edits to NIM 2.20 docs and install script (#686)

* edits to NIM 2.20 docs and install script

* updates to install script

* edits

* edits to tech spec guide

* fix: Update install-nim-bundle.sh

---------

Co-authored-by: Chetan Jain <[email protected]>

Author: travisamartin

content/includes/nim/installation/optional-steps/disable-metrics-collection.md

@@ -6,6 +6,6 @@ files:
 - content/nim/disconnected/offline-install-guide.md
 ---
 
-If you’re not collecting metrics—because you didn’t install ClickHouse or don’t plan to use it—you must disable metrics collection in the `/etc/nms/nms.conf` file. This setup requires NGINX Agent version {{< lightweight-nim-nginx-agent-version >}}.
+If you’re not collecting metrics — because you didn’t install ClickHouse or don’t plan to use it — you must disable metrics collection in the `/etc/nms/nms.conf` and `/etc/nms/nms-sm-conf.yaml` files. This setup requires NGINX Agent version {{< lightweight-nim-nginx-agent-version >}}.
 
 For instructions, see [Disable metrics collection]({{< ref "nim/system-configuration/configure-clickhouse.md#disable-metrics-collection" >}}).

content/nim/deploy/kubernetes/deploy-using-helm.md

@@ -72,7 +72,7 @@ kubectl create secret docker-registry regcred \
 ### OpenShift
 
 ```shell
-oc new-project nms
+oc new-project nms && \
 oc create secret docker-registry regcred \
   --docker-server=private-registry.nginx.com \
   --docker-username=<NGINX JWT Token> \

content/nim/deploy/vm-bare-metal/install-nim-manual.md

@@ -58,7 +58,7 @@ Follow these steps to download the certificate and private key for NGINX Instanc
 
 Install NGINX Open Source or NGINX Plus on the host where you'll install NGINX Instance Manager. NGINX Instance Manager uses NGINX as a front-end proxy and for managing user access.
 
-- [Installing NGINX and NGINX Plus](https://docs.nginx.com/nginx/admin-guide/installing-nginx/)
+- [Installing NGINX and NGINX Plus]({{< ref "/nginx/admin-guide/installing-nginx/installing-nginx-plus.md" >}})
 
    <br>
 
@@ -88,9 +88,9 @@ Make sure to review the [Technical Specifications]({{< ref "/nim/fundamentals/te
 
 NGINX Instance Manager uses ClickHouse to store metrics, events, alerts, and configuration data.
 
-In 2.20.0, we introduced Lightweight mode, which can skip the ClickHouse installation entirely. It’s ideal if you don’t need monitoring data or want a simpler setup. This reduces system requirements and avoids the work of managing a metrics database. You can add ClickHouse later if your needs change.
+Starting in version 2.20.0, you can run NGINX Instance Manager in Lightweight mode, which skips the ClickHouse installation entirely. This setup works well if you don’t need monitoring data or want to reduce system requirements. It also avoids the effort of managing a metrics database. You can add ClickHouse later if your needs change.
 
-If you don’t need to store metrics, you can skip installing ClickHouse. But you must use NGINX Agent version {{< lightweight-nim-nginx-agent-version >}}, and you must disable metrics collection in the `/etc/nms/nms.conf` file.
+If you don’t need to store metrics, you can skip installing ClickHouse. But you must use NGINX Agent version {{< lightweight-nim-nginx-agent-version >}}, and you must disable metrics collection in the `/etc/nms/nms.conf` and `/etc/nms-sm.conf.yaml` files.
 
 For instructions, see [Disable metrics collection]({{< ref "nim/system-configuration/configure-clickhouse.md#disable-metrics-collection" >}}).
 
@@ -203,7 +203,7 @@ To install NGINX Instance Manager, you need to add the official repository to pu
 1. To upgrade to the latest version of the Instance Manager, run the following command:
 
    ```bash
-   sudo apt-get update
+   sudo apt-get update && \
    sudo apt-get install -y --only-upgrade nms-instance-manager
    ```
 

content/nim/disconnected/add-license-disconnected-deployment.md

@@ -18,7 +18,7 @@ type:
 
 This guide shows you how to add a license to NGINX Instance Manager in a disconnected (offline) environment. In this setup, systems don’t have internet access. You’ll download and apply your subscription’s JSON Web Token (JWT) license, then verify your entitlements with F5.
 
-{{< call-out "tip" "Using the REST API" "" >}}{{< include "nim/how-to-access-nim-api.md" >}}{{</call-out>}}
+{{< call-out "tip" "Using the REST API" "" >}}{{< include "nim/how-to-access-nim-api.md" >}}{{</ call-out >}}
 
 
 ## Before you begin
@@ -39,7 +39,7 @@ To configure NGINX Instance Manager for a disconnected environment, you need to
 ## Add license and submit initial usage report {#add-license-submit-initial-usage-report}
 
 
-{{<tabs name="submit-usage-report">}}
+{{< tabs name="submit-usage-report" >}}
 
 {{%tab name="Bash script (recommended)"%}}
 
@@ -86,7 +86,7 @@ To license NGINX Instance Manager, complete each of the following steps in order
 
 Run these `curl` commands on a system that can access NGINX Instance Manager and connect to `https://product.apis.f5.com/` on port `443`. Replace each placeholder with your specific values.
 
-{{<important>}}The `-k` flag skips SSL certificate validation. Use this only if your NGINX Instance Manager is using a self-signed certificate or if the certificate is not trusted by your system.{{</important>}}
+{{< important >}}The `-k` flag skips SSL certificate validation. Use this only if your NGINX Instance Manager is using a self-signed certificate or if the certificate is not trusted by your system.{{</ important >}}
 
 1. **Add the license to NGINX Instance Manager**:
 
@@ -117,7 +117,7 @@ Run these `curl` commands on a system that can access NGINX Instance Manager and
     --header "referer: https://<NIM-FQDN>/ui/settings/license"
     ```
 
-1. **Update the license configuration on NGINX Instance Manager**:
+1. **Update the license configuration on NGINX Instance Manager (not required in 2.20 or later)**:
 
    This step ensures that the license configuration is fully applied.
 

content/nim/fundamentals/tech-specs.md

@@ -38,36 +38,47 @@ This section outlines the recommendations for NGINX Instance Manager deployments
 
 We recommend using SSDs to enhance storage performance.
 
-{{<bootstrap-table "table table-striped table-bordered">}}
+{{< bootstrap-table "table table-striped table-bordered" >}}
 | Number of Data Plane Instances | CPU    | Memory   | Network   | Storage |
 |--------------------------------|--------|----------|-----------|---------|
 | 10                             | 2 vCPU | 4 GB RAM | 1 GbE NIC | 100 GB  |
 | 100                            | 2 vCPU | 4 GB RAM | 1 GbE NIC | 1 TB    |
 | 1000                           | 4 vCPU | 8 GB RAM | 1 GbE NIC | 3 TB    |
-{{</bootstrap-table>}}
+{{</ bootstrap-table >}}
 
 These values represent the minimum resources needed for deployments that fall under standard configurations.
 
 ### Large NGINX configuration deployments
 
 For environments requiring more resources, **large configurations** are suitable. These configurations can support up to **300 upstream servers** and are designed for enterprise environments or applications handling high traffic and complex configurations, without NGINX App Protect.
 
-{{<bootstrap-table "table table-striped table-bordered">}}
+{{< bootstrap-table "table table-striped table-bordered" >}}
 | Number of Data Plane Instances | CPU    | Memory   | Network   | Storage |
 |--------------------------------|--------|----------|-----------|---------|
 | 50                             | 4 vCPU | 8 GB RAM | 1 GbE NIC | 1 TB    |
 | 250                            | 4 vCPU | 8 GB RAM | 1 GbE NIC | 2 TB    |
-{{</bootstrap-table>}}
+{{</ bootstrap-table >}}
 
 ### NGINX configuration deployments with NGINX App Protect {#system-sizing-app-protect}
 
 If using NGINX App Protect features in NGINX Instance Manager, this requires additional CPU and Memory for policy compilation and security monitoring features. At a minimum, 8gb Memory and 4 CPUs are required for a standard NGINX App Protect use case (under 20 NGINX Plus instances). The requirements are heavily dependent on the number of policies being managed, the frequency of updates and the number of events being that occur in the security monitoring feature.
 
+### Lightweight mode {#lightweight-mode}
+
+(New in 2.20.0) You can run NGINX Instance Manager without installing ClickHouse. This setup is useful if you don’t need monitoring data or prefer a simpler deployment. It reduces system requirements and removes the need to manage a metrics database. You can add ClickHouse later if your needs change. For instructions, see [Disable metrics collection]({{< ref "nim/system-configuration/configure-clickhouse.md#disable-metrics-collection" >}}).
+
+In Lightweight mode, we tested NGINX Instance Manager with ten managed NGINX instances and configuration publishing. It ran with as little as 1 CPU core and 1 GB of memory (without App Protect). When App Protect was enabled, we needed 2 CPU cores and 4 GB of memory to compile policies.
+
+These figures are guidelines only. They reflect the minimum tested configuration and may cause performance issues depending on your setup. For better performance, consider allocating more system resources.
+
+
 ### License and usage reporting only {#reporting-sizing}
 
-This section assumes you've configured NGINX Instance Manager to manage your NGINX instances for licensing and usage reporting only. NGINX commercial license and usage reporting is done in an “unmanaged” way, where NGINX sends a request periodically to NGINX Instance Manager solely for counting purposes. For more information, see how you would [Prepare your environment for reporting]({{< ref "/solutions/about-subscription-licenses.md#set-up-environment" >}}).
+This section applies when you’ve set up NGINX Instance Manager to handle licensing and usage reporting only. In this setup, NGINX instances report license and usage data in an "unmanaged" way. Each instance sends periodic updates to NGINX Instance Manager for counting purposes only.
+
+For details on how to configure this setup, see [Prepare your environment for reporting]({{< ref "/solutions/about-subscription-licenses.md#set-up-environment" >}}).
 
-Therefore, the requirements for NGINX Instance Manager when used solely for licensing and usage reporting are minimal.
+When used only for licensing and usage reporting, NGINX Instance Manager has minimal system requirements. We recommend using [Lightweight mode](#lightweight-mode) in this case to avoid the ClickHouse dependency, especially if you don’t plan to use other features.
 
 {{<bootstrap-table "table table-striped table-bordered">}}
 | Number of Data Plane Instances | CPU    | Memory   | Network   | Storage |

content/nim/system-configuration/configure-clickhouse.md

@@ -13,7 +13,7 @@ type:
 ## Overview
 
 NGINX Instance Manager uses ClickHouse to store metrics, events, alerts, and configuration data.  
-If your setup differs from the default configuration—for example, if you use a custom address, enable TLS, set a password, or turn off metrics—you need to update the `/etc/nms/nms.conf` file.
+If your setup differs from the default configuration — for example, if you use a custom address, enable TLS, set a password, or turn off metrics — you need to update the `/etc/nms/nms.conf` file.
 
 This guide explains how to update those settings so that NGINX Instance Manager can connect to ClickHouse correctly.
 
@@ -38,19 +38,27 @@ Unless otherwise specified in the `/etc/nms/nms.conf` file, NGINX Instance Manag
 
 ## Disable metrics collection
 
-As of version 2.20, NGINX Instance Manager can run without ClickHouse. This lightweight mode reduces system requirements and simplifies installation for users who do not need metrics. To use this setup, you must run NGINX Agent version {{< lightweight-nim-nginx-agent-version >}}.
+Starting in version 2.20, NGINX Instance Manager can run without ClickHouse. This lightweight mode reduces system requirements and simplifies installation for users who don't need metrics. To use this setup, you must run NGINX Agent version `{{< lightweight-nim-nginx-agent-version >}}`.
 
 To disable metrics collection after installing NGINX Instance Manager:
 
-1. Open the configuration file at `/etc/nms/nms.conf`.
-
+1. Open the config file at `/etc/nms/nms.conf`.
+   
 2. In the `[clickhouse]` section, set the following value:
 
    ```yaml
-   enable = false
+   clickhouse:
+      enable = false
    ```
 
-3. Restart the NGINX Instance Manager service:
+3. Open the `/etc/nms/nms-sm-conf.yaml` file and set:
+
+   ```yaml
+   clickhouse:
+      enable = false
+   ```
+
+4. Restart the NGINX Instance Manager service:
 
    ```shell
    sudo systemctl restart nms

static/scripts/install-nim-bundle.sh

@@ -566,14 +566,9 @@ This action deletes all files in the following directories: /etc/nms , /etc/ngin
 getLatestPkgVersionFromRepo(){
     repoUrl=$1
     version=$2
-    pkg_extension=$3
-    if [[ "${pkg_extension}" == "rpm" ]]; then
-        response=$(curl --cert ${NGINX_CERT_PATH} --key ${NGINX_CERT_KEY_PATH} -sL  "${repoUrl}" | awk -F '"' '/href=/ {print $2}' | grep -E "$version"|  sort -t'-' -k4,4V | tac)
-        readarray -t versions < <(printf "%s" "${response}")
-    else
-        response=$(curl --cert ${NGINX_CERT_PATH} --key ${NGINX_CERT_KEY_PATH} -sL  "${repoUrl}" | awk -F '"' '/href=/ {print $2}' | grep -E "$version"|  sort -t'_' -k2,2V | tac)
-        readarray -t versions < <(printf "%s" "${response}")
-    fi
+    sort_fields=$3
+    response=$(curl --cert ${NGINX_CERT_PATH} --key ${NGINX_CERT_KEY_PATH} -sL  "${repoUrl}" | awk -F '"' '/href=/ {print $2}' | grep -E "$version"|  eval sort "$sort_fields" | tac)
+    readarray -t versions < <(printf "%s" "${response}")
     if [ "${#versions[@]}" -eq 0 ]; then
         printf "Package %s not found. See available versions:" "${versions[@]}"
         exit 1;
@@ -602,22 +597,26 @@ package_nim_offline(){
         cd "${TEMP_DIR}/${TARGET_DISTRIBUTION}" || echo "directory ${TEMP_DIR} does not exits"
         if [[ "${USE_NGINX_PLUS}" == "true" ]]; then
             NGINX_PLUS_PACKAGE="^nginx-plus_[0-9]+-([0-9]+)~${OS_DISTRO_MAP[${TARGET_DISTRIBUTION}]}_${OS_ARCH}\.${PKG_EXTENSION}$"
+            SORT_FIELDS="-t'_' -k2,2V"
             if [[ "${PKG_EXTENSION}" == "rpm" ]]; then
                NGINX_PLUS_PACKAGE="^nginx-plus-[0-9]+-([0-9]+)${OS_DISTRO_MAP[${TARGET_DISTRIBUTION}]}\.${PKG_EXTENSION}$"
+               SORT_FIELDS="-t'-' -k3,3V"
             fi
             echo "regex for looking latest version : ${NGINX_PLUS_PACKAGE}"
-            NGINX_PLUS_VERSION=$(getLatestPkgVersionFromRepo "${NGINX_PLUS_REPO[${TARGET_DISTRIBUTION}]}" "${NGINX_PLUS_PACKAGE}" "${PKG_EXTENSION}")
+            NGINX_PLUS_VERSION=$(getLatestPkgVersionFromRepo "${NGINX_PLUS_REPO[${TARGET_DISTRIBUTION}]}" "${NGINX_PLUS_PACKAGE}" "${SORT_FIELDS}")
             echo "latest version for nginx_plus is ${NGINX_PLUS_VERSION}"
             echo "Downloading ${NGINX_PLUS_REPO[${TARGET_DISTRIBUTION}]}/${NGINX_PLUS_VERSION}...."
             curl -sfLO --cert ${NGINX_CERT_PATH} --key ${NGINX_CERT_KEY_PATH} "${NGINX_PLUS_REPO[${TARGET_DISTRIBUTION}]}/${NGINX_PLUS_VERSION}"
             check_last_command_status "curl -sfLO --cert ${NGINX_CERT_PATH} --key ${NGINX_CERT_KEY_PATH} \"${NGINX_PLUS_REPO[${TARGET_DISTRIBUTION}]}/${NGINX_PLUS_VERSION}\"" $?
         else
             NGINX_OSS_PACKAGE="^nginx_[0-9]+\.[0-9]+\.[0-9]+-([0-9]+)~${OS_DISTRO_MAP[${TARGET_DISTRIBUTION}]}_${OS_ARCH}\.${PKG_EXTENSION}$"
+            SORT_FIELDS="-t'_' -k2,2V"
             if [[ "${PKG_EXTENSION}" == "rpm" ]]; then
               NGINX_OSS_PACKAGE="^nginx-[0-9]+\.[0-9]+\.[0-9]+-([0-9]+)${OS_DISTRO_MAP[${TARGET_DISTRIBUTION}]}\.${PKG_EXTENSION}$"
+               SORT_FIELDS="-t'-' -k2,2V"
             fi
             echo "fetching latest version using ${NGINX_OSS_PACKAGE}"
-            NGINX_OSS_VERSION=$(getLatestPkgVersionFromRepo "${NGINX_REPO[${TARGET_DISTRIBUTION}]}" "${NGINX_OSS_PACKAGE}" "${PKG_EXTENSION}")
+            NGINX_OSS_VERSION=$(getLatestPkgVersionFromRepo "${NGINX_REPO[${TARGET_DISTRIBUTION}]}" "${NGINX_OSS_PACKAGE}" "${SORT_FIELDS}")
             echo "latest version for nginx is ${NGINX_OSS_VERSION}"
             echo "Downloading ${NGINX_REPO[${TARGET_DISTRIBUTION}]}/${NGINX_OSS_VERSION}...."
             curl -sfLO "${NGINX_REPO[${TARGET_DISTRIBUTION}]}/${NGINX_OSS_VERSION}"
@@ -649,10 +648,12 @@ package_nim_offline(){
             check_last_command_status "curl -sfLO \"${CLICKHOUSE_CLIENT_PATH}\"" $?
         fi
         NIM_PACKAGE_PATH="^nms-instance-manager_[0-9]+\.[0-9]+\.[0-9]+-([0-9]+)~${OS_DISTRO_MAP[${TARGET_DISTRIBUTION}]}_${OS_ARCH}\.${PKG_EXTENSION}$"
+        SORT_FIELDS="-t'_' -k2,2V"
         if [[ "${PKG_EXTENSION}" == "rpm" ]]; then
            NIM_PACKAGE_PATH="^nms-instance-manager-[0-9]+\.[0-9]+\.[0-9]+-([0-9]+)${OS_DISTRO_MAP[${TARGET_DISTRIBUTION}]}\.${PKG_EXTENSION}$"
+           SORT_FIELDS="-t'-' -k4,4V"
         fi
-        NIM_PACKAGE_VERSION=$(getLatestPkgVersionFromRepo "${NIM_REPO[${TARGET_DISTRIBUTION}]}" "${NIM_PACKAGE_PATH}" "${PKG_EXTENSION}")
+        NIM_PACKAGE_VERSION=$(getLatestPkgVersionFromRepo "${NIM_REPO[${TARGET_DISTRIBUTION}]}" "${NIM_PACKAGE_PATH}" "${SORT_FIELDS}")
         echo "Latest version for nginx instance manager is ${NIM_PACKAGE_VERSION}...."
         curl -sfLO --cert ${NGINX_CERT_PATH} --key ${NGINX_CERT_KEY_PATH}  "${NIM_REPO[${TARGET_DISTRIBUTION}]}/${NIM_PACKAGE_VERSION}"
         check_last_command_status "curl -sfLO --cert ${NGINX_CERT_PATH} --key ${NGINX_CERT_KEY_PATH}  \"${NIM_REPO[${TARGET_DISTRIBUTION}]}/${NIM_PACKAGE_VERSION}\"" $?