apache
diff --git a/‎source/_global.rst‎
Lines changed: 13 additions & 13 deletions b/‎source/_global.rst‎
Lines changed: 13 additions & 13 deletions
diff --git a/‎source/adminguide/virtual_machines.rst‎
Lines changed: 17 additions & 0 deletions b/‎source/adminguide/virtual_machines.rst‎
Lines changed: 17 additions & 0 deletions
diff --git a/‎source/conf.py‎
Lines changed: 2 additions & 1 deletion b/‎source/conf.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎source/releasenotes/about.rst‎
Lines changed: 45 additions & 64 deletions b/‎source/releasenotes/about.rst‎
Lines changed: 45 additions & 64 deletions
@@ -17,27 +17,27 @@
 .. This file contain Variables shared across other .rst files in this project
 
 
-.. _CloudStack Installation Guide: https://docs.cloudstack.apache.org/projects/cloudstack-installation
-.. _CloudStack Administrator's Guide: https://docs.cloudstack.apache.org/projects/cloudstack-administration
+.. _CloudStack Installation Guide: https://docs.cloudstack.apache.org/en/latest/installguide/index.html
+.. _CloudStack Administrator's Guide: https://docs.cloudstack.apache.org/en/latest/adminguide/index.html
 .. _CloudStack Apidocs: https://cloudstack.apache.org/api.html
 
 .. |documentation_home| replace:: https://docs.cloudstack.apache.org/
 
 .. Latest version systemvm template name
 
-.. |sysvm64-version|     replace:: 4.17.2
-.. |sysvm64-name-xen|    replace:: systemvm-xenserver-4.17.2
-.. |sysvm64-name-kvm|    replace:: systemvm-kvm-4.17.2
-.. |sysvm64-name-vmware| replace:: systemvm-vmware-4.17.2
-.. |sysvm64-name-hyperv| replace:: systemvm-hyperv-4.17.2
-.. |sysvm64-name-ovm|    replace:: systemvm-ovm-4.17.2
+.. |sysvm64-version|     replace:: 4.18.0
+.. |sysvm64-name-xen|    replace:: systemvm-xenserver-4.18.0
+.. |sysvm64-name-kvm|    replace:: systemvm-kvm-4.18.0
+.. |sysvm64-name-vmware| replace:: systemvm-vmware-4.18.0
+.. |sysvm64-name-hyperv| replace:: systemvm-hyperv-4.18.0
+.. |sysvm64-name-ovm|    replace:: systemvm-ovm-4.18.0
 
 .. Latest version systemvm template URL
-.. |sysvm64-url-xen|    replace:: http://download.cloudstack.org/systemvm/4.17/systemvmtemplate-4.17.2-xen.vhd.bz2
-.. |sysvm64-url-kvm|    replace:: http://download.cloudstack.org/systemvm/4.17/systemvmtemplate-4.17.2-kvm.qcow2.bz2
-.. |sysvm64-url-vmware| replace:: http://download.cloudstack.org/systemvm/4.17/systemvmtemplate-4.17.2-vmware.ova
-.. |sysvm64-url-hyperv| replace:: http://download.cloudstack.org/systemvm/4.17/systemvmtemplate-4.17.2-hyperv.vhd.zip
-.. |sysvm64-url-ovm|    replace:: http://download.cloudstack.org/systemvm/4.17/systemvmtemplate-4.17.2-ovm.raw.bz2
+.. |sysvm64-url-xen|    replace:: http://download.cloudstack.org/systemvm/4.18/systemvmtemplate-4.18.0-xen.vhd.bz2
+.. |sysvm64-url-kvm|    replace:: http://download.cloudstack.org/systemvm/4.18/systemvmtemplate-4.18.0-kvm.qcow2.bz2
+.. |sysvm64-url-vmware| replace:: http://download.cloudstack.org/systemvm/4.18/systemvmtemplate-4.18.0-vmware.ova
+.. |sysvm64-url-hyperv| replace:: http://download.cloudstack.org/systemvm/4.18/systemvmtemplate-4.18.0-hyperv.vhd.zip
+.. |sysvm64-url-ovm|    replace:: http://download.cloudstack.org/systemvm/4.18/systemvmtemplate-4.18.0-ovm.raw.bz2
 
 .. Version specific: 4.5 systemvm template URL
 .. |acs45-sysvm64-url-xen|    replace:: https://download.cloudstack.org/systemvm/4.5/systemvm64template-4.5-xen.vhd.bz2
 
@@ -230,6 +230,23 @@ To access a VM directly over the network:
    Forwarding and Firewalling” <advanced_zone_config.html#ip-forwarding-and-firewalling>`_.
 
 
+Securing VM Console Access (KVM only)
+-------------------------------------
+
+CloudStack provides a way to secure VNC console access on KVM using the CA Framework certificates to enable TLS on VNC on each KVM host.
+
+To enable TLS on a KVM host, navigate to the host and click on: Provision Host Security Keys (or invoke the provisionCertificate API for the host):
+
+- When a new host is added and it is provisioned with a certificate, TLS will also be enabled for VNC
+- The running VMs on a secured host will continue to be VNC unencrypted unless they are stopped and started.
+- New VMs created on a secured host will be VNC encrypted.
+
+Once the administrator concludes the certificates provisioning on Cloudstack, the VM console access for new VMs on the hosts will be encrypted. CloudStack displays the console of the virtual machines through the noVNC viewer embedded in the console proxy System VMs.
+The CloudStack users will notice the encrypted VNC sessions display a green bar stating the session is encrypted as in the image below. Also, the tab title includes ‘(TLS backend)’ when the session is encrypted.
+
+.. note::
+   CloudStack will give access to the certificates to the group defined on the /etc/libvirt/qemu.conf file (or the last one defined on the file in case of multiple lines setting a group).
+
 Stopping and Starting VMs
 -------------------------
 
 
@@ -20,7 +20,7 @@
 # -- Project information -----------------------------------------------------
 
 project = 'Apache CloudStack'
-copyright = '2012-2022, Apache Foundation'
+copyright = '2012-2023, Apache Foundation'
 author = 'Apache CloudStack Project'
 
 # The short X.Y version
@@ -45,6 +45,7 @@
     'sphinx.ext.doctest',
     'sphinx.ext.intersphinx',
     'sphinx.ext.todo',
+    'sphinx.ext.autosectionlabel',
 ]
 
 # Add any paths that contain templates here, relative to this directory.
 
@@ -17,85 +17,66 @@
 What's New in |release|
 =======================
 
-Apache CloudStack |release| is a 4.17 LTS minor release with about 20 fixes
-since the 4.17.1.0 release.
+Apache CloudStack |release| is the initial 4.18 LTS release. It has over 300 fixes
+and features since the 4.17.2.0 release.
 
 The full list of fixes and improvements can be found in the project release notes at
-https://docs.cloudstack.apache.org/en/4.17.2.0/releasenotes/changes.html
+https://docs.cloudstack.apache.org/en/4.18.0.0/releasenotes/changes.html
 
-What's New in 4.17.1.0
+What's in since 4.18.0.0
 ======================
 
-Apache CloudStack 4.17.1.0 is a 4.17 LTS minor release with over 150 fixes and
-improvements since the 4.17.0.0 release. Highlights include:
-
-• Support for Ubuntu 22.04 LTS as management server and KVM host
-• Improvements for System VM storage migration on KVM
-• CKS cluster upgrade enhancements
-• Several network and VPC related fixes especially related IPv6 and permissions
-• KVM libvirt Java library upgrade
-• KVM Shared Mount Point fix
-• VMware local storage volume migration improvements
-
-The full list of fixes and improvements can be found in the project release notes at
-https://docs.cloudstack.apache.org/en/4.17.1.0/releasenotes/changes.html
-
-What's New in 4.17.0.0
-======================
-
-Apache CloudStack 4.17.0.0 is a 4.17 LTS release with 383 new
-features, improvements and bug fixes since 4.16, including 16 major
+Apache CloudStack 4.18.0.0 is the initial 4.18 LTS release with 300+ new
+features, improvements and bug fixes since 4.17, including 19 major
 new features. Some of the highlights include:
 
-• IPv6 with Static Routing
-• Zero Downtime Upgrades
-• Virtual Router Live Patching
-• CloudStack Status & management
-• User Shared Networks
-• StorPool storage plugin
-• Storage-based Snapshots for KVM Instances
-• Attach and detach features to UI for ROOT disks
-• Enable CloudStack to use multiple LOCAL storage pools
-• Multiple SSH Keys support
-• Reserve and release Public IPs
+• Edge Zones
+• Autoscaling
+• Managed User Data
+• Two-Factor Authentication Framework
+• Support for Time-based OTP (TOTP) Authenticator
+• Volume Encryption
+• SDN Integration – Tungsten Fabric
+• Ceph Multi Monitor Support
+• API-Driven Console Access
+• Console Access Security Improvements
+• New Global settings UI
+• Configurable MTU for VR
+• Adaptative Affinity Groups
+• Custom DNS Servers for Networks
+• Improved Guest OS Support Framework
+• Support for Enterprise Linux 9
+• Networker Backup Plugin for KVM Hypervisor
+• Custom Quota Tariffs
+• Secure VNC for KVM
 
 The full list of new features can be found in the project release notes at
-https://docs.cloudstack.apache.org/en/4.17.0.0/releasenotes/changes.html
-
-Apache CloudStack Advisory on KVM Shared Mount Point issues on version 4.17.0.0
-===============================================================================
-
-On 14th June 2022, a new issue affecting only KVM users using Shared
-Mount Point storage was reported [1]. This issue affects the creation
-and the usage of existing Shared Mount Point storage pools on Apache
-CloudStack 4.17.0.0.
+https://docs.cloudstack.apache.org/en/4.18.0.0/releasenotes/changes.html
 
-Apache CloudStack 4.17.0.0 added support for the StorPool storage
-based on Shared Mount Point. However, the current version of
-CloudStack doesn't allow multiple implementations of Shared Mount
-Point storage pool providers, causing the StorPool provider to
-override the default implementation. This affected the other storage
-pool providers for Shared Mount Point since CloudStack tries to add
-them as a StorPool storage pool.
+.. _guestosids
 
-To mitigate the issue, a CloudStack administrator needs to do the
-following on version 4.17.0.0:
+Possible Issue with Guest OS IDs
+================================
 
-• On each management server: stop the CloudStack management service, remove the Storpool plugin jar on /usr/share/cloudstack-management/lib/cloud-plugin-storage-volume-storpool-4.17.0.0.jar and restart the Cloudstack management service
-• On each KVM host: stop the CloudStack agent service, remove the StorPool plugin jar on /usr/share/cloudstack-agent/lib/cloud-plugin-storage-volume-storpool-4.17.0.0.jar and restart the CloudStack agent service
+It has been noticed during upgrade testing that some environment, where
+custom guest OSses where added and mapping for those OSses where added,
+problems may occur during upgrade. Part of the mitigation is to make sure
+OSses that are newly mapped but should have already been in the guest_os
+table are there. Make sure you apply those before you start the new 4.18
+management server.
 
-Note: This workaround removes the StorPool plugin support. StorPool
-users should not apply the workaround to continue using their Storpool
-storage.
+first check which of the guest_os entries you miss:
 
-This issue will be fixed in the upcoming CloudStack version 4.17.1.0.
+.. parsed-literal::
 
-[1] https://github.com/apache/cloudstack/issues/6455
+  SELECT * FROM cloud.guest_os WHERE display_name IN (´CentOS 8´, ´Debian GNU/Linux 10 (32-bit)´, ´Debian GNU/Linux 10 (64-bit)´, ´SUSE Linux Enterprise Server 15 (64-bit)´, ´Windows Server 2019 (64-bit)´)
 
+Then apply any of the following lines that you might need.
 
-Legacy UI Removal Notice
-========================
+.. parsed-literal::
 
-The legacy UI was deprecated with Apache CloudStack 4.15 release and
-with 4.16 release the legacy UI has been removed. Users are encouraged to
-implement a migration path in their production environments.
+  INSERT INTO cloud.guest_os (uuid, category_id, display_name, created, is_user_defined) VALUES (UUID(), '1', 'CentOS 8', now(), '0');
+  INSERT INTO cloud.guest_os (uuid, category_id, display_name, created, is_user_defined) VALUES (UUID(), '2', 'Debian GNU/Linux 10 (32-bit)', now(), '0');
+  INSERT INTO cloud.guest_os (uuid, category_id, display_name, created, is_user_defined) VALUES (UUID(), '2', 'Debian GNU/Linux 10 (64-bit)', now(), '0');
+  INSERT INTO cloud.guest_os (uuid, category_id, display_name, created, is_user_defined) VALUES (UUID(), '5', 'SUSE Linux Enterprise Server 15 (64-bit)', now(), '0');
+  INSERT INTO cloud.guest_os (uuid, category_id, display_name, created, is_user_defined) VALUES (UUID(), '6', 'Windows Server 2019 (64-bit)', now(), '0');