Merge branch 'main' into cloud_cluster_creation_reskin

src/current/_config_base.yml

@@ -1,9 +1,11 @@
 algolia:
   application_id: 7RXZLDVR5F
   files_to_exclude:
-  - index.html
-  - index.md
-  - search.html
+    - index.html
+    - index.md
+    - search.html
+    - src/current/v23.1/**
+    - v23.1/**
   index_name: cockroachcloud_docs
   search_api_key: 372a10456f4ed7042c531ff3a658771b
   settings:

src/current/_data/cloud_releases.csv

@@ -75,3 +75,4 @@ date,sha
 2023-12-19,null
 2023-12-21,null
 2024-01-17,null
+2024-01-29,null

src/current/_data/releases.yml

@@ -5385,13 +5385,12 @@
   release_date: '2024-01-17'
   release_type: Production
   cloud_only: true
-  cloud_only_message_short: 'Available in CockroachDB Dedicated. Self-hosted binaries <a href="https://www.cockroachlabs.com/docs/releases/v23.2#v23-2-0">available February 5</a>.'
+  cloud_only_message_short: 'Available in CockroachDB Dedicated. Self-hosted binaries <a href="https://www.cockroachlabs.com/docs/releases/v23.2#v23-2-0">available February 5</a> per the <a href="https://www.cockroachlabs.com/docs/releases/staged-release-process">staged release process</a>.'
   cloud_only_message: >
     CockroachDB v23.2 is now generally available for CockroachDB Dedicated,
-    and is scheduled to be made available for CockroachDB Self-Hosted on February 5, 2024.
+    and is scheduled to be made available for CockroachDB Self-Hosted on February 5, 2024 per the <a href="https://www.cockroachlabs.com/docs/releases/staged-release-process">staged release process</a>.
     For more information, refer to
-    <a href="https://www.cockroachlabs.com/docs/cockroachcloud/create-your-cluster">Create a CockroachDB Dedicated Cluster</a> or
-    <a href="https://www.cockroachlabs.com/docs/cockroachcloud/upgrade-to-v23.2">Upgrade to CockroachDB v23.2</a>.
+    [Upgrade to CockroachDB v23.2](https://www.cockroachlabs.com/docs/cockroachcloud/upgrade-to-v23.2). To connect to a CockroachDB Dedicated cluster on v23.2, refer to [Connect to a CockroachDB Dedicated Cluster](https://www.cockroachlabs.com/docs/cockroachcloud/connect-to-your-cluster).
   go_version: go1.21
   sha: c8ffbdc4eeb3f656085edc33d6965b8f30cd7514
   has_sql_only: true

src/current/_includes/releases/cloud/2024-01-29.md

@@ -0,0 +1,5 @@
+## January 29, 2024
+
+<h3 id="2024-01-29-general-updates"> General updates </h3>
+
+- CockroachDB {{ site.data.products.dedicated }} clusters now [export metrics]({% link cockroachcloud/export-metrics.md %}#the-metricexport-endpoint) to third-party monitoring tool [Prometheus]({% link cockroachcloud/export-metrics.md %}?filters=prometheus-metrics-export). This feature is available in [preview]({% link {{site.current_cloud_version}}/cockroachdb-feature-availability.md %}).

src/current/_includes/releases/v23.2/v23.2.0.md

@@ -14,7 +14,7 @@ This section summarizes the most significant user-facing changes in v23.2.0 and
     - [Observability](#v23-2-0-observability)
     - [Migrations](#v23-2-0-migrations)
     - [Security and compliance](#v23-2-0-security-and-compliance)
-    - [Recovery and I/O](#v23-2-0-recovery-and-io)
+    - [Disaster recovery](#v23-2-0-disaster-recovery)
     - [Deployment and operations](#v23-2-0-deployment-and-operations)
     - [SQL](#v23-2-0-sql)
 - **Additional information**
@@ -62,6 +62,10 @@ This section summarizes the most significant user-facing changes in v23.2.0 and
     }
 </style>
 
+{{ site.data.alerts.callout_info }}
+In CockroachDB Self-Hosted, all available features are free to use unless their description specifies that an Enterprise license is required. For more information, see the [Licensing FAQ](https://www.cockroachlabs.com/docs/stable/licensing-faqs).
+{{ site.data.alerts.end }}
+
 <h4 id="v23-2-0-observability">Observability</h4>
 <table>
     <tr>
@@ -120,7 +124,7 @@ This section summarizes the most significant user-facing changes in v23.2.0 and
             <p class="feature-summary">Customize your own metric dashboard for CockroachDB serverless</p>
             <p class="feature-description">The CockroachDB Cloud console supports additional <a href="https://www.cockroachlabs.com/docs/cockroachcloud/custom-metrics-chart-page">metrics that can be customized</a> in a single dashboard for CockroachDB Serverless.</p>
         </td>
-        <td>All<sup>>*</sup></td>
+        <td>All<sup>*</sup></td>
         <td class="icon-center">{% include icon-no.html %}</td>
         <td class="icon-center">{% include icon-no.html %}</td>
         <td class="icon-center">{% include icon-yes.html %}</td>
@@ -188,8 +192,8 @@ This section summarizes the most significant user-facing changes in v23.2.0 and
     <!-- Rows for each feature -->
     <tr>
     <td>
-        <p class="feature-summary">Physical Cluster Replication is now available in a public preview</p>
-        <p class="feature-description"><a href="https://www.cockroachlabs.com/docs/v23.2/physical-cluster-replication-overview">Physical Cluster Replication</a> is an asynchonous replication feature that allows your cluster to recover from full-cluster failure with a low RPO and RTO. In 23.2, it is an Enterprise-only Public Preview feature, requiring a CCL license, and only available for self-hosted CockroachDB deployments.</p>
+        <p class="feature-summary">Physical Cluster Replication is now available in Preview</p>
+        <p class="feature-description"><a href="https://www.cockroachlabs.com/docs/v23.2/physical-cluster-replication-overview">Physical Cluster Replication</a> is an asynchonous replication feature that allows your cluster to recover from full-cluster failure with a low RPO and RTO. In 23.2, it is a Preview feature, requiring an <a href="https://www.cockroachlabs.com/docs/v23.2/licensing-faqs">Enterprise license</a>, and only available for self-hosted CockroachDB deployments.</p>
     </td>
     <td>23.2</td>
     <td class="icon-center">{% include icon-yes.html %}</td>
@@ -260,32 +264,6 @@ This section summarizes the most significant user-facing changes in v23.2.0 and
     </tr>
 </table> 
 
-<h4 id="v23-2-0-recovery-and-io">Recovery and I/O</h4>
-
-<table>
-    <tr>
-        <th class="center-align" colspan="1" rowspan="2">Feature</th>
-        <th class="center-align" colspan="4" rowspan="1">Availability</th>
-    </tr>
-    <tr>
-        <th colspan="1" rowspan="1">Ver.</th>
-        <th colspan="1" rowspan="1" style="white-space: nowrap;">Self-Hosted</th>
-        <th colspan="1" rowspan="1">Dedicated</th>
-        <th colspan="1" rowspan="1">Serverless</th>
-    </tr>
-    <!-- Rows for each feature -->
-    <tr>
-        <td>
-            <p class="feature-summary">Physical Cluster Replication is now available in a public preview</p>
-            <p class="feature-description"><a href="https://www.cockroachlabs.com/docs/v23.2/physical-cluster-replication-overview">Physical Cluster Replication</a> is an asynchonous replication feature that allows your cluster to recover from full-cluster failure with a low RPO and RTO. In 23.2, it is an enterprise-only Public Preview feature, requiring a CCL license, and only available for self-hosted CockroachDB deployments.</p>
-        </td>
-        <td>23.2</td>
-        <td class="icon-center">{% include icon-yes.html %}</td>
-        <td class="icon-center">{% include icon-no.html %}</td>
-        <td class="icon-center">{% include icon-no.html %}</td>
-    </tr>
-</table>
-
 <h4 id="v23-2-0-sql">SQL</h4>
 
 <table>
@@ -352,7 +330,7 @@ This section summarizes the most significant user-facing changes in v23.2.0 and
     <tr>
         <td>
             <p class="feature-summary">Column Level Encryption</p>
-            <p class="feature-description">CockroachDB now supports <a href="https://www.cockroachlabs.com/docs/v23.2/column-level-encryption">column-level encryption</a> through a set of built-in functions. This feature allows you to encrypt one or more columns in every row of a database table, and can be useful for compliance scenarios such as adhering to PCI or GDPR.</p>
+            <p class="feature-description">CockroachDB now supports <a href="https://www.cockroachlabs.com/docs/v23.2/column-level-encryption">column-level encryption</a> through a set of built-in functions. This feature allows you to encrypt one or more columns in every row of a database table, and can be useful for compliance scenarios such as adhering to PCI or GDPR. An <a href="https://www.cockroachlabs.com/docs/stable/licensing-faqs">Enterprise license</a> is required.</p>
         </td>
         <td>23.2</td>
         <td class="icon-center">{% include icon-yes.html %}</td>

src/current/_includes/sidebar-all-releases.json

@@ -16,6 +16,12 @@
     "/releases/kubernetes-operator.html"
   ]
 },
+{
+  "title": "Staged Release Process",
+  "urls": [
+    "/releases/staged-release-process.html"
+  ]
+},
 {
   "title": "Release Support Policy",
   "urls": [

src/current/_includes/v22.2/misc/storage-class-glacier-incremental.md

@@ -1,3 +1,5 @@
 {{site.data.alerts.callout_danger}}
-[Incremental backups](take-full-and-incremental-backups.html#incremental-backups) are **not** compatible with the S3 Glacier Flexible Retrieval or Glacier Deep Archive storage classes. Incremental backups require ad-hoc reading of previous backups. The Glacier Flexible Retrieval or Glacier Deep Archive storage classes do not allow immediate access to S3 objects without first restoring the objects. See Amazon's documentation on [Restoring an archived object](https://docs.aws.amazon.com/AmazonS3/latest/userguide/restoring-objects.html) for more detail.
+[Incremental backups]({% link {{ page.version.version }}/take-full-and-incremental-backups.md %}#incremental-backups) are **not** compatible with the [S3 Glacier Flexible Retrieval or Glacier Deep Archive storage classes](https://docs.aws.amazon.com/AmazonS3/latest/userguide//storage-class-intro.html#sc-glacier). Incremental backups require the reading of previous backups on an ad-hoc basis, which is not possible with backup files already in Glacier Flexible Retrieval or Glacier Deep Archive. This is because these storage classes do not allow immediate access to an S3 object without first [restoring the archived objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/restoring-objects.html) to its S3 bucket.
+
+Refer to [Incremental backups and storage classes]({% link {{ page.version.version }}/use-cloud-storage.md %}#incremental-backups-and-archive-storage-classes) for more detail.
 {{site.data.alerts.end}}

src/current/_includes/v23.1/misc/storage-class-glacier-incremental.md

@@ -1,3 +1,5 @@
 {{site.data.alerts.callout_danger}}
-[Incremental backups]({% link {{ page.version.version }}/take-full-and-incremental-backups.md %}#incremental-backups) are **not** compatible with the S3 Glacier Flexible Retrieval or Glacier Deep Archive storage classes. Incremental backups require ad-hoc reading of previous backups. The Glacier Flexible Retrieval or Glacier Deep Archive storage classes do not allow immediate access to S3 objects without first restoring the objects. See Amazon's documentation on [Restoring an archived object](https://docs.aws.amazon.com/AmazonS3/latest/userguide/restoring-objects.html) for more detail.
+[Incremental backups]({% link {{ page.version.version }}/take-full-and-incremental-backups.md %}#incremental-backups) are **not** compatible with the [S3 Glacier Flexible Retrieval or Glacier Deep Archive storage classes](https://docs.aws.amazon.com/AmazonS3/latest/userguide//storage-class-intro.html#sc-glacier). Incremental backups require the reading of previous backups on an ad-hoc basis, which is not possible with backup files already in Glacier Flexible Retrieval or Glacier Deep Archive. This is because these storage classes do not allow immediate access to an S3 object without first [restoring the archived objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/restoring-objects.html) to its S3 bucket.
+
+Refer to [Incremental backups and storage classes]({% link {{ page.version.version }}/use-cloud-storage.md %}#incremental-backups-and-archive-storage-classes) for more detail.
 {{site.data.alerts.end}}

src/current/_includes/v23.2/misc/enterprise-features.md

@@ -20,6 +20,7 @@ Enterprise [`BACKUP`]({% link {{ page.version.version }}/backup.md %}) and resto
 Feature | Description
 --------+-------------------------
 [Encryption at Rest]({% link {{ page.version.version }}/security-reference/encryption.md %}#encryption-at-rest-enterprise) | Enable automatic transparent encryption of a node's data on the local disk using AES in counter mode, with all key sizes allowed. This feature works together with CockroachDB's automatic encryption of data in transit.
+[Column-level encryption]({% link {{ page.version.version }}/column-level-encryption.md %}) | Encrypt specific columns within a table.
 [GSSAPI with Kerberos Authentication]({% link {{ page.version.version }}/gssapi_authentication.md %}) | Authenticate to your cluster using identities stored in an external enterprise directory system that supports Kerberos, such as Active Directory.
 [Cluster Single Sign-on (SSO)]({% link {{ page.version.version }}/sso-sql.md %}) | Grant SQL access to a cluster using JSON Web Tokens (JWTs) issued by an external identity provider (IdP) or custom JWT issuer.
 [Single Sign-on (SSO) for DB Console]({% link {{ page.version.version }}/sso-db-console.md %}) | Grant access to a cluster's DB Console interface using SSO through an IdP that supports OIDC.

src/current/_includes/v23.2/misc/storage-class-glacier-incremental.md

@@ -1,3 +1,5 @@
 {{site.data.alerts.callout_danger}}
-[Incremental backups]({% link {{ page.version.version }}/take-full-and-incremental-backups.md %}#incremental-backups) are **not** compatible with the S3 Glacier Flexible Retrieval or Glacier Deep Archive storage classes. Incremental backups require ad-hoc reading of previous backups. The Glacier Flexible Retrieval or Glacier Deep Archive storage classes do not allow immediate access to S3 objects without first restoring the objects. See Amazon's documentation on [Restoring an archived object](https://docs.aws.amazon.com/AmazonS3/latest/userguide/restoring-objects.html) for more detail.
+[Incremental backups]({% link {{ page.version.version }}/take-full-and-incremental-backups.md %}#incremental-backups) are **not** compatible with the [S3 Glacier Flexible Retrieval or Glacier Deep Archive storage classes](https://docs.aws.amazon.com/AmazonS3/latest/userguide//storage-class-intro.html#sc-glacier). Incremental backups require the reading of previous backups on an ad-hoc basis, which is not possible with backup files already in Glacier Flexible Retrieval or Glacier Deep Archive. This is because these storage classes do not allow immediate access to an S3 object without first [restoring the archived objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/restoring-objects.html) to its S3 bucket.
+
+Refer to [Incremental backups and storage classes]({% link {{ page.version.version }}/use-cloud-storage.md %}#incremental-backups-and-archive-storage-classes) for more detail.
 {{site.data.alerts.end}}

src/current/cockroachcloud/client-certs-dedicated.md

@@ -239,9 +239,7 @@ resource "cockroach_client_ca_cert" "yourclustername" {
 ## Update the CA certificate for a cluster
 
 {{site.data.alerts.callout_danger}}
-Clients must be provisioned with client certificates signed by the new CA prior to the update, or their new connections will be blocked.
-
-This operation also interrupts existing database connections. End users should be informed of a potential service interruption.
+Clients must be provisioned with client certificates signed by the cluster's CA prior to the update, or their new connections will be blocked.
 {{site.data.alerts.end}}
 
 This section shows how to replace the CA certificate used by your cluster for certificate-based client authentication.

src/current/cockroachcloud/cloud-org-sso.md

@@ -113,7 +113,11 @@ Yes. When Cloud Organization SSO is enabled for your CockroachDB {{ site.data.pr
 The following flows are supported:
 
 - The _service provider-initiated flow_, where you initiate configuration of Cloud Organization SSO through the CockroachDB {{ site.data.products.cloud }} Console.
-- An _identity provider-initiated flow_, where you initiate configuration through an IdP such as Okta.
+- The _identity provider-initiated flow_, where you initiate configuration through an IdP such as Okta.
+
+  {{site.data.alerts.callout_info}}
+  To enable the IdP-initiated flow for your CockroachDB Cloud organization, contact [Cockroach Labs support](https://support.cockroachlabs.com/hc).
+  {{site.data.alerts.end}}
 
 #### What default role is assigned to users when autoprovisioning is enabled in a CockroachDB {{ site.data.products.cloud }} organization?
 

src/current/cockroachcloud/configure-cloud-org-sso.md

@@ -154,7 +154,7 @@ To enable autoprovisioning for an SSO authentication method:
 
 ## Add a custom authentication method
 
-You can add a custom authentication method to connect to any IdP that supports [Security Access Markup Language (SAML)](https://wikipedia.org/wiki/Security_Assertion_Markup_Language) or [OpenID Connect (OIDC)](https://openid.net/connect/).
+You can add a custom authentication method to connect to any IdP that supports [OpenID Connect (OIDC)](https://openid.net/connect/) or [Security Access Markup Language (SAML)](https://wikipedia.org/wiki/Security_Assertion_Markup_Language).
 
 ### OIDC
 
@@ -177,7 +177,7 @@ To configure a custom OIDC authentication method:
 
 ### SAML
 
-To configure a custom SAML authentication method:
+To configure a custom SAML authentication method using the service provider-initiated flow, follow these steps. If you need to use the identity provider-initiated flow instead, contact [Cockroach Labs support](https://support.cockroachlabs.com/hc).
 
 1. Log in to your IdP and gather the following information, which you will use to configure CockroachDB {{ site.data.products.cloud }} SSO:<ul><li>Sign-in URL</li><li>Signing certificate</li></ul>
 1. In a separate browser, log in to [CockroachDB {{ site.data.products.cloud }} Console](https://cockroachlabs.cloud) as a user with the [Org Administrator]({% link cockroachcloud/authorization.md %}#org-administrator-legacy) role.