Reference.Blocks.DataStorage.WaitForKeyInCollection.WaitForKeyInCollectionToNotExistBlock.MainDoc" version="2023.9" >}}
+[Wait For Key In Collection To Contain Value]: {{< url path="Cortex.Reference.Blocks.DataStorage.WaitForKeyInCollection.WaitForKeyInCollectionToContainValueBlock.MainDoc" version="2023.9" >}}
+[Wait For Key In Collection To Be Set]: {{< url path="Cortex.Reference.Blocks.DataStorage.WaitForKeyInCollection.WaitForKeyInCollectionToBeSetBlock.MainDoc" version="2023.9" >}}
+[Read Data with Key]: {{< url path="Cortex.Reference.Blocks.DataStorage.ReadData.ReadDataWithKeyBlock.MainDoc" version="2023.9" >}}
+[Write Data with Key]: {{< url path="Cortex.Reference.Blocks.DataStorage.WriteData.WriteDataWithKeyBlock.MainDoc" version="2023.9" >}}
+[Delete Data with Key]: {{< url path="Cortex.Reference.Blocks.DataStorage.DeleteData.DeleteDataWithKeyBlock.MainDoc" version="2023.9" >}}
+
+[Data Types]: {{< url path="Cortex.Reference.DataTypes.MainDoc" version="2023.9" >}}
+[Scope]: {{< url path="Cortex.Reference.DataTypes.Scopes.Scope.MainDoc" version="2023.9" >}}
+
+[Innovation Only - Single Server - Without HA]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.SingleServerWithoutHA.MainDoc" version="2023.9" >}}
+[Innovation Only - Multiple Server - With HA]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.MultipleServerWithHA.MainDoc" version="2023.9" >}}
+
+[Adding Innovation to a 7.2 Installation - Single Server - Without HA]: {{< url path="Cortex.GettingStarted.OnPremise.AddInnovationTo72.SingleServerWithoutHA.MainDoc" version="2023.9" >}}
+[Adding Innovation to a 7.2 Installation - Multiple Server - With HA]: {{< url path="Cortex.GettingStarted.OnPremise.AddInnovationTo72.MultipleServerWithHA.MainDoc" version="2023.9" >}}
+
+[CORTEX Studio]: {{< url path="Cortex.Guides.Studio.MainDoc" version="2023.9" >}}
+[Gateway]: {{< url path="Cortex.Guides.Gateway.MainDoc" version="2023.9" >}}
+
+[CORTEX Service Portal]: {{< url path="Cortex.ServicePortal.MainDoc" version="2023.9" >}}
+
+[Fast Track]: {{< url path="Cortex.Reference.Glossary.F-J.FastTrack" version="2023.9" >}}
+[Release]: {{< url path="Cortex.Reference.Glossary.P-T.Release" version="2023.9" >}}
diff --git a/content/en/docs/2023.11/Tutorials/administration.md b/content/en/docs/2023.11/Tutorials/Administration/_index.md
similarity index 96%
rename from content/en/docs/2023.11/Tutorials/administration.md
rename to content/en/docs/2023.11/Tutorials/Administration/_index.md
index 9d16366ae..c3a313be9 100644
--- a/content/en/docs/2023.11/Tutorials/administration.md
+++ b/content/en/docs/2023.11/Tutorials/Administration/_index.md
@@ -5,10 +5,6 @@ description: "This section includes tutorials about administering the {{% ctx %}
weight: 40
---
-# {{< param title >}}
-
-{{< param description >}}
-
## Managing role-based access control
Shows how to manage role-based access control within Gateway, including assigning access and flow permissions.
diff --git a/content/en/docs/2023.9/Tutorials/development.md b/content/en/docs/2023.11/Tutorials/Development/_index.md
similarity index 98%
rename from content/en/docs/2023.9/Tutorials/development.md
rename to content/en/docs/2023.11/Tutorials/Development/_index.md
index 1c06433de..4b9c22d5f 100644
--- a/content/en/docs/2023.9/Tutorials/development.md
+++ b/content/en/docs/2023.11/Tutorials/Development/_index.md
@@ -5,10 +5,6 @@ description: "This section includes tutorials about developing automation using
weight: 30
---
-# {{< param title >}}
-
-{{< param description >}}
-
## Signing in and out of Gateway
Shows how to sign in and out of {{% ctx %}} Gateway.
diff --git a/content/en/docs/2023.9/Tutorials/troubleshooting.md b/content/en/docs/2023.11/Tutorials/Troubleshooting/_index.md
similarity index 90%
rename from content/en/docs/2023.9/Tutorials/troubleshooting.md
rename to content/en/docs/2023.11/Tutorials/Troubleshooting/_index.md
index 09875afda..d7120fa05 100644
--- a/content/en/docs/2023.9/Tutorials/troubleshooting.md
+++ b/content/en/docs/2023.11/Tutorials/Troubleshooting/_index.md
@@ -5,10 +5,6 @@ description: "This section includes tutorials about troubleshooting the {{% ctx
weight: 50
---
-# {{< param title >}}
-
-{{< param description >}}
-
## Errors when starting published flows
When making requests to start published flows, you may encounter errors. The videos below will show you how to fix them.
diff --git a/content/en/docs/2023.11/_index.md b/content/en/docs/2023.11/_index.md
index fde27fabf..ec4dd10d4 100644
--- a/content/en/docs/2023.11/_index.md
+++ b/content/en/docs/2023.11/_index.md
@@ -1,6 +1,6 @@
---
-title: "2023.9"
-linkTitle: "2023.9"
+title: "2023.11"
+linkTitle: "2023.11"
description: "Product documentation for the {{% ctx %}} automation platform, including guides, tutorials and reference documentation."
-weight: 998
+weight: 995
---
diff --git a/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/import-dashboards.md b/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/import-dashboards.md
index 7e941128b..d8293a15f 100644
--- a/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/import-dashboards.md
+++ b/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/import-dashboards.md
@@ -65,7 +65,7 @@ To do this, follow these steps for all default {{% ctx %}} Innovation dashboards
1. [Try it Out][]
[configured]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.SetupLoki.MainDoc" >}}
-[Grafana.Dashboards.zip]: {{< url path="GitHub.Cortex.Observability.2.0.0.GrafanaDashboardsZip" >}}
+[Grafana.Dashboards.zip]: {{< url path="GitHub.Cortex.Observability.2.0.1.GrafanaDashboardsZip" >}}
[Grafana]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.SetupGrafana.MainDoc" >}}
[Loki]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.SetupLoki.MainDoc" >}}
[Try it Out]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.TryItOut.MainDoc" >}}
\ No newline at end of file
diff --git a/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md b/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
index 82d97ed64..6a43f951a 100644
--- a/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
+++ b/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
@@ -27,4 +27,4 @@ This archive contains the `promtail-local-config.yaml` configuration file, [NSSM
[NSSM]: {{< url path="NSSM.MainDoc" >}}
[Prerequisites]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.Prerequisites.MainDoc" >}}
[Promtail 2.5.0]: {{< url path="Grafana.SelfManaged.Downloads.Promtail.PromtailInstallZip" >}}
-[Promtail Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.0.PromtailInstallZip" >}}
+[Promtail Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.1.PromtailInstallZip" >}}
diff --git a/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/prerequisites.md b/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/prerequisites.md
index fde93b402..d4e9f7795 100644
--- a/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/prerequisites.md
+++ b/content/en/docs/2023.11/getting-started/cloud/add-observability-to-innovation/Grafana/prerequisites.md
@@ -21,7 +21,7 @@ The application servers must have internet access in order to communicate with t
| Server Role | Windows Server[^1] | Other Software |
|--------------------|------------------------------------------------|--------------------|
-| Application Server | [2019 (x64)][] *Recommended*
[2016 (x64)][] | [Promtail 2.5.0][] |
+| Application Server | [2022 (x64)][] *Recommended*
[2019 (x64)][] | [Promtail 2.5.0][] |
[^1]: Windows Server Standard and Datacenter editions are supported. Filesystem **must be NTFS** and networking **must use IPv4**. Linux is not supported, but may be in the future.
@@ -52,8 +52,8 @@ A domain user which is a member of the Local Administrators group on all Applica
1. [Set up Grafana][]
-[2016 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2016" >}}
[2019 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2019" >}}
+[2022 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2022" >}}
[Architecture]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.Architecture.MainDoc" >}}
[Set up Grafana]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.SetupGrafana.MainDoc" >}}
[Promtail 2.5.0]: {{< url path="Grafana.SelfManaged.Downloads.Promtail.PromtailInstallZip" >}}
diff --git a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-application-and-loadbalancer-servers.md b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
index 4934eda0f..77d043824 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
@@ -12,9 +12,9 @@ This guide describes how to install the Application Servers and Load Balancer Se
## Make Installation Artefacts Available
1. Choose one of the Application Servers to be used for installation, and copy the following artefacts to a folder on it:
- * Cortex Innovation {{< version >}} - Block Packages.zip
- * Cortex Innovation {{< version >}} - App Services.zip
* Cortex Innovation {{< version >}} - App Server Install Scripts.zip
+ * Cortex Innovation {{< version >}} - App Services.zip
+ * Cortex Innovation {{< version >}} - Block Packages.zip
1. Extract the `Cortex Innovation {{< version >}} - App Server Install Scripts.zip` file to a folder with the same name.
@@ -218,8 +218,8 @@ To avoid answering all of the prompts `-Override 0` can be added to the end of t
|----------------------------------------------|-------------|
|`AppServicesPath` | Configure this value with the location of the Application Services zip file on the Application Server used for installation. |
|`BlockPackagesPath` | Configure this value with the location of the Block Packages zip file on the Application Server used for installation. |
- |`ApiGatewayBasicAuthUsername` | Configure this value with the username that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
Currently only Basic Authentication using a single user is supported, OAuth2 will be supported in a future release.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway]. |
- |`ApiGatewayBasicAuthPassword` | Configure this value with the password that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].|
+ |`ApiGatewayBasicAuthUsername` | Configure this value with a username that can be used to make HTTPS requests to the API Gateway Service using Basic Authentication (e.g. starting flows). This username will be used by Gateway for all HTTPS requests to the API Gateway Service.
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].
This username can also be used by external services for HTTPS requests to the API Gateway Service but is not recommended; these requests should use an OAuth2 session for an authorised Active Directory user.|
+ |`ApiGatewayBasicAuthPassword` | Configure this value with the password for the username specified for `ApiGatewayBasicAuthUsername`.
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].|
|`CustomerName` | A name identifying the platform being installed. This must have no spaces or symbols. It will be appended to the node names that are displayed in Service Fabric Explorer. |
|`ApplicationServerIPv4Addresses` | The IPv4 addresses of the Application Servers. The first of these must be the Application Server used for installation. |
|`LoadBalancerServerIPv4Address` | The IPv4 address of the Load Balancer Server. This is only needed if using the built-in load balancer. |
diff --git a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-web-application-server.md b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-web-application-server.md
index e9da93e16..2ecd386f0 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-web-application-server.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-web-application-server.md
@@ -34,6 +34,33 @@ We recommend that the single-node Service Fabric instance, used by {{% ctx %}} G
Ensure that a valid {{% ctx %}} licence file named `Cortex.lic` exists on the Web Application server, in the location `%ProgramData%\Cortex\Licences`. If it does not, follow the instructions located at [Licensing Requirements][].
+### Grant folder permissions to the {{% ctx %}} Gateway Application Pool User
+
+The following folders require `Modify` permission to allow creating the `NuGet` folders and its `NuGet.Config` file within:
+
+* `C:\Windows\System32\config\systemprofile\AppData\Roaming`
+* `C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming`
+
+For each folder, perform the following steps:
+
+1. Navigate to the `AppData` folder.
+1. Right-click on the `Roaming` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user for Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user for Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+ 1. Click `Yes` to change the permission to the folder.
+1. If the `Application Pool` user for Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+ 1. Click `Yes` to change the permission to the folder.
+
### Certificate Requirements
In order to ensure that the correct certificate is used during the upgrade of {{% ctx %}} Gateway, it is necessary to [assign a friendly name][Assign Certificate Friendly Name] to the certificate that is currently being used for {{% ctx %}} Gateway. It is important to set the `ImportCertificate` parameter to `$false` when [configuring the {{% ctx %}} Gateway installation script][Configure CORTEX Gateway Installation Script].
@@ -148,7 +175,59 @@ To install the components required for debugging, perform the steps detailed in
If the errors do not give any instructions on how to rectify, please contact [{{% ctx %}} Service Portal][CORTEX Service Portal] for further assistance.
1. Once the PowerShell script execution has completed, a prompt will appear to restart the machine. You can choose to restart now (`N`) or later (`L`).
-1. The {{% ctx %}} Gateway website will now be available on `://:/`, e.g. `https://localhost/gateway`.
+1. In a browser, navigate to the {{% ctx %}} Gateway website, available at `://:/`, e.g. `https://localhost/gateway` and wait for the login page to load.
+
+### Grant additional folder permissions to the {{% ctx %}} Gateway Application Pool User
+
+#### Cortex Blocks Provider Host folder
+
+Check that the {{% ctx %}} Gateway `Application Pool` user has rights to the `Cortex Blocks Provider Host folder` folder using the following steps:
+
+1. Navigate to `C:\ProgramData\Cortex`
+1. Right-click on the `Cortex Blocks Provider Host` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user for Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user for Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+1. If the `Application Pool` user for Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+
+#### Repo folder
+
+Check that the {{% ctx %}} Gateway `Application Pool` user has rights to the `Repo` folder using the following steps:
+
+1. Check where the `Repo` folder is located
+ 1. Navigate to the `gateway` IIS folder (usually `%SystemDrive%\inetpub\wwwroot\Cortex\gateway`, e.g. `C:\inetpub\wwwroot\Cortex\gateway`)
+ 1. Open the `web.config` file.
+ 1. Find the value of the `connectionString` named `CortexRepositories`
+1. Navigate to the `Repo` folder, not opening it.
+1. Right-click on the `Repo` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user for Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user for Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+1. If the `Application Pool` user for Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+
+#### Perform an IIS reset
+
+1. Open a Windows PowerShell (x64) window as administrator.
+1. Run the following command: `iisreset`.
+1. Wait for the action to complete.
## Preserve installation files
diff --git a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/prerequisites.md b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/prerequisites.md
index 1319c2e3f..78f2a7d45 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/prerequisites.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/prerequisites.md
@@ -172,9 +172,9 @@ To enable Network Discovery and File Sharing:
On the Web Application Server and each Application Server, the following Windows Services must be running:
+* Performance Logs & Alerts
* Remote Registry
* Windows Event Log
-* Performance Logs & Alerts
## Security Requirements
diff --git a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-application-server.md b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-application-server.md
index 8a8aa6fb0..499cbc070 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-application-server.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-application-server.md
@@ -12,9 +12,9 @@ This guide describes how to install the Application Server components on the ser
## Make Installation Artefacts Available
1. Copy the following artefacts to a folder on the server:
- * Cortex Innovation {{< version >}} - Block Packages.zip
- * Cortex Innovation {{< version >}} - App Services.zip
* Cortex Innovation {{< version >}} - App Server Install Scripts.zip
+ * Cortex Innovation {{< version >}} - App Services.zip
+ * Cortex Innovation {{< version >}} - Block Packages.zip
1. Extract the `Cortex Innovation {{< version >}} - App Server Install Scripts.zip` file to a folder with the same name.
@@ -171,8 +171,8 @@ To avoid answering all of the prompts `-Override 0` can be added to the end of t
|----------------------------------------------|-------------|
|`AppServicesPath` | Configure this value with the location of the App Services zip file on the server. |
|`BlockPackagesPath` | Configure this value with the location of the Block Packages zip file on the server. |
- |`ApiGatewayBasicAuthUsername` | Configure this value with the username that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
Currently only Basic Authentication using a single user is supported, OAuth2 will be supported in a future release.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway]. |
- |`ApiGatewayBasicAuthPassword` | Configure this value with the password that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows). This should be [{{% ctx %}} Encrypted][CORTEX Encrypted].
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].|
+ |`ApiGatewayBasicAuthUsername` | Configure this value with a username that can be used to make HTTPS requests to the API Gateway Service using Basic Authentication (e.g. starting flows). This username will be used by Gateway for all HTTPS requests to the API Gateway Service.
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].
This username can also be used by external services for HTTPS requests to the API Gateway Service but is not recommended; these requests should use an OAuth2 session for an authorised Active Directory user.|
+ |`ApiGatewayBasicAuthPassword` | Configure this value with the password for the username specified for `ApiGatewayBasicAuthUsername`.
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].|
|`CustomerName` | A name identifying the platform being installed. This must have no spaces or symbols. It will be appended to the node names that are displayed in Service Fabric Explorer. |
|`ApplicationServerIPv4Addresses` | The IPv4 address of the server.|
|`ServerCertificatePath` | The local path of a .PFX certificate file on the server. Environment variables cannot be used.
This is only needed if installing with CA Certificates (Recommended). The certificate should meet the [Certificate Requirements][].
This certificate will be used for: - Securing communication between the Application Services.
- Allowing Application Services to identify themselves to clients such as Gateway.
- Preventing unauthorised nodes from joining the single node cluster.
- Connecting to Service Fabric Explorer from each of the Application Servers.
{{< alert type="warning" title="Warning" >}}It is critical to set a reminder to {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.RolloverCertificates" title="update certificates" >}} in good time before they expire. If they expire then the platform will cease to function and {{< ahref path="Cortex.ServicePortal.MainDoc" title="CORTEX Service Portal" >}} must be contacted for support.{{< /alert >}}|
@@ -253,10 +253,6 @@ More advanced configuration (such as changing ports) can be undertaken by modify
If the errors do not give any instructions on how to rectify, see [Troubleshooting During Installation][] for further information; if this does not help then please contact [{{% ctx %}} Service Portal][CORTEX Service Portal] for assistance.
-## Check Application Services
-
-{{< section "/install-application-server/check-application-services/single-server.md">}}
-
## Add Read and Execute access to Windows Crypto folder
Service Fabric requires access to the `C:\ProgramData\Microsoft\Crypto\` folder for the `Network Service` users.
@@ -274,6 +270,10 @@ icacls "C:\ProgramData\Microsoft\Crypto\*" /grant *S-1-5-20:RX /t
Some files might fail to be processed with `Access is denied`. This can be ignored.
{{% /alert %}}
+## Check Application Services
+
+{{< section "/install-application-server/check-application-services/single-server.md">}}
+
## Preserve installation files
Ensure that the installation files are backed up or kept on the server, especially the scripts and config files that have been modified. This will make it easier to perform further actions in future, such as troubleshooting, certificate rollover, uninstallation, reinstallation and updates.
diff --git a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-web-application-server.md b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-web-application-server.md
index cb36dc6ab..492dd610f 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-web-application-server.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-web-application-server.md
@@ -29,6 +29,33 @@ The steps to add Innovation functionality to 7.2 are:
Ensure that a valid {{% ctx %}} licence file named `Cortex.lic` exists on the server, in the location `%ProgramData%\Cortex\Licences`. If it does not, follow the instructions located at [Licensing Requirements][].
+### Grant folder permissions to the {{% ctx %}} Gateway Application Pool User
+
+The following folders require `Modify` permission to allow creating the `NuGet` folders and its `NuGet.Config` file within:
+
+* `C:\Windows\System32\config\systemprofile\AppData\Roaming`
+* `C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming`
+
+For each folder, perform the following steps:
+
+1. Navigate to the `AppData` folder.
+1. Right-click on the `Roaming` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user for Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user for Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+ 1. Click `Yes` to change the permission to the folder.
+1. If the `Application Pool` user for Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+ 1. Click `Yes` to change the permission to the folder.
+
### Certificate Requirements
In order to ensure that the correct certificate is used during the upgrade of {{% ctx %}} Gateway, it is necessary to [assign a friendly name][Assign Certificate Friendly Name] to the certificate that is currently being used for {{% ctx %}} Gateway. It is important to set the `ImportCertificate` parameter to `$false` when [configuring the {{% ctx %}} Gateway installation script][Configure CORTEX Gateway Installation Script].
@@ -134,7 +161,59 @@ A Friendly Name should be assigned to the certificate being used for the Cortex
If the errors do not give any instructions on how to rectify, please contact [{{% ctx %}} Service Portal][CORTEX Service Portal] for further assistance.
1. Once the PowerShell script execution has completed, a prompt will appear to restart the machine. You can choose to restart now (`N`) or later (`L`).
-1. The {{% ctx %}} Gateway website will now be available on `://:/`, e.g. `https://localhost/gateway`.
+1. In a browser, navigate to the {{% ctx %}} Gateway website, available at `://:/`, e.g. `https://localhost/gateway` and wait for the login page to load.
+
+### Grant additional folder permissions to the {{% ctx %}} Gateway Application Pool User
+
+#### Cortex Blocks Provider Host folder
+
+Check that the {{% ctx %}} Gateway `Application Pool` user has rights to the `Cortex Blocks Provider Host folder` folder using the following steps:
+
+1. Navigate to `C:\ProgramData\Cortex`
+1. Right-click on the `Cortex Blocks Provider Host` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user for Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user for Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+1. If the `Application Pool` user for Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+
+#### Repo folder
+
+Check that the {{% ctx %}} Gateway `Application Pool` user has rights to the `Repo` folder using the following steps:
+
+1. Check where the `Repo` folder is located
+ 1. Navigate to the `gateway` IIS folder (usually `%SystemDrive%\inetpub\wwwroot\Cortex\gateway`, e.g. `C:\inetpub\wwwroot\Cortex\gateway`)
+ 1. Open the `web.config` file.
+ 1. Find the value of the `connectionString` named `CortexRepositories`
+1. Navigate to the `Repo` folder, not opening it.
+1. Right-click on the `Repo` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user for Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user for Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+1. If the `Application Pool` user for Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+
+#### Perform an IIS reset
+
+1. Open a Windows PowerShell (x64) window as administrator.
+1. Run the following command: `iisreset`.
+1. Wait for the action to complete.
## Preserve installation files
diff --git a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/prerequisites.md b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/prerequisites.md
index 20e752f7c..a1915bcf8 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/prerequisites.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/prerequisites.md
@@ -101,9 +101,9 @@ The server must use an NTFS filesystem.
The following Windows Services must be running on the server:
+* Performance Logs & Alerts
* Remote Registry
* Windows Event Log
-* Performance Logs & Alerts
## Security Requirements
diff --git a/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/install-loki/install-loki.md b/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/install-loki/install-loki.md
index 0ed155291..ed0cb9c53 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/install-loki/install-loki.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/install-loki/install-loki.md
@@ -26,7 +26,7 @@ This archive contains the `loki-local-config.yaml` configuration file, [NSSM][]
[Configure Loki]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.InstallLoki.ConfigureLoki" >}}
[Grafana Loki 2.5.0]: {{< url path="Grafana.SelfManaged.Downloads.GrafanaLoki.GrafanaLokiInstallZip" >}}
-[Grafana Loki Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.0.GrafanaLokiInstallZip" >}}
+[Grafana Loki Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.1.GrafanaLokiInstallZip" >}}
[NSSM]: {{< url path="NSSM.MainDoc" >}}
[Prerequisites]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.Prerequisites" >}}
[Software Requirements]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.SoftwareRequirements" >}}
diff --git a/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md b/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
index 3d9a0b82a..93cab26e4 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
@@ -27,5 +27,5 @@ This archive contains the `promtail-local-config.yaml` configuration file, [NSSM
[NSSM]: {{< url path="NSSM.MainDoc" >}}
[Prerequisites]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.Prerequisites" >}}
[Promtail 2.5.0]: {{< url path="Grafana.SelfManaged.Downloads.Promtail.PromtailInstallZip" >}}
-[Promtail Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.0.PromtailInstallZip" >}}
+[Promtail Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.1.PromtailInstallZip" >}}
[Software Requirements]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.SoftwareRequirements" >}}
diff --git a/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/prerequisites.md b/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/prerequisites.md
index 06412ecdd..19dc11125 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/prerequisites.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/prerequisites.md
@@ -40,13 +40,13 @@ The application servers (as described in {{< ahref path="Cortex.GettingStarted.O
| Server Role | Windows Server[^1] | IIS[^2] | Other Software |
|------------------|-------------------------|---------|----------|
-| Web Application Server | [2019 (x64)][] *Recommended*
[2016 (x64)][] | 10.0.17763[^3]
10.0.14393[^4]
IIS Basic Authentication[^5]
[URL Rewrite module 2.1][] | [Grafana 8.5.4][] *Enterprise Edition*
[Grafana Loki 2.5.0][]|
-| Application Server | [2019 (x64)][] *Recommended*
[2016 (x64)][] | | [Promtail 2.5.0][]|
+| Web Application Server | [2022 (x64)][] *Recommended*
[2019 (x64)][] | 10.0.20348[^3]
10.0.17763[^4]
IIS Basic Authentication[^5]
[URL Rewrite module 2.1][] | [Grafana 8.5.4][] *Enterprise Edition*
[Grafana Loki 2.5.0][]|
+| Application Server | [2022 (x64)][] *Recommended*
[2019 (x64)][] | | [Promtail 2.5.0][]|
[^1]: Windows Server Standard and Datacenter editions are supported. Filesystem **must be NTFS** and networking **must use IPv4**. Linux is not supported, but may be in the future.
[^2]: IIS is supported; other web servers, including IIS Express are not supported.
-[^3]: Ships as a windows role within Windows Server 2019.
-[^4]: Ships as a windows role within Windows Server 2016.
+[^3]: Ships as a windows role within Windows Server 2022.
+[^4]: Ships as a windows role within Windows Server 2019.
[^5]: Installed during the [Install IIS Basic Authentication][] configuration steps.
## Domain Requirements
@@ -152,8 +152,8 @@ A domain user which is a member of the Local Administrators group on all Applica
1. [Install Grafana][]
-[2016 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2016" >}}
[2019 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2019" >}}
+[2022 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2022" >}}
[Architecture]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.Architecture" >}}
[configuring Grafana to use HTTPS]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.InstallGrafana.ConfigureHTTPS" >}}
[Create Self-Signed Certificates]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.Advanced.CreateSelfSignedCertificates" >}}
diff --git a/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/setup-grafana.md b/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/setup-grafana.md
index d45e4565b..e4491513d 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/setup-grafana.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/add-observability-to-innovation/Grafana/setup-grafana.md
@@ -79,7 +79,7 @@ To do this, follow these steps for all default {{% ctx %}} Innovation dashboards
1. [Try it Out][]
-[Grafana.Dashboards.zip]: {{< url path="GitHub.Cortex.Observability.2.0.0.GrafanaDashboardsZip" >}}
+[Grafana.Dashboards.zip]: {{< url path="GitHub.Cortex.Observability.2.0.1.GrafanaDashboardsZip" >}}
[Grafana]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.InstallGrafana.MainDoc" >}}
[Loki]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.InstallLoki.MainDoc" >}}
[Try it Out]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.TryItOut" >}}
diff --git a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-application-and-loadbalancer-servers.md b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
index 9549d82c9..a1ff7b5e6 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
@@ -12,9 +12,9 @@ This guide describes how to install the Application Servers and Load Balancer Se
## Make Installation Artefacts Available
1. Choose one of the Application Servers to be used for installation, and copy the following artefacts to a folder on it:
- * Cortex Innovation {{< version >}} - Block Packages.zip
- * Cortex Innovation {{< version >}} - App Services.zip
* Cortex Innovation {{< version >}} - App Server Install Scripts.zip
+ * Cortex Innovation {{< version >}} - App Services.zip
+ * Cortex Innovation {{< version >}} - Block Packages.zip
1. Extract the `Cortex Innovation {{< version >}} - App Server Install Scripts.zip` file to a folder with the same name.
@@ -218,8 +218,8 @@ To avoid answering all of the prompts `-Override 0` can be added to the end of t
|----------------------------------------------|-------------|
|`AppServicesPath` | Configure this value with the location of the Application Services zip file on the Application Server used for installation. |
|`BlockPackagesPath` | Configure this value with the location of the Block Packages zip file on the Application Server used for installation. |
- |`ApiGatewayBasicAuthUsername` | Configure this value with the username that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
Currently only Basic Authentication using a single user is supported, OAuth2 will be supported in a future release.
This value will be needed [later, when installing Gateway][Install Gateway]. |
- |`ApiGatewayBasicAuthPassword` | Configure this value with the password that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when installing Gateway][Install Gateway].|
+ |`ApiGatewayBasicAuthUsername` | Configure this value with a username that can be used to make HTTPS requests to the API Gateway Service using Basic Authentication (e.g. starting flows). This username will be used by Gateway for all HTTPS requests to the API Gateway Service.
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
This value will be needed [later, when installing Gateway][Install Gateway].
This username can also be used by external services for HTTPS requests to the API Gateway Service but is not recommended; these requests should use an OAuth2 session for an authorised Active Directory user.|
+ |`ApiGatewayBasicAuthPassword` | Configure this value with the password for the username specified for `ApiGatewayBasicAuthUsername`.
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when installing Gateway][Install Gateway].|
|`CustomerName` | A name identifying the platform being installed. This must have no spaces or symbols. It will be appended to the node names that are displayed in Service Fabric Explorer. |
|`ApplicationServerIPv4Addresses` | The IPv4 addresses of the Application Servers. The first of these must be the Application Server used for installation. |
|`LoadBalancerServerIPv4Address` | The IPv4 address of the Load Balancer Server. This is only needed if using the built-in load balancer. |
diff --git a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-web-application-server.md b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-web-application-server.md
index 496903b93..2737f9377 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-web-application-server.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-web-application-server.md
@@ -32,9 +32,9 @@ Ensure that a valid {{% ctx %}} licence file named `Cortex.lic` exists on the We
1. Use one of the following installation guides to install SQL Server or SQL Server Express:
- * {{% ctx %}} Innovation - SQL Server 2019 Installation Guide
- * {{% ctx %}} Innovation - SQL Server 2016 Installation Guide
* {{% ctx %}} Innovation - SQL Server 2016 Express Installation Guide
+ * {{% ctx %}} Innovation - SQL Server 2016 Installation Guide
+ * {{% ctx %}} Innovation - SQL Server 2019 Installation Guide
### Get {{% ctx %}} Gateway Application Pool User
@@ -67,6 +67,33 @@ To add roles to database users take the following steps:
In line with best practices, this account should not be given administrator rights, nor should it be used for any purposes other than those specified for {{% ctx %}} Gateway.
+### Grant folder permissions to the {{% ctx %}} Gateway Application Pool User
+
+The following folders require `Modify` permission to allow creating the `NuGet` folders and its `NuGet.Config` file within:
+
+* `C:\Windows\System32\config\systemprofile\AppData\Roaming`
+* `C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming`
+
+For each folder, perform the following steps:
+
+1. Navigate to the `AppData` folder.
+1. Right-click on the `Roaming` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user that will be used for {{% ctx %}} Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user that will be used for {{% ctx %}} Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+ 1. Click `Yes` to change the permission to the folder.
+1. If the `Application Pool` user that will be used for {{% ctx %}} Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+ 1. Click `Yes` to change the permission to the folder.
+
### Certificate Requirements
{{% ctx %}} Gateway requires an X.509 SSL certificate to be installed on the Web Application Server. The certificate must have the following properties:
@@ -80,7 +107,9 @@ If the user tries to navigate to an address not in the SAN list, then they will
Do not reuse any auto-generated self-signed certificates as they do not meet the requirements for Gateway.
Certificates, wildcard certificates and manually created self-signed certificates can be used. However, the latter are not recommended for production instances.
-Details on how to create a self-signed certificate can be found at {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.CreateSelfSignedCertificates" title="Create Self-Signed Certificates" >}}.
+Details on how to create a self-signed certificate can be found at {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.CreateSelfSignedCertificates" title="Create Self-Signed Certificates" >}}.
+
+It is possible to reuse the certificate used when {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.MultipleServerWithHA.PerformDebuggerInstallation" title="installing the Debugger" >}}, as long as it is not an auto-generated self-signed certificate; If doing so, you should {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.MultipleServerWithHA.AssignCertificateFriendlyName" title="Assign a Certificate Friendly Name" >}} and set the `ImportCertificate` parameter to `$false` in {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.MultipleServerWithHA.ConfigureCortexGatewayInstallationScript" title="Configure CORTEX Gateway Installation Script" >}} to ensure use of the correct certificate and to prevent it from being overwritten.
{{% /alert %}}
#### Import Root Certificate
@@ -230,7 +259,59 @@ To install the components required for debugging, perform the steps detailed in
If the errors do not give any instructions on how to rectify, please contact [{{% ctx %}} Service Portal][CORTEX Service Portal] for further assistance.
1. Once the PowerShell script execution has completed, a prompt will appear to restart the machine. You can choose to restart now (`N`) or later (`L`).
-1. The {{% ctx %}} Gateway website will now be available on `://:/`, e.g. `https://localhost/gateway`.
+1. In a browser, navigate to the {{% ctx %}} Gateway website, available at `://:/`, e.g. `https://localhost/gateway` and wait for the login page to load.
+
+### Grant additional folder permissions to the {{% ctx %}} Gateway Application Pool User
+
+#### Cortex Blocks Provider Host folder
+
+Check that the {{% ctx %}} Gateway `Application Pool` user has rights to the `Cortex Blocks Provider Host folder` folder using the following steps:
+
+1. Navigate to `C:\ProgramData\Cortex`
+1. Right-click on the `Cortex Blocks Provider Host` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user for Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user for Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+1. If the `Application Pool` user for Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+
+#### Repo folder
+
+Check that the {{% ctx %}} Gateway `Application Pool` user has rights to the `Repo` folder using the following steps:
+
+1. Check where the `Repo` folder is located
+ 1. Navigate to the `gateway` IIS folder (usually `%SystemDrive%\inetpub\wwwroot\Cortex\gateway`, e.g. `C:\inetpub\wwwroot\Cortex\gateway`)
+ 1. Open the `web.config` file.
+ 1. Find the value of the `connectionString` named `CortexRepositories`
+1. Navigate to the `Repo` folder, not opening it.
+1. Right-click on the `Repo` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user for Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user for Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+1. If the `Application Pool` user for Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+
+#### Perform an IIS reset
+
+1. Open a Windows PowerShell (x64) window as administrator.
+1. Run the following command: `iisreset`.
+1. Wait for the action to complete.
## Preserve installation files
diff --git a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/prerequisites.md b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/prerequisites.md
index c1d3ea80f..b09639bb0 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/prerequisites.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/prerequisites.md
@@ -26,16 +26,16 @@ The prerequisites required for each server role (as described in [Architecture][
| Server Role | Windows Server[^3] | SQL Server[^4] | .Net | PowerShell[^5] | IIS[^6] | Other Software |
|------------------|-------------------------|---------------------|------|------------|---------|----------|
-| Load Balancer | [2019 (x64)][Microsoft Server 2019] *Recommended*
[2016 (x64)][Microsoft Server 2016] | | [Framework 4.7.2][NET Framework 472] | 5.1 | |
-| Application Server | [2019 (x64)][Microsoft Server 2019] *Recommended*
[2016 (x64)][Microsoft Server 2016] | | [Framework 4.7.2][NET Framework 472] | 5.1 | |
-| Web Application Server | [2019 (x64)][Microsoft Server 2019] *Recommended*
[2016 (x64)][Microsoft Server 2016] | [2019][Microsoft SQL Server 2019]
[2016][Microsoft SQL Server 2016]
[2016 Express][Microsoft SQL Express 2016] | [Framework 4.7.2][NET Framework 472] | 5.1 | 10.0.17763[^7]
10.0.14393[^8]
[URL Rewrite Module 2.1][IIS Url Rewrite] | [Microsoft Web Deploy 3.0 or later][Web Deploy]
[Visual C++ Redistributable 2013 (x64)][C++ Redistributable] |
+| Load Balancer | [2022 (x64)][Microsoft Server 2022] *Recommended*
[2019 (x64)][Microsoft Server 2019] | | [Framework 4.7.2][NET Framework 472] | 5.1 | |
+| Application Server | [2022 (x64)][Microsoft Server 2022] *Recommended*
[2019 (x64)][Microsoft Server 2019] | | [Framework 4.7.2][NET Framework 472] | 5.1 | |
+| Web Application Server | [2022 (x64)][Microsoft Server 2022] *Recommended*
[2019 (x64)][Microsoft Server 2019] | [2019][Microsoft SQL Server 2019]
[2016][Microsoft SQL Server 2016]
[2016 Express][Microsoft SQL Express 2016] | [Framework 4.7.2][NET Framework 472] | 5.1 | 10.0.20348[^7]
10.0.17763[^8]
[URL Rewrite Module 2.1][IIS Url Rewrite] | [Microsoft Web Deploy 3.0 or later][Web Deploy]
[Visual C++ Redistributable 2013 (x64)][C++ Redistributable] |
[^3]: Windows Server Standard and Datacenter editions are supported. Filesystem **must be NTFS** and networking **must use IPv4**. Linux is not supported, but may be in the future.
[^4]: SQL Server Express, Standard and Enterprise are supported. Other databases are not supported. Note that [Transparent Data Encryption][] is not supported on SQL Server Express.
-[^5]: PowerShell 5.1 ships with Windows Server 2016 and 2019.
+[^5]: PowerShell 5.1 ships with Windows Server 2019 and 2022.
[^6]: IIS is supported; other web servers, including IIS Express are not supported.
-[^7]: Ships as a windows role within Windows Server 2019.
-[^8]: Ships as a windows role within Windows Server 2016.
+[^7]: Ships as a windows role within Windows Server 2022.
+[^8]: Ships as a windows role within Windows Server 2019.
## Domain Requirements
@@ -142,9 +142,9 @@ To enable Network Discovery and File Sharing:
On the Web Application Server and each Application Server, the following Windows Services must be running:
+* Performance Logs & Alerts
* Remote Registry
* Windows Event Log
-* Performance Logs & Alerts
## Security Requirements
@@ -264,6 +264,7 @@ Innovation has a [gobetween][] load balancer included that isn't highly availabl
* Must support a round robin (or similar) method of load balancing to specified ports on 3 nodes.
* Must be able to health check each node by running a predefined batch script (`ApiGatewayTypeHealthcheck.bat`, which resides in the `gobetween` folder of the `Cortex Innovation {{< version >}} - App Server Install Scripts`) that returns 1 for healthy and 0 for unhealthy.
* Must be able to access each of the Application Servers via HTTPS.
+* Ideally it should support UDP to use the SNMP functionality of the [Triggers Service][TriggersService].
* Ideally it should be highly available to avoid a single point of failure in the system.
## Next Steps?
@@ -276,12 +277,13 @@ Innovation has a [gobetween][] load balancer included that isn't highly availabl
[Architecture]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.MultipleServerWithHA.Architecture" >}}
[Create Self-Signed Certificates]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.CreateSelfSignedCertificates" >}}
[SSL Best Practices]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.SSLBestPractices" >}}
+[TriggersService]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.TriggersService.MainDoc" >}}
[gobetween]: {{< url path="GoBetween.MainDoc" >}}
[CORTEX Service Portal]: {{< url path="Cortex.ServicePortal.MainDoc" >}}
[Anycast]: {{< url path="Anycast.MainDoc" >}}
[alternative load balancer]: {{< ref "#alternative-load-balancer-requirements" >}}
[Microsoft Server 2019]: {{< url path="MSEval.WindowsServer.2019" >}}
-[Microsoft Server 2016]: {{< url path="MSEval.WindowsServer.2016" >}}
+[Microsoft Server 2022]: {{< url path="MSEval.WindowsServer.2022" >}}
[NET Framework 472]: {{< url path="MSDotNet.Framework472.MainDoc" >}}
[Microsoft SQL Server 2019]: {{< url path="MSEval.SQLServer.2019" >}}
[Microsoft SQL Server 2016]: {{< url path="MSEval.SQLServer.2016" >}}
diff --git a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-application-server.md b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-application-server.md
index 4d9ca32d5..11adaaf7a 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-application-server.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-application-server.md
@@ -12,9 +12,9 @@ This guide describes how to install the Application Server components on the ser
## Make Installation Artefacts Available
1. Copy the following artefacts to a folder on the server:
- * Cortex Innovation {{< version >}} - Block Packages.zip
- * Cortex Innovation {{< version >}} - App Services.zip
* Cortex Innovation {{< version >}} - App Server Install Scripts.zip
+ * Cortex Innovation {{< version >}} - App Services.zip
+ * Cortex Innovation {{< version >}} - Block Packages.zip
1. Extract the `Cortex Innovation {{< version >}} - App Server Install Scripts.zip` file to a folder with the same name.
@@ -171,8 +171,8 @@ To avoid answering all of the prompts `-Override 0` can be added to the end of t
|----------------------------------------------|-------------|
|`AppServicesPath` | Configure this value with the location of the App Services zip file on the server. |
|`BlockPackagesPath` | Configure this value with the location of the Block Packages zip file on the server. |
- |`ApiGatewayBasicAuthUsername` | Configure this value with the username that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
Currently only Basic Authentication using a single user is supported, OAuth2 will be supported in a future release.
This value will be needed [later, when installing Gateway][Install Gateway]. |
- |`ApiGatewayBasicAuthPassword` | Configure this value with the password that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows). This should be [{{% ctx %}} Encrypted][CORTEX Encrypted].
This value will be needed [later, when installing Gateway][Install Gateway].|
+ |`ApiGatewayBasicAuthUsername` | Configure this value with a username that can be used to make HTTPS requests to the API Gateway Service using Basic Authentication (e.g. starting flows). This username will be used by Gateway for all HTTPS requests to the API Gateway Service.
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
This value will be needed [later, when installing Gateway][Install Gateway].
This username can also be used by external services for HTTPS requests to the API Gateway Service but is not recommended; these requests should use an OAuth2 session for an authorised Active Directory user.|
+ |`ApiGatewayBasicAuthPassword` | Configure this value with the password for the username specified for `ApiGatewayBasicAuthUsername`.
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when installing Gateway][Install Gateway].|
|`CustomerName` | A name identifying the platform being installed. This must have no spaces or symbols. It will be appended to the node names that are displayed in Service Fabric Explorer. |
|`ApplicationServerIPv4Addresses` | The IPv4 address of the server.|
|`ServerCertificatePath` | The local path of a .PFX certificate file on the server. Environment variables cannot be used.
This is only needed if installing with CA Certificates (Recommended). The certificate should meet the [Certificate Requirements][].
This certificate will be used for: - Securing communication between the Application Services.
- Allowing Application Services to identify themselves to clients such as Gateway.
- Preventing unauthorised nodes from joining the single node cluster.
- Connecting to Service Fabric Explorer from each of the Application Servers.
{{< alert type="warning" title="Warning" >}}It is critical to set a reminder to {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.RolloverCertificates" title="update certificates" >}} in good time before they expire. If they expire then the platform will cease to function and {{< ahref path="Cortex.ServicePortal.MainDoc" title="CORTEX Service Portal" >}} must be contacted for support.{{< /alert >}}|
@@ -252,10 +252,6 @@ More advanced configuration (such as changing ports) can be undertaken by modify
If the errors do not give any instructions on how to rectify, see [Troubleshooting During Installation][] for further information; if this does not help then please contact [{{% ctx %}} Service Portal][CORTEX Service Portal] for assistance.
-## Check Application Services
-
-{{< section "/install-application-server/check-application-services/single-server.md">}}
-
## Add Read and Execute access to Windows Crypto folder
Service Fabric requires access to the `C:\ProgramData\Microsoft\Crypto\` folder for the `Network Service` users.
@@ -273,6 +269,10 @@ icacls "C:\ProgramData\Microsoft\Crypto\*" /grant *S-1-5-20:RX /t
Some files might fail to be processed with `Access is denied`. This can be ignored.
{{% /alert %}}
+## Check Application Services
+
+{{< section "/install-application-server/check-application-services/single-server.md">}}
+
## Preserve installation files
Ensure that the installation files are backed up or kept on the server, especially the scripts and config files that have been modified. This will make it easier to perform further actions in future, such as troubleshooting, certificate rollover, uninstallation, reinstallation and updates.
diff --git a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-web-application-server.md b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-web-application-server.md
index 0f8eae029..9e41e3cee 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-web-application-server.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-web-application-server.md
@@ -29,9 +29,9 @@ Ensure that a valid {{% ctx %}} licence file named `Cortex.lic` exists on the se
1. Use one of the following installation guides to install SQL Server or SQL Server Express:
- * {{% ctx %}} Innovation - SQL Server 2019 Installation Guide
- * {{% ctx %}} Innovation - SQL Server 2016 Installation Guide
* {{% ctx %}} Innovation - SQL Server 2016 Express Installation Guide
+ * {{% ctx %}} Innovation - SQL Server 2016 Installation Guide
+ * {{% ctx %}} Innovation - SQL Server 2019 Installation Guide
### Get {{% ctx %}} Gateway Application Pool User
@@ -64,6 +64,33 @@ To add roles to database users take the following steps:
In line with best practices, this account should not be given administrator rights, nor should it be used for any purposes other than those specified for {{% ctx %}} Gateway.
+### Grant folder permissions to the {{% ctx %}} Gateway Application Pool User
+
+The following folders require `Modify` permission to allow creating the `NuGet` folders and its `NuGet.Config` file within:
+
+* `C:\Windows\System32\config\systemprofile\AppData\Roaming`
+* `C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming`
+
+For each folder, perform the following steps:
+
+1. Navigate to the `AppData` folder.
+1. Right-click on the `Roaming` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user that will be used for {{% ctx %}} Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user that will be used for {{% ctx %}} Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+ 1. Click `Yes` to change the permission to the folder.
+1. If the `Application Pool` user that will be used for {{% ctx %}} Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+ 1. Click `Yes` to change the permission to the folder.
+
### Certificate Requirements
{{% ctx %}} Gateway requires an X.509 SSL certificate to be installed on the server. The certificate must have the following properties:
@@ -79,7 +106,7 @@ Do not reuse any auto-generated self-signed certificates as they do not meet the
Certificates, wildcard certificates and manually created self-signed certificates can be used. However, the latter are not recommended for production instances.
Details on how to create a self-signed certificate can be found at {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.CreateSelfSignedCertificates" title="Create Self-Signed Certificates" >}}.
-It is possible to reuse the certificate used when {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.SingleServerWithoutHA.ConfigureInstallationScript" title="installing the Application Server" >}}, as long as it is not an auto-generated self-signed certificate; If doing so, you should set the `ImportCertificate` parameter to `$false` in {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.SingleServerWithoutHA.ConfigureCortexGatewayInstallationScript" title="Configure CORTEX Gateway Installation Script" >}} step to prevent overwriting.
+It is possible to reuse the certificate used when {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.SingleServerWithoutHA.ConfigureInstallationScript" title="installing the Application Server" >}}, as long as it is not an auto-generated self-signed certificate; If doing so, you should {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.SingleServerWithoutHA.AssignCertificateFriendlyName" title="Assign a Certificate Friendly Name" >}} and set the `ImportCertificate` parameter to `$false` in {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.SingleServerWithoutHA.ConfigureCortexGatewayInstallationScript" title="Configure CORTEX Gateway Installation Script" >}} to ensure use of the correct certificate and to prevent it from being overwritten.
{{% /alert %}}
#### Import Root Certificate
@@ -218,7 +245,59 @@ Once the certificate has been imported, a `Friendly Name` should be assigned whi
If the errors do not give any instructions on how to rectify, please contact [{{% ctx %}} Service Portal][CORTEX Service Portal] for further assistance.
1. Once the PowerShell script execution has completed, a prompt will appear to restart the machine. You can choose to restart now (`N`) or later (`L`).
-1. The {{% ctx %}} Gateway website will now be available on `://:/`, e.g. `https://localhost/gateway`.
+1. In a browser, navigate to the {{% ctx %}} Gateway website, available at `://:/`, e.g. `https://localhost/gateway` and wait for the login page to load.
+
+### Grant additional folder permissions to the {{% ctx %}} Gateway Application Pool User
+
+#### Cortex Blocks Provider Host folder
+
+Check that the {{% ctx %}} Gateway `Application Pool` user has rights to the `Cortex Blocks Provider Host folder` folder using the following steps:
+
+1. Navigate to `C:\ProgramData\Cortex`
+1. Right-click on the `Cortex Blocks Provider Host` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user for Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user for Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+1. If the `Application Pool` user for Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+
+#### Repo folder
+
+Check that the {{% ctx %}} Gateway `Application Pool` user has rights to the `Repo` folder using the following steps:
+
+1. Check where the `Repo` folder is located
+ 1. Navigate to the `gateway` IIS folder (usually `%SystemDrive%\inetpub\wwwroot\Cortex\gateway`, e.g. `C:\inetpub\wwwroot\Cortex\gateway`)
+ 1. Open the `web.config` file.
+ 1. Find the value of the `connectionString` named `CortexRepositories`
+1. Navigate to the `Repo` folder, not opening it.
+1. Right-click on the `Repo` folder and click `Properties`.
+1. In the dialog, click the `Security` tab.
+1. Check the `Application Pool` user for Gateway is listed in the `Group or user names` and has `Modify` permissions.
+1. If the `Application Pool` user for Gateway is not listed:
+ 1. Click the `Edit...` button.
+ 1. Click the `Add...` button.
+ 1. Enter the username of the application pool user and click `OK`.
+ 1. In the `Permissions` section at the bottom, check `Modify`.
+ 1. Click `OK`.
+1. If the `Application Pool` user for Gateway is listed but does not have permissions:
+ 1. Click the `Edit...` button.
+ 1. Select the `Application Pool` user.
+ 1. Check `Modify`.
+ 1. Click `OK`.
+
+#### Perform an IIS reset
+
+1. Open a Windows PowerShell (x64) window as administrator.
+1. Run the following command: `iisreset`.
+1. Wait for the action to complete.
## Preserve installation files
diff --git a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/prerequisites.md b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/prerequisites.md
index 62869ee73..4b6eee18b 100644
--- a/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/prerequisites.md
+++ b/content/en/docs/2023.11/getting-started/on-premise/install-innovation-only/single-server-without-ha/prerequisites.md
@@ -21,14 +21,14 @@ The prerequisites required for a single server (as described in [Architecture][]
| Server Role | Windows Server[^1] | SQL Server[^2] | .Net | PowerShell[^3] | IIS[^4] | Other Software |
|------------------|-------------------------|---------------------|------|------------|---------|----------|
-| Single Server
*Application Server +
Web Application Server* | [2019 (x64)][Microsoft Server 2019] *Recommended*
[2016 (x64)][Microsoft Server 2016] | [2019][Microsoft SQL Server 2019]
[2016][Microsoft SQL Server 2016]
[2016 Express][Microsoft SQL Express 2016] | [Framework 4.7.2][NET Framework 472] | 5.1 | 10.0.17763[^5]
10.0.14393[^6]
[URL Rewrite Module 2.1][IIS Url Rewrite] | [Microsoft Web Deploy 3.0 or later][Web Deploy]
[Visual C++ Redistributable 2013 (x64)][C++ Redistributable] |
+| Single Server
*Application Server +
Web Application Server* | [2022 (x64)][Microsoft Server 2022] *Recommended*
[2019 (x64)][Microsoft Server 2019] | [2019][Microsoft SQL Server 2019]
[2016][Microsoft SQL Server 2016]
[2016 Express][Microsoft SQL Express 2016] | [Framework 4.7.2][NET Framework 472] | 5.1 | 10.0.20348[^5]
10.0.17763[^6]
[URL Rewrite Module 2.1][IIS Url Rewrite] | [Microsoft Web Deploy 3.0 or later][Web Deploy]
[Visual C++ Redistributable 2013 (x64)][C++ Redistributable] |
[^1]: Windows Server Standard and Datacenter editions are supported. Filesystem **must be NTFS** and networking **must use IPv4**. Linux is not supported, but may be in the future.
[^2]: SQL Server Express, Standard and Enterprise are supported. Other databases are not supported. Note that [Transparent Data Encryption][] is not supported on SQL Server Express.
-[^3]: PowerShell 5.1 ships with Windows Server 2016 and 2019.
+[^3]: PowerShell 5.1 ships with Windows Server 2019 and 2022.
[^4]: IIS is supported; other web servers, including IIS Express are not supported.
-[^5]: Ships as a windows role within Windows Server 2019.
-[^6]: Ships as a windows role within Windows Server 2016.
+[^5]: Ships as a windows role within Windows Server 2022.
+[^6]: Ships as a windows role within Windows Server 2019.
## Domain Requirements
@@ -101,9 +101,9 @@ The server must use an NTFS filesystem.
The following Windows Services must be running on the server:
+* Performance Logs & Alerts
* Remote Registry
* Windows Event Log
-* Performance Logs & Alerts
## Security Requirements
@@ -225,7 +225,7 @@ See [SSL Best Practices][] for a full list of the security changes which will be
[SSL Best Practices]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.SSLBestPractices" >}}
[CORTEX Service Portal]: {{< url path="Cortex.ServicePortal.MainDoc" >}}
[Microsoft Server 2019]: {{< url path="MSEval.WindowsServer.2019" >}}
-[Microsoft Server 2016]: {{< url path="MSEval.WindowsServer.2016" >}}
+[Microsoft Server 2022]: {{< url path="MSEval.WindowsServer.2022" >}}
[NET Framework 472]: {{< url path="MSDotNet.Framework472.MainDoc" >}}
[Microsoft SQL Server 2019]: {{< url path="MSEval.SQLServer.2019" >}}
[Microsoft SQL Server 2016]: {{< url path="MSEval.SQLServer.2016" >}}
diff --git a/content/en/docs/2023.7/_index.md b/content/en/docs/2023.7/_index.md
index 2d8a28255..39852a9a5 100644
--- a/content/en/docs/2023.7/_index.md
+++ b/content/en/docs/2023.7/_index.md
@@ -2,5 +2,5 @@
title: "2023.7"
linkTitle: "2023.7"
description: "Product documentation for the {{% ctx %}} automation platform, including guides, tutorials and reference documentation."
-weight: 998
+weight: 997
---
diff --git a/content/en/docs/2023.9/Tutorials/administration.md b/content/en/docs/2023.9/Tutorials/Administration/_index.md
similarity index 96%
rename from content/en/docs/2023.9/Tutorials/administration.md
rename to content/en/docs/2023.9/Tutorials/Administration/_index.md
index 9d16366ae..c3a313be9 100644
--- a/content/en/docs/2023.9/Tutorials/administration.md
+++ b/content/en/docs/2023.9/Tutorials/Administration/_index.md
@@ -5,10 +5,6 @@ description: "This section includes tutorials about administering the {{% ctx %}
weight: 40
---
-# {{< param title >}}
-
-{{< param description >}}
-
## Managing role-based access control
Shows how to manage role-based access control within Gateway, including assigning access and flow permissions.
diff --git a/content/en/docs/2023.11/Tutorials/development.md b/content/en/docs/2023.9/Tutorials/Development/_index.md
similarity index 98%
rename from content/en/docs/2023.11/Tutorials/development.md
rename to content/en/docs/2023.9/Tutorials/Development/_index.md
index 1c06433de..4b9c22d5f 100644
--- a/content/en/docs/2023.11/Tutorials/development.md
+++ b/content/en/docs/2023.9/Tutorials/Development/_index.md
@@ -5,10 +5,6 @@ description: "This section includes tutorials about developing automation using
weight: 30
---
-# {{< param title >}}
-
-{{< param description >}}
-
## Signing in and out of Gateway
Shows how to sign in and out of {{% ctx %}} Gateway.
diff --git a/content/en/docs/2023.11/Tutorials/troubleshooting.md b/content/en/docs/2023.9/Tutorials/Troubleshooting/_index.md
similarity index 90%
rename from content/en/docs/2023.11/Tutorials/troubleshooting.md
rename to content/en/docs/2023.9/Tutorials/Troubleshooting/_index.md
index 09875afda..d7120fa05 100644
--- a/content/en/docs/2023.11/Tutorials/troubleshooting.md
+++ b/content/en/docs/2023.9/Tutorials/Troubleshooting/_index.md
@@ -5,10 +5,6 @@ description: "This section includes tutorials about troubleshooting the {{% ctx
weight: 50
---
-# {{< param title >}}
-
-{{< param description >}}
-
## Errors when starting published flows
When making requests to start published flows, you may encounter errors. The videos below will show you how to fix them.
diff --git a/content/en/docs/2023.9/Whats New/_index.md b/content/en/docs/2023.9/Whats New/_index.md
index 0d31f6096..001575d5c 100644
--- a/content/en/docs/2023.9/Whats New/_index.md
+++ b/content/en/docs/2023.9/Whats New/_index.md
@@ -7,68 +7,48 @@ weight: 1
## Summary
-2023.7 is the fourth [Fast Track][] release of the next generation of {{% ctx %}} and continues our journey to improve on the previous 7.X generation in the following areas:
+2023.9 is the fifth [Fast Track][] release of the next generation of {{% ctx %}} and continues our journey to improve on the previous 7.X generation in the following areas:
-* [Usability][]
* [Capability][]
* [Documentation][]
-## Improved Usability
-
-This release introduces:
-
-* [API Gateway Consolidation][]
-
## Improved Capability
This release introduces:
-* Two new services within the [HA Platform][]:
- * [Concurrency Management Service][]
- * [Scheduling Service][]
-* Debugging has been moved to the Execution Service, and the [Flow Debugging Service has been removed][Removed Flow Debugger Service]
-* Five [new Blocks][New Blocks], adding new functionality to work with:
- * [Data Storage][]
-* Two [new Common Properties][New Common Properties] have been added to most blocks:
- * [Semaphore][Semaphore Property]
- * [Run As][Run As Property]
-* [Improvements to the Interaction Portal][]
+* One new service within the [HA Platform][]:
+ * [Triggers Service][]
+* Six [New Blocks][] have been added to the Innovation platform to work with:
+ * [Data Storage][] - Allowing for communication using the shared Data Storage within the HA Platform
## Improved Documentation
This release introduces:
* [Product Portal][] changes, including:
- * Documentation has been updated to reflect the [new and upcoming services][HA Platform]
+ * Documentation has been updated to reflect the [new services][HA Platform]
* Reference documentation has been added for the [new blocks][New Blocks]
- * Reference documentation has been added for the [new common properties][New Common Properties]
## Other Improvements
This release additionally introduces:
-* [Improvements to installation process of the HA Platform][]
+* [CORTEX Gateway Rebranding][]
+* [Windows Server 2022 Support][]
-For a full list of what has been introduced in this release, please see the [2023.7 Release Notes][]
+For a full list of what has been introduced in this release, please see the [2023.9 Release Notes][]
-[Usability]: {{< ref "#improved-usability" >}}
[Capability]: {{< ref "#improved-capability" >}}
[Documentation]: {{< ref "#improved-documentation" >}}
-[Improvements to the Interaction Portal]: {{< url path="Cortex.Blogs.Releases.2023.7.ImprovedInteractionPortal" version="2023.7" >}}
-[HA Platform]: {{< url path="Cortex.Blogs.Releases.2023.7.ExpansionOfTheHAPlatform" version="2023.7" >}}
-[Concurrency Management Service]: {{< url path="Cortex.Blogs.Releases.2023.7.NewConcurrencyManagementService" version="2023.7" >}}
-[Scheduling Service]: {{< url path="Cortex.Blogs.Releases.2023.7.NewSchedulingService" version="2023.7" >}}
-[API Gateway Consolidation]: {{< url path="Cortex.Blogs.Releases.2023.7.APIGatewayConsolidation" version="2023.7" >}}
-[New Blocks]: {{< url path="Cortex.Blogs.Releases.2023.7.NewBlocks" version="2023.7" >}}
-[New Common Properties]: {{< url path="Cortex.Blogs.Releases.2023.7.NewCommonBlockProperties" version="2023.7" >}}
-[Product Portal]: {{< url path="Cortex.Blogs.Releases.2023.7.ProductPortal" version="2023.7" >}}
-[Improvements to installation process of the HA Platform]: {{< url path="Cortex.Blogs.Releases.2023.7.ImprovedInstallationProcess" version="2023.7" >}}
-[Removed Flow Debugger Service]: {{< url path="Cortex.Blogs.Releases.2023.7.RemovedFlowDebuggerService" version="2023.7" >}}
-[2023.7 Release Notes]: {{< url path="Cortex.Blogs.Releases.2023.7.MainDoc" version="2023.7" >}}
-
-[Semaphore Property]: {{< url path="Cortex.Reference.Concepts.Fundamentals.Blocks.BlockProperties.CommonProperties.SemaphoreProperty" version="2023.7" >}}
-[Run As Property]: {{< url path="Cortex.Reference.Concepts.Fundamentals.Blocks.BlockProperties.CommonProperties.RunAsProperty" version="2023.7" >}}
-[Data Storage]: {{< url path="Cortex.Reference.Blocks.DataStorage.MainDoc" version="2023.7" >}}
+[HA Platform]: {{< url path="Cortex.Blogs.Releases.2023.9.ExpansionOfTheHAPlatform" version="2023.9" >}}
+[Triggers Service]: {{< url path="Cortex.Blogs.Releases.2023.9.NewTriggersService" version="2023.9" >}}
+[New Blocks]: {{< url path="Cortex.Blogs.Releases.2023.9.NewBlocks" version="2023.9" >}}
+[CORTEX Gateway Rebranding]: {{< url path="Cortex.Blogs.Releases.2023.9.CORTEXGatewayRebranding" version="2023.9" >}}
+[Windows Server 2022 Support]: {{< url path="Cortex.Blogs.Releases.2023.9.WindowsServer2022Support" version="2023.9" >}}
+[Product Portal]: {{< url path="Cortex.Blogs.Releases.2023.9.ProductPortal" version="2023.9" >}}
+[2023.9 Release Notes]: {{< url path="Cortex.Blogs.Releases.2023.9.MainDoc" version="2023.9" >}}
+
+[Data Storage]: {{< url path="Cortex.Reference.Blocks.DataStorage.MainDoc" version="2023.9" >}}
[Fast Track]: {{< url path="Cortex.Reference.Glossary.F-J.FastTrack" >}}
diff --git a/content/en/docs/2023.9/_index.md b/content/en/docs/2023.9/_index.md
index fde27fabf..972ed229c 100644
--- a/content/en/docs/2023.9/_index.md
+++ b/content/en/docs/2023.9/_index.md
@@ -2,5 +2,5 @@
title: "2023.9"
linkTitle: "2023.9"
description: "Product documentation for the {{% ctx %}} automation platform, including guides, tutorials and reference documentation."
-weight: 998
+weight: 996
---
diff --git a/content/en/docs/2023.9/_shared/architecture/components/purpose/triggers-service.md b/content/en/docs/2023.9/_shared/architecture/components/purpose/triggers-service.md
index bcf48f29e..5733fd93e 100644
--- a/content/en/docs/2023.9/_shared/architecture/components/purpose/triggers-service.md
+++ b/content/en/docs/2023.9/_shared/architecture/components/purpose/triggers-service.md
@@ -1 +1 @@
-Application Service that handles automatically triggering executions within the Innovation platform.
\ No newline at end of file
+Application Service that handles automatically triggering executions in response to external events (e.g. receipt of an SNMP trap).
\ No newline at end of file
diff --git a/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/import-dashboards.md b/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/import-dashboards.md
index 7e941128b..d8293a15f 100644
--- a/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/import-dashboards.md
+++ b/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/import-dashboards.md
@@ -65,7 +65,7 @@ To do this, follow these steps for all default {{% ctx %}} Innovation dashboards
1. [Try it Out][]
[configured]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.SetupLoki.MainDoc" >}}
-[Grafana.Dashboards.zip]: {{< url path="GitHub.Cortex.Observability.2.0.0.GrafanaDashboardsZip" >}}
+[Grafana.Dashboards.zip]: {{< url path="GitHub.Cortex.Observability.2.0.1.GrafanaDashboardsZip" >}}
[Grafana]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.SetupGrafana.MainDoc" >}}
[Loki]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.SetupLoki.MainDoc" >}}
[Try it Out]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.TryItOut.MainDoc" >}}
\ No newline at end of file
diff --git a/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md b/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
index 82d97ed64..6a43f951a 100644
--- a/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
+++ b/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
@@ -27,4 +27,4 @@ This archive contains the `promtail-local-config.yaml` configuration file, [NSSM
[NSSM]: {{< url path="NSSM.MainDoc" >}}
[Prerequisites]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.Prerequisites.MainDoc" >}}
[Promtail 2.5.0]: {{< url path="Grafana.SelfManaged.Downloads.Promtail.PromtailInstallZip" >}}
-[Promtail Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.0.PromtailInstallZip" >}}
+[Promtail Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.1.PromtailInstallZip" >}}
diff --git a/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/prerequisites.md b/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/prerequisites.md
index fde93b402..d4e9f7795 100644
--- a/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/prerequisites.md
+++ b/content/en/docs/2023.9/getting-started/cloud/add-observability-to-innovation/Grafana/prerequisites.md
@@ -21,7 +21,7 @@ The application servers must have internet access in order to communicate with t
| Server Role | Windows Server[^1] | Other Software |
|--------------------|------------------------------------------------|--------------------|
-| Application Server | [2019 (x64)][] *Recommended*
[2016 (x64)][] | [Promtail 2.5.0][] |
+| Application Server | [2022 (x64)][] *Recommended*
[2019 (x64)][] | [Promtail 2.5.0][] |
[^1]: Windows Server Standard and Datacenter editions are supported. Filesystem **must be NTFS** and networking **must use IPv4**. Linux is not supported, but may be in the future.
@@ -52,8 +52,8 @@ A domain user which is a member of the Local Administrators group on all Applica
1. [Set up Grafana][]
-[2016 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2016" >}}
[2019 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2019" >}}
+[2022 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2022" >}}
[Architecture]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.Architecture.MainDoc" >}}
[Set up Grafana]: {{< url path="Cortex.GettingStarted.Cloud.AddObservabilityToInnovation.Grafana.SetupGrafana.MainDoc" >}}
[Promtail 2.5.0]: {{< url path="Grafana.SelfManaged.Downloads.Promtail.PromtailInstallZip" >}}
diff --git a/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-application-and-loadbalancer-servers.md b/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
index 4934eda0f..c3b82ec80 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
@@ -218,8 +218,8 @@ To avoid answering all of the prompts `-Override 0` can be added to the end of t
|----------------------------------------------|-------------|
|`AppServicesPath` | Configure this value with the location of the Application Services zip file on the Application Server used for installation. |
|`BlockPackagesPath` | Configure this value with the location of the Block Packages zip file on the Application Server used for installation. |
- |`ApiGatewayBasicAuthUsername` | Configure this value with the username that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
Currently only Basic Authentication using a single user is supported, OAuth2 will be supported in a future release.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway]. |
- |`ApiGatewayBasicAuthPassword` | Configure this value with the password that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].|
+ |`ApiGatewayBasicAuthUsername` | Configure this value with a username that can be used to make HTTPS requests to the API Gateway Service using Basic Authentication (e.g. starting flows). This username will be used by Gateway for all HTTPS requests to the API Gateway Service.
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].
This username can also be used by external services for HTTPS requests to the API Gateway Service but is not recommended; these requests should use an OAuth2 session for an authorised Active Directory user.|
+ |`ApiGatewayBasicAuthPassword` | Configure this value with the password for the username specified for `ApiGatewayBasicAuthUsername`.
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].|
|`CustomerName` | A name identifying the platform being installed. This must have no spaces or symbols. It will be appended to the node names that are displayed in Service Fabric Explorer. |
|`ApplicationServerIPv4Addresses` | The IPv4 addresses of the Application Servers. The first of these must be the Application Server used for installation. |
|`LoadBalancerServerIPv4Address` | The IPv4 address of the Load Balancer Server. This is only needed if using the built-in load balancer. |
diff --git a/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/prerequisites.md b/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/prerequisites.md
index 1319c2e3f..6ee293849 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/prerequisites.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/multiple-server-with-ha/prerequisites.md
@@ -290,6 +290,7 @@ Innovation has a [gobetween][] load balancer included that isn't highly availabl
* Must support a round robin (or similar) method of load balancing to specified ports on 3 nodes.
* Must be able to health check each node by running a predefined batch script (`ApiGatewayTypeHealthcheck.bat`, which resides in the `gobetween` folder of the `Cortex Innovation {{< version >}} - App Server Install Scripts`) that returns 1 for healthy and 0 for unhealthy.
* Must be able to access each of the Application Servers via HTTPS.
+* Ideally it should support UDP to use the SNMP functionality of the [Triggers Service][TriggersService].
* Ideally it should be highly available to avoid a single point of failure in the system.
## Next Steps?
@@ -306,6 +307,7 @@ Application Servers and Load Balancer server are installed in the same way regar
[Minimum Architecture]: {{< url path="Cortex.GettingStarted.OnPremise.AddInnovationTo72.MultipleServerWithHA.MinimumArchitecture" >}}
[Alternative Architectures]: {{< url path="Cortex.GettingStarted.OnPremise.AddInnovationTo72.MultipleServerWithHA.AlternativeArchitectures" >}}
[SSL Best Practices]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.SSLBestPractices" >}}
+[TriggersService]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.TriggersService.MainDoc" >}}
[gobetween]: {{< url path="GoBetween.MainDoc" >}}
[CORTEX Service Portal]: {{< url path="Cortex.ServicePortal.MainDoc" >}}
[Anycast]: {{< url path="Anycast.MainDoc" >}}
diff --git a/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-application-server.md b/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-application-server.md
index 8a8aa6fb0..0619fb480 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-application-server.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/add-innovation-to-72/single-server-without-ha/install-application-server.md
@@ -171,8 +171,8 @@ To avoid answering all of the prompts `-Override 0` can be added to the end of t
|----------------------------------------------|-------------|
|`AppServicesPath` | Configure this value with the location of the App Services zip file on the server. |
|`BlockPackagesPath` | Configure this value with the location of the Block Packages zip file on the server. |
- |`ApiGatewayBasicAuthUsername` | Configure this value with the username that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
Currently only Basic Authentication using a single user is supported, OAuth2 will be supported in a future release.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway]. |
- |`ApiGatewayBasicAuthPassword` | Configure this value with the password that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows). This should be [{{% ctx %}} Encrypted][CORTEX Encrypted].
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].|
+ |`ApiGatewayBasicAuthUsername` | Configure this value with a username that can be used to make HTTPS requests to the API Gateway Service using Basic Authentication (e.g. starting flows). This username will be used by Gateway for all HTTPS requests to the API Gateway Service.
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].
This username can also be used by external services for HTTPS requests to the API Gateway Service but is not recommended; these requests should use an OAuth2 session for an authorised Active Directory user.|
+ |`ApiGatewayBasicAuthPassword` | Configure this value with the password for the username specified for `ApiGatewayBasicAuthUsername`.
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when upgrading Gateway][Upgrade Gateway].|
|`CustomerName` | A name identifying the platform being installed. This must have no spaces or symbols. It will be appended to the node names that are displayed in Service Fabric Explorer. |
|`ApplicationServerIPv4Addresses` | The IPv4 address of the server.|
|`ServerCertificatePath` | The local path of a .PFX certificate file on the server. Environment variables cannot be used.
This is only needed if installing with CA Certificates (Recommended). The certificate should meet the [Certificate Requirements][].
This certificate will be used for: - Securing communication between the Application Services.
- Allowing Application Services to identify themselves to clients such as Gateway.
- Preventing unauthorised nodes from joining the single node cluster.
- Connecting to Service Fabric Explorer from each of the Application Servers.
{{< alert type="warning" title="Warning" >}}It is critical to set a reminder to {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.RolloverCertificates" title="update certificates" >}} in good time before they expire. If they expire then the platform will cease to function and {{< ahref path="Cortex.ServicePortal.MainDoc" title="CORTEX Service Portal" >}} must be contacted for support.{{< /alert >}}|
diff --git a/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/install-loki/install-loki.md b/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/install-loki/install-loki.md
index 0ed155291..ed0cb9c53 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/install-loki/install-loki.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/install-loki/install-loki.md
@@ -26,7 +26,7 @@ This archive contains the `loki-local-config.yaml` configuration file, [NSSM][]
[Configure Loki]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.InstallLoki.ConfigureLoki" >}}
[Grafana Loki 2.5.0]: {{< url path="Grafana.SelfManaged.Downloads.GrafanaLoki.GrafanaLokiInstallZip" >}}
-[Grafana Loki Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.0.GrafanaLokiInstallZip" >}}
+[Grafana Loki Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.1.GrafanaLokiInstallZip" >}}
[NSSM]: {{< url path="NSSM.MainDoc" >}}
[Prerequisites]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.Prerequisites" >}}
[Software Requirements]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.SoftwareRequirements" >}}
diff --git a/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md b/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
index 3d9a0b82a..93cab26e4 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/install-promtail/install-promtail.md
@@ -27,5 +27,5 @@ This archive contains the `promtail-local-config.yaml` configuration file, [NSSM
[NSSM]: {{< url path="NSSM.MainDoc" >}}
[Prerequisites]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.Prerequisites" >}}
[Promtail 2.5.0]: {{< url path="Grafana.SelfManaged.Downloads.Promtail.PromtailInstallZip" >}}
-[Promtail Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.0.PromtailInstallZip" >}}
+[Promtail Install.zip]: {{< url path="GitHub.Cortex.Observability.2.0.1.PromtailInstallZip" >}}
[Software Requirements]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.SoftwareRequirements" >}}
diff --git a/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/prerequisites.md b/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/prerequisites.md
index 06412ecdd..19dc11125 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/prerequisites.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/prerequisites.md
@@ -40,13 +40,13 @@ The application servers (as described in {{< ahref path="Cortex.GettingStarted.O
| Server Role | Windows Server[^1] | IIS[^2] | Other Software |
|------------------|-------------------------|---------|----------|
-| Web Application Server | [2019 (x64)][] *Recommended*
[2016 (x64)][] | 10.0.17763[^3]
10.0.14393[^4]
IIS Basic Authentication[^5]
[URL Rewrite module 2.1][] | [Grafana 8.5.4][] *Enterprise Edition*
[Grafana Loki 2.5.0][]|
-| Application Server | [2019 (x64)][] *Recommended*
[2016 (x64)][] | | [Promtail 2.5.0][]|
+| Web Application Server | [2022 (x64)][] *Recommended*
[2019 (x64)][] | 10.0.20348[^3]
10.0.17763[^4]
IIS Basic Authentication[^5]
[URL Rewrite module 2.1][] | [Grafana 8.5.4][] *Enterprise Edition*
[Grafana Loki 2.5.0][]|
+| Application Server | [2022 (x64)][] *Recommended*
[2019 (x64)][] | | [Promtail 2.5.0][]|
[^1]: Windows Server Standard and Datacenter editions are supported. Filesystem **must be NTFS** and networking **must use IPv4**. Linux is not supported, but may be in the future.
[^2]: IIS is supported; other web servers, including IIS Express are not supported.
-[^3]: Ships as a windows role within Windows Server 2019.
-[^4]: Ships as a windows role within Windows Server 2016.
+[^3]: Ships as a windows role within Windows Server 2022.
+[^4]: Ships as a windows role within Windows Server 2019.
[^5]: Installed during the [Install IIS Basic Authentication][] configuration steps.
## Domain Requirements
@@ -152,8 +152,8 @@ A domain user which is a member of the Local Administrators group on all Applica
1. [Install Grafana][]
-[2016 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2016" >}}
[2019 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2019" >}}
+[2022 (x64)]: {{< url path="Microsoft.Downloads.Windows.Server2022" >}}
[Architecture]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.Architecture" >}}
[configuring Grafana to use HTTPS]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.InstallGrafana.ConfigureHTTPS" >}}
[Create Self-Signed Certificates]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.Advanced.CreateSelfSignedCertificates" >}}
diff --git a/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/setup-grafana.md b/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/setup-grafana.md
index d45e4565b..e4491513d 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/setup-grafana.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/add-observability-to-innovation/Grafana/setup-grafana.md
@@ -79,7 +79,7 @@ To do this, follow these steps for all default {{% ctx %}} Innovation dashboards
1. [Try it Out][]
-[Grafana.Dashboards.zip]: {{< url path="GitHub.Cortex.Observability.2.0.0.GrafanaDashboardsZip" >}}
+[Grafana.Dashboards.zip]: {{< url path="GitHub.Cortex.Observability.2.0.1.GrafanaDashboardsZip" >}}
[Grafana]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.InstallGrafana.MainDoc" >}}
[Loki]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.InstallLoki.MainDoc" >}}
[Try it Out]: {{< url path="Cortex.GettingStarted.OnPremise.AddObservabilityToInnovation.Grafana.TryItOut" >}}
diff --git a/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/advanced/port-requirements.md b/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/advanced/port-requirements.md
index db6b50350..337b839d7 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/advanced/port-requirements.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/advanced/port-requirements.md
@@ -69,11 +69,11 @@ Each service has an endpoint which is used to communicate with Service Fabric an
{{% alert title="Note" %}}Only applicable for installations with HA.{{% /alert %}}
-The load balancer server must be able to retrieve traffic via HTTPS. The following firewall ports are opened by the installer (these rules will all appear in Windows Firewall with names starting with `{CustomerName}`):
+The following firewall ports are opened by the installer (these rules will all appear in Windows Firewall with names starting with `{CustomerName}`):
|Name in Rule | Name in Config | Default Port(s) | Protocol(s) | Direction | Program |
|--------------------|----------------------|-----------------|-------------|-----------|---------|
-| GoBetweenTlsPort | loadBalancerSnmpPort | 162 | UDP | Inbound | Any |
+| GoBetweenSnmpPort | loadBalancerSnmpPort | 162 | UDP | Inbound | Any |
| GoBetweenTlsPort | loadBalancerTlsPort | 443 | TCP | Inbound | Any |
[Dynamic Ports]: {{< url path="MSSupport.Troubleshooting.DynamicPorts" >}}
diff --git a/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-application-and-loadbalancer-servers.md b/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
index 9549d82c9..34916ba8d 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/install-application-and-loadbalancer-servers.md
@@ -218,8 +218,8 @@ To avoid answering all of the prompts `-Override 0` can be added to the end of t
|----------------------------------------------|-------------|
|`AppServicesPath` | Configure this value with the location of the Application Services zip file on the Application Server used for installation. |
|`BlockPackagesPath` | Configure this value with the location of the Block Packages zip file on the Application Server used for installation. |
- |`ApiGatewayBasicAuthUsername` | Configure this value with the username that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
Currently only Basic Authentication using a single user is supported, OAuth2 will be supported in a future release.
This value will be needed [later, when installing Gateway][Install Gateway]. |
- |`ApiGatewayBasicAuthPassword` | Configure this value with the password that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when installing Gateway][Install Gateway].|
+ |`ApiGatewayBasicAuthUsername` | Configure this value with a username that can be used to make HTTPS requests to the API Gateway Service using Basic Authentication (e.g. starting flows). This username will be used by Gateway for all HTTPS requests to the API Gateway Service.
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
This value will be needed [later, when installing Gateway][Install Gateway].
This username can also be used by external services for HTTPS requests to the API Gateway Service but is not recommended; these requests should use an OAuth2 session for an authorised Active Directory user.|
+ |`ApiGatewayBasicAuthPassword` | Configure this value with the password for the username specified for `ApiGatewayBasicAuthUsername`.
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when installing Gateway][Install Gateway].|
|`CustomerName` | A name identifying the platform being installed. This must have no spaces or symbols. It will be appended to the node names that are displayed in Service Fabric Explorer. |
|`ApplicationServerIPv4Addresses` | The IPv4 addresses of the Application Servers. The first of these must be the Application Server used for installation. |
|`LoadBalancerServerIPv4Address` | The IPv4 address of the Load Balancer Server. This is only needed if using the built-in load balancer. |
diff --git a/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/prerequisites.md b/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/prerequisites.md
index c1d3ea80f..41e5c72fa 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/prerequisites.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/multiple-server-with-ha/prerequisites.md
@@ -26,16 +26,16 @@ The prerequisites required for each server role (as described in [Architecture][
| Server Role | Windows Server[^3] | SQL Server[^4] | .Net | PowerShell[^5] | IIS[^6] | Other Software |
|------------------|-------------------------|---------------------|------|------------|---------|----------|
-| Load Balancer | [2019 (x64)][Microsoft Server 2019] *Recommended*
[2016 (x64)][Microsoft Server 2016] | | [Framework 4.7.2][NET Framework 472] | 5.1 | |
-| Application Server | [2019 (x64)][Microsoft Server 2019] *Recommended*
[2016 (x64)][Microsoft Server 2016] | | [Framework 4.7.2][NET Framework 472] | 5.1 | |
-| Web Application Server | [2019 (x64)][Microsoft Server 2019] *Recommended*
[2016 (x64)][Microsoft Server 2016] | [2019][Microsoft SQL Server 2019]
[2016][Microsoft SQL Server 2016]
[2016 Express][Microsoft SQL Express 2016] | [Framework 4.7.2][NET Framework 472] | 5.1 | 10.0.17763[^7]
10.0.14393[^8]
[URL Rewrite Module 2.1][IIS Url Rewrite] | [Microsoft Web Deploy 3.0 or later][Web Deploy]
[Visual C++ Redistributable 2013 (x64)][C++ Redistributable] |
+| Load Balancer | [2022 (x64)][Microsoft Server 2022] *Recommended*
[2019 (x64)][Microsoft Server 2019] | | [Framework 4.7.2][NET Framework 472] | 5.1 | |
+| Application Server | [2022 (x64)][Microsoft Server 2022] *Recommended*
[2019 (x64)][Microsoft Server 2019] | | [Framework 4.7.2][NET Framework 472] | 5.1 | |
+| Web Application Server | [2022 (x64)][Microsoft Server 2022] *Recommended*
[2019 (x64)][Microsoft Server 2019] | [2019][Microsoft SQL Server 2019]
[2016][Microsoft SQL Server 2016]
[2016 Express][Microsoft SQL Express 2016] | [Framework 4.7.2][NET Framework 472] | 5.1 | 10.0.20348[^7]
10.0.17763[^8]
[URL Rewrite Module 2.1][IIS Url Rewrite] | [Microsoft Web Deploy 3.0 or later][Web Deploy]
[Visual C++ Redistributable 2013 (x64)][C++ Redistributable] |
[^3]: Windows Server Standard and Datacenter editions are supported. Filesystem **must be NTFS** and networking **must use IPv4**. Linux is not supported, but may be in the future.
[^4]: SQL Server Express, Standard and Enterprise are supported. Other databases are not supported. Note that [Transparent Data Encryption][] is not supported on SQL Server Express.
-[^5]: PowerShell 5.1 ships with Windows Server 2016 and 2019.
+[^5]: PowerShell 5.1 ships with Windows Server 2019 and 2022.
[^6]: IIS is supported; other web servers, including IIS Express are not supported.
-[^7]: Ships as a windows role within Windows Server 2019.
-[^8]: Ships as a windows role within Windows Server 2016.
+[^7]: Ships as a windows role within Windows Server 2022.
+[^8]: Ships as a windows role within Windows Server 2019.
## Domain Requirements
@@ -264,6 +264,7 @@ Innovation has a [gobetween][] load balancer included that isn't highly availabl
* Must support a round robin (or similar) method of load balancing to specified ports on 3 nodes.
* Must be able to health check each node by running a predefined batch script (`ApiGatewayTypeHealthcheck.bat`, which resides in the `gobetween` folder of the `Cortex Innovation {{< version >}} - App Server Install Scripts`) that returns 1 for healthy and 0 for unhealthy.
* Must be able to access each of the Application Servers via HTTPS.
+* Ideally it should support UDP to use the SNMP functionality of the [Triggers Service][TriggersService].
* Ideally it should be highly available to avoid a single point of failure in the system.
## Next Steps?
@@ -276,12 +277,13 @@ Innovation has a [gobetween][] load balancer included that isn't highly availabl
[Architecture]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.MultipleServerWithHA.Architecture" >}}
[Create Self-Signed Certificates]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.CreateSelfSignedCertificates" >}}
[SSL Best Practices]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.SSLBestPractices" >}}
+[TriggersService]: {{< url path="Cortex.Guides.CortexInnovation.CoreApplication.Services.TriggersService.MainDoc" >}}
[gobetween]: {{< url path="GoBetween.MainDoc" >}}
[CORTEX Service Portal]: {{< url path="Cortex.ServicePortal.MainDoc" >}}
[Anycast]: {{< url path="Anycast.MainDoc" >}}
[alternative load balancer]: {{< ref "#alternative-load-balancer-requirements" >}}
[Microsoft Server 2019]: {{< url path="MSEval.WindowsServer.2019" >}}
-[Microsoft Server 2016]: {{< url path="MSEval.WindowsServer.2016" >}}
+[Microsoft Server 2022]: {{< url path="MSEval.WindowsServer.2022" >}}
[NET Framework 472]: {{< url path="MSDotNet.Framework472.MainDoc" >}}
[Microsoft SQL Server 2019]: {{< url path="MSEval.SQLServer.2019" >}}
[Microsoft SQL Server 2016]: {{< url path="MSEval.SQLServer.2016" >}}
diff --git a/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-application-server.md b/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-application-server.md
index 4d9ca32d5..f3a3f639a 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-application-server.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/single-server-without-ha/install-application-server.md
@@ -171,8 +171,8 @@ To avoid answering all of the prompts `-Override 0` can be added to the end of t
|----------------------------------------------|-------------|
|`AppServicesPath` | Configure this value with the location of the App Services zip file on the server. |
|`BlockPackagesPath` | Configure this value with the location of the Block Packages zip file on the server. |
- |`ApiGatewayBasicAuthUsername` | Configure this value with the username that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows).
Currently only Basic Authentication using a single user is supported, OAuth2 will be supported in a future release.
This value will be needed [later, when installing Gateway][Install Gateway]. |
- |`ApiGatewayBasicAuthPassword` | Configure this value with the password that will be used for Basic Authentication when making HTTPS requests to the API Gateway Service (e.g. starting production flows). This should be [{{% ctx %}} Encrypted][CORTEX Encrypted].
This value will be needed [later, when installing Gateway][Install Gateway].|
+ |`ApiGatewayBasicAuthUsername` | Configure this value with a username that can be used to make HTTPS requests to the API Gateway Service using Basic Authentication (e.g. starting flows). This username will be used by Gateway for all HTTPS requests to the API Gateway Service.
For security reasons it is recommended that the default value `BasicAuthUser` should be changed.
This value will be needed [later, when installing Gateway][Install Gateway].
This username can also be used by external services for HTTPS requests to the API Gateway Service but is not recommended; these requests should use an OAuth2 session for an authorised Active Directory user.|
+ |`ApiGatewayBasicAuthPassword` | Configure this value with the password for the username specified for `ApiGatewayBasicAuthUsername`.
This password should be [{{% ctx %}} Encrypted][CORTEX Encrypted]. For security reasons it is recommended that the default value `ADA9883B11BD4CDC908B8131B57944A4` should be changed.
This value will be needed [later, when installing Gateway][Install Gateway].|
|`CustomerName` | A name identifying the platform being installed. This must have no spaces or symbols. It will be appended to the node names that are displayed in Service Fabric Explorer. |
|`ApplicationServerIPv4Addresses` | The IPv4 address of the server.|
|`ServerCertificatePath` | The local path of a .PFX certificate file on the server. Environment variables cannot be used.
This is only needed if installing with CA Certificates (Recommended). The certificate should meet the [Certificate Requirements][].
This certificate will be used for: - Securing communication between the Application Services.
- Allowing Application Services to identify themselves to clients such as Gateway.
- Preventing unauthorised nodes from joining the single node cluster.
- Connecting to Service Fabric Explorer from each of the Application Servers.
{{< alert type="warning" title="Warning" >}}It is critical to set a reminder to {{< ahref path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.RolloverCertificates" title="update certificates" >}} in good time before they expire. If they expire then the platform will cease to function and {{< ahref path="Cortex.ServicePortal.MainDoc" title="CORTEX Service Portal" >}} must be contacted for support.{{< /alert >}}|
diff --git a/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/single-server-without-ha/prerequisites.md b/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/single-server-without-ha/prerequisites.md
index 62869ee73..3e294e2e2 100644
--- a/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/single-server-without-ha/prerequisites.md
+++ b/content/en/docs/2023.9/getting-started/on-premise/install-innovation-only/single-server-without-ha/prerequisites.md
@@ -21,14 +21,14 @@ The prerequisites required for a single server (as described in [Architecture][]
| Server Role | Windows Server[^1] | SQL Server[^2] | .Net | PowerShell[^3] | IIS[^4] | Other Software |
|------------------|-------------------------|---------------------|------|------------|---------|----------|
-| Single Server
*Application Server +
Web Application Server* | [2019 (x64)][Microsoft Server 2019] *Recommended*
[2016 (x64)][Microsoft Server 2016] | [2019][Microsoft SQL Server 2019]
[2016][Microsoft SQL Server 2016]
[2016 Express][Microsoft SQL Express 2016] | [Framework 4.7.2][NET Framework 472] | 5.1 | 10.0.17763[^5]
10.0.14393[^6]
[URL Rewrite Module 2.1][IIS Url Rewrite] | [Microsoft Web Deploy 3.0 or later][Web Deploy]
[Visual C++ Redistributable 2013 (x64)][C++ Redistributable] |
+| Single Server
*Application Server +
Web Application Server* | [2022 (x64)][Microsoft Server 2022] *Recommended*
[2019 (x64)][Microsoft Server 2019] | [2019][Microsoft SQL Server 2019]
[2016][Microsoft SQL Server 2016]
[2016 Express][Microsoft SQL Express 2016] | [Framework 4.7.2][NET Framework 472] | 5.1 | 10.0.20348[^5]
10.0.17763[^6]
[URL Rewrite Module 2.1][IIS Url Rewrite] | [Microsoft Web Deploy 3.0 or later][Web Deploy]
[Visual C++ Redistributable 2013 (x64)][C++ Redistributable] |
[^1]: Windows Server Standard and Datacenter editions are supported. Filesystem **must be NTFS** and networking **must use IPv4**. Linux is not supported, but may be in the future.
[^2]: SQL Server Express, Standard and Enterprise are supported. Other databases are not supported. Note that [Transparent Data Encryption][] is not supported on SQL Server Express.
-[^3]: PowerShell 5.1 ships with Windows Server 2016 and 2019.
+[^3]: PowerShell 5.1 ships with Windows Server 2019 and 2022.
[^4]: IIS is supported; other web servers, including IIS Express are not supported.
-[^5]: Ships as a windows role within Windows Server 2019.
-[^6]: Ships as a windows role within Windows Server 2016.
+[^5]: Ships as a windows role within Windows Server 2022.
+[^6]: Ships as a windows role within Windows Server 2019.
## Domain Requirements
@@ -225,7 +225,7 @@ See [SSL Best Practices][] for a full list of the security changes which will be
[SSL Best Practices]: {{< url path="Cortex.GettingStarted.OnPremise.InstallInnovationOnly.Advanced.SSLBestPractices" >}}
[CORTEX Service Portal]: {{< url path="Cortex.ServicePortal.MainDoc" >}}
[Microsoft Server 2019]: {{< url path="MSEval.WindowsServer.2019" >}}
-[Microsoft Server 2016]: {{< url path="MSEval.WindowsServer.2016" >}}
+[Microsoft Server 2022]: {{< url path="MSEval.WindowsServer.2022" >}}
[NET Framework 472]: {{< url path="MSDotNet.Framework472.MainDoc" >}}
[Microsoft SQL Server 2019]: {{< url path="MSEval.SQLServer.2019" >}}
[Microsoft SQL Server 2016]: {{< url path="MSEval.SQLServer.2016" >}}
diff --git a/data/urls.toml b/data/urls.toml
index 2e9bac3c3..fe64ab68a 100644
--- a/data/urls.toml
+++ b/data/urls.toml
@@ -44,6 +44,14 @@
ImprovedInstallationProcess = "/blog/2023/08/21/2023.7/#improved-installation-process"
RemovedFlowDebuggerService = "/blog/2023/08/21/2023.7/#removed-flow-debugger-service"
ProductPortal = "/blog/2023/08/21/2023.7/#product-portal"
+ [Cortex.Blogs.Releases.2023.9]
+ MainDoc = "/blog/2023/10/16/2023.9/"
+ ExpansionOfTheHAPlatform = "/blog/2023/10/16/2023.9/#expansion-of-the-ha-platform"
+ NewTriggersService = "/blog/2023/10/16/2023.9/#new-triggers-service"
+ NewBlocks = "/blog/2023/10/16/2023.9/#new-blocks"
+ CORTEXGatewayRebranding = "/blog/2023/10/16/2023.9/#cortex-gateway-rebranding"
+ WindowsServer2022Support = "/blog/2023/10/16/2023.9/#windows-server-2022-support"
+ ProductPortal = "/blog/2023/10/16/2023.9/#product-portal"
[Cortex.Blogs.Releases.2022.X]
MainDoc = "/blog/releases/2022.x"
[Cortex.Blogs.Releases.2022.9]
@@ -2078,6 +2086,10 @@
GrafanaLokiInstallZip = "https://github.com/CortexIntelligentAutomation/observability/releases/download/v2.0.0/Grafana.Loki.Install.zip"
PromtailInstallZip = "https://github.com/CortexIntelligentAutomation/observability/releases/download/v2.0.0/Promtail.Install.zip"
GrafanaDashboardsZip = "https://github.com/CortexIntelligentAutomation/observability/releases/download/v2.0.0/Grafana.Dashboards.zip"
+ [GitHub.Cortex.Observability.2.0.1]
+ GrafanaLokiInstallZip = "https://github.com/CortexIntelligentAutomation/observability/releases/download/v2.0.1/Grafana.Loki.Install.zip"
+ PromtailInstallZip = "https://github.com/CortexIntelligentAutomation/observability/releases/download/v2.0.1/Promtail.Install.zip"
+ GrafanaDashboardsZip = "https://github.com/CortexIntelligentAutomation/observability/releases/download/v2.0.1/Grafana.Dashboards.zip"
[Grafana]
MainDoc = "https://grafana.com/"
[Grafana.Products.Grafana]
@@ -2121,6 +2133,7 @@
MainDoc = "https://letsencrypt.org/"
[Microsoft]
[Microsoft.Downloads.Windows]
+ Server2022 = "https://www.microsoft.com/en-US/evalcenter/evaluate-windows-server-2022?filetype=ISO"
Server2019 = "https://www.microsoft.com/en-US/evalcenter/evaluate-windows-server-2019?filetype=ISO"
Server2016 = "https://www.microsoft.com/en-US/evalcenter/evaluate-windows-server-2016?filetype=ISO"
[MimeKit]
@@ -2348,6 +2361,7 @@
2016 = "https://www.microsoft.com/en-us/download/details.aspx?id=103447"
[MSEval]
[MSEval.WindowsServer]
+ 2022 = "https://www.microsoft.com/en-US/evalcenter/evaluate-windows-server-2022?filetype=ISO"
2019 = "https://www.microsoft.com/en-US/evalcenter/evaluate-windows-server-2019?filetype=ISO"
2016 = "https://www.microsoft.com/en-US/evalcenter/evaluate-windows-server-2016?filetype=ISO"
[MSEval.SQLServer]