OSSM-3796: Refactor adding services to a mesh

modules/ossm-about-adding-namespace.adoc

@@ -0,0 +1,27 @@
+// Module included in the following assemblies:
+//
+// * service_mesh/v2x/installing-ossm.adoc
+
+:_content-type: CONCEPT
+[id="ossm-about-adding-namespace_{context}"]
+= About adding projects to a service mesh
+
+A Kubernetes namespace provides a mechanism to scope resources in a cluster. In {product-title}, a project is essentially a Kubernetes namespace with additional annotations. You can add or remove projects from an existing {SMProductShortName} resource using the web console or the CLI.
+
+There are two methods to add a project to a service mesh:
+
+* Specify a project in the `ServiceMeshMemberRoll` resource.
+
+* Create a `ServiceMeshMember` project in a namespace.
+
+== ServiceMeshMemberRoll method
+
+This is the simplest method to add a project to a service mesh. To add a project this way, specify the project in the `spec.members` field of the `ServiceMeshMemberRoll` resource.   
+
+Adding projects using this methods requires a user to have mesh admin privileges.
+
+== ServiceMeshMember method
+
+`ServiceMeshMember` resources provide a way to add a project to a service mesh without modifying the `ServiceMeshMemberRoll` resource. To add projects this way, you create a `ServiceMeshMember` resource and the resource automatically adds the project in which it resides to the service mesh. 
+
+This method of adding projects to a mesh can be used even when the users performing the task do not have direct access to the service mesh project or the `ServiceMeshMemberRoll` resource.

modules/ossm-add-project-member-roll-resource-cli.adoc

@@ -0,0 +1,50 @@
+// Module included in the following assemblies:
+//
+// * service_mesh/v2x/installing-ossm.adoc
+
+:_content-type: PROCEDURE
+[id="ossm-add-project-member-roll-resource-cli_{context}"]
+= Adding or removing projects from the service mesh using ServiceMeshMemberRoll resource with the CLI
+
+* You can add any number of projects, but a project can only belong to *one* `ServiceMeshMemberRoll` resource.
+
+* The `ServiceMeshMemberRoll` resource is deleted when its corresponding `ServiceMeshControlPlane` resource is deleted.
+
+.Prerequisites
+
+* An installed, verified {SMProductName} Operator.
+* An existing `ServiceMeshMemberRoll` resource.
+* Name of the project with the `ServiceMeshMemberRoll` resource.
+* Names of the projects you want to add or remove from the mesh.
+* Access to the OpenShift CLI (`oc`).
+
+.Procedure
+
+. Log in to the {product-title} CLI.
+
+. Edit the `ServiceMeshMemberRoll` resource.
++
+[source,terminal]
+----
+$ oc edit smmr -n <controlplane-namespace>
+----
++
+
+. Modify the YAML to add or remove projects as members.  You can add any number of projects, but a project can only belong to *one* `ServiceMeshMemberRoll` resource.
+
++
+.Example servicemeshmemberroll-default.yaml
+
+[source,yaml]
+----
+apiVersion: maistra.io/v1
+kind: ServiceMeshMemberRoll
+metadata:
+  name: default
+  namespace: istio-system #control plane project
+spec:
+  members:
+    # a list of projects joined into the service mesh
+    - your-project-name
+    - another-project-name
+----

modules/ossm-add-project-member-roll-resource-console.adoc

@@ -0,0 +1,39 @@
+// Module included in the following assemblies:
+//
+// * service_mesh/v2x/installing-ossm.adoc
+
+:_content-type: PROCEDURE
+[id="ossm-add-project-member-roll-recourse-console_{context}"]
+= Adding or removing projects from the service mesh using ServiceMeshMemberRoll resource with the web console
+
+* You can add any number of projects, but a project can only belong to *one* `ServiceMeshMemberRoll` resource.
+
+* The `ServiceMeshMemberRoll` resource is deleted when its corresponding `ServiceMeshControlPlane` resource is deleted.
+
+.Prerequisites
+* An installed, verified {SMProductName} Operator.
+* An existing `ServiceMeshMemberRoll` resource.
+* Name of the project with the `ServiceMeshMemberRoll` resource.
+* Names of the projects you want to add or remove from the mesh.
+
+.Procedure
+
+. Log in to the {product-title} web console.
+
+. Navigate to *Operators* -> *Installed Operators*.
+
+. Click the *Project* menu and choose the project where your `ServiceMeshControlPlane` resource is deployed from the list, for example `istio-system`.
+
+. Click the {SMProductName} Operator.
+
+. Click the *Istio Service Mesh Member Roll* tab.
+
+. Click the `default` link.
+
+. Click the YAML tab.
+
+. Modify the YAML to add or remove projects as members.  You can add any number of projects, but a project can only belong to *one* `ServiceMeshMemberRoll` resource.
+
+. Click *Save*.
+
+. Click *Reload*.

modules/ossm-adding-project-using-smm-resource-cli.adoc

@@ -0,0 +1,42 @@
+// Module included in the following assemblies:
+//
+// * service_mesh/v2x/ossm-create-mesh.adoc
+
+:_content-type: PROCEDURE
+[id="ossm-adding-project-using-smm-resource-cli_{context}"]
+= Adding a project to the service mesh using the ServiceMeshMember resource 
+
+.Prerequisites
+* An installed, verified {SMProductName} Operator.
+* An existing `ServiceMeshMemberRoll` resource.
+* Name of the project with the `ServiceMeshMemberRoll` resource.
+* Names of the projects you want to add or remove from the mesh.
+* A service mesh administrator must explicitly grant access to the service mesh. Administrators can grant users permissions to access the mesh by assigning them the `mesh-user` user role.
+
+.Procedure
+
+. Log in to the {product-title} CLI.
+
+. Edit the `ServiceMeshMemberRoll` resource.
++
+[source,terminal]
+----
+$ oc edit smmr -n <controlplane-namespace>
+----
+
+. Modify the YAML file for the `ServiceMeshMember` manifest so it adds the `my-application` project namespace to the service mesh that was created by the SMCP resource deployed in the `istio-system` namespace.
++
+[source,yaml]
+----
+apiVersion: maistra.io/v1
+kind: ServiceMeshMemberRoll
+metadata:
+  name: default
+  namespace: my application
+spec:
+  controlPlaneRef:
+    namespace: istio-system
+    name: basic
+----
+
+After the `ServiceMeshMemberRoll` resource is created, you can verify the project namespace is part of the mesh by confirming the `my-application` namespace is displayed in the `status.members` and `status.configuredMembers` fields of the `ServiceMeshMemberRoll` resource.

modules/ossm-adding-project-using-smm-resource-console.adoc

@@ -0,0 +1,31 @@
+// Module included in the following assemblies:
+//
+// * service_mesh/v2x/ossm-create-mesh.adoc
+
+:_content-type: PROCEDURE
+[id="ossm-adding-project-using-smm-resource-console_{context}"]
+= Adding a project to the service mesh using the ServiceMeshMember resource with the web console
+
+.Prerequisites
+* An installed, verified {SMProductName} Operator.
+* An existing `ServiceMeshMemberRoll` resource.
+* Name of the project with the `ServiceMeshMemberRoll` resource.
+* Names of the projects you want to add or remove from the mesh.
+* A service mesh administrator must explicitly grant access to the service mesh. Administrators can grant users permissions to access the mesh by assigning them the `mesh-user` user role.
+
+.Procedure
+
+. Log in to the {product-title} web console.
+
+. Navigate to *Operators* -> *Installed Operators*.
+
+. Click the *Project* menu and choose the project where your `ServiceMeshControlPlane` resource is deployed from the drop-down list. For example `istio-system`.
+
+. Click the {SMProductName} Operator.
+
+. Click the *Istio Service Mesh Member* tab.
+
+. Click *Create ServiceMeshMember*
+
+. Accept the default name for the `ServiceMeshMember`.
+

service_mesh/v2x/ossm-create-mesh.adoc

@@ -17,7 +17,15 @@ After you add the namespace to the `ServiceMeshMemberRoll`, access to services o
 
 include::modules/ossm-member-roll-create.adoc[leveloffset=+1]
 
-include::modules/ossm-member-roll-modify.adoc[leveloffset=+1]
+include::modules/ossm-about-adding-namespace.adoc[leveloffset=+1]
+
+include::modules/ossm-add-project-member-roll-resource-console.adoc[leveloffset=+1]
+
+include::modules/ossm-add-project-member-roll-resource-cli.adoc[leveloffset=+1]
+
+include::modules/ossm-adding-project-using-smm-resource-cli.adoc[leveloffset=+1]
+
+include::modules/ossm-adding-project-using-smm-resource-console.adoc[leveloffset=+1]
 
 include::modules/ossm-tutorial-bookinfo-overview.adoc[leveloffset=+1]