PXC-4584 [DOCS] Add info on Pro builds for PXC 8.4.3 (#193)

* PXC-4584 [DOCS] Add info on Pro builds for PXC 8.4.3
	new file:   docs/fips.md
	new file:   docs/install-pro.md
	new file:   docs/pro-files.md
	new file:   docs/pxc-pro.md
	modified:   mkdocs-base.yml
	new file:   snippets/pro-build-announcement.md

* Update mkdocs-base.yml

docs/apt.md

@@ -4,7 +4,7 @@ Specific information on the supported platforms, products, and versions
 is described in [Percona Software and Platform Lifecycle](https://www.percona.com/services/policies/percona-software-platform-lifecycle#mysql).
 
 The packages are available in the official Percona software repository
-and on the [download page](https://www.percona.com/downloads/Percona-XtraDB-Cluster-80/LATEST/).
+and on the [download page](https://www.percona.com/mysql/software/percona-xtradb-cluster).
 It is recommended to install Percona XtraDB Cluster from the official repository
 using APT.
 

docs/fips.md

@@ -0,0 +1,72 @@
+# FIPS compliance
+
+--8<--- "pro-build-announcement.md"
+
+The Federal Information Processing Standards (FIPS) are a set of U.S. government standards that ensure the security of computer systems for non-military government agencies and contractors. These standards specify how to perform cryptographic operations, such as encryption, hashing, and digital signatures. FIPS mode is a mode of operation that enforces these standards and rejects any non-compliant algorithms or parameters.
+
+Percona XtraDB Cluster implements the same level of FIPS support as Percona Server for MySQL. Percona XtraDB Cluster can run in FIPS mode if a FIPS-enabled OpenSSL library and FIPS Object Module are available at runtime or if compiled using a FIPS-validated version of OpenSSL. You can also receive this functionality by [building Percona XtraDB Cluster from source code](compile.md).
+
+## Prerequisites
+
+To prepare Percona XtraDB Cluster for FIPS certification, do the following:
+
+* Check that your operating system includes FIPS pre-approved OpenSSL library in version 3.0.x or higher. The following distributions includes FIPS pre-approved OpenSSL library in version 3.0.x or higher:
+
+    * RedHat Enterprise Linux 9 and derivatives
+
+    * Oracle Linux 9
+
+    The following distributions also includes OpenSSL library in version 3.0.x but do not have FIPS-approved crypto provider installed by default (you can build the crypto provider from the source for testing):
+
+    * Debian 12
+
+    * Ubuntu 22.04 Pro (the OpenSSL FIPS 140-3 certification is under implementation)
+
+        !!! note
+
+            If you enable FIPS on Ubuntu Pro with `$ sudo pro enable fips-updates` and then disable FIPS with `$ sudo pro disable fips-updates`, Percona XtraDB Cluster may stop operating properly. For example, if you disable FIPS on Ubuntu Pro with `$ sudo pro disable fips-updates` and enable the FIPS mode on Percona XtraDB Cluster with `ssl-fips-mode=ON`, Percona XtraDB Cluster may not load the SSL certificate.
+
+* Deploy [Percona XtraDB Cluster from the Pro build](pxc-pro.md), which is built and tested on operating systems with FIPS pre-approved OpenSSL packages.
+
+## The FIPS mode variables
+
+Percona XtraDB Cluster uses the same variables and values as Percona Server for MySQL. Percona XtraDB Cluster enables control of FIPS mode on the server side and the client side:
+
+* The `ssl_fips_mode` system variable shows whether the server operates in FIPS mode. This variable is disabled by default.
+
+    The `ssl_fips_mode` system variable has these values:
+
+    * `0` - disables FIPS mode
+    * `1` - enables FIPS mode. The exact behavior of the enabled FIPS mode depends on the OpenSSL version. The server only specifies the FIPS value to OpenSSL.
+    * `2` - enables `strict` FIPS mode. This value provides more restrictions than the `1 ` value. The exact behavior of the `strict` FIPS mode depends on the OpenSSL version. The server only specifies the FIPS value to OpenSSL.
+
+* The `--ssl-fips-mode` client/server option controls whether a given client operates in FIPS mode. This setting does not change the server setting. This option is disabled by default.
+
+    The `--ssl-fips-mode` client/server option has these values:
+
+    * `OFF` - disables FIPS mode
+    * `ON` - enables FIPS mode. The exact behavior of the enabled FIPS mode depends on the OpenSSL version. The server only specifies the FIPS value to OpenSSL.
+    * `STRICT` - enables `strict` FIPS mode. This value provides more restrictions than the `ON` value. The exact behavior of the `strict` FIPS mode depends on the OpenSSL version. The server only specifies the FIPS value to OpenSSL.
+
+    The server operation in FIPS mode does not depend on which crypto module (regular or FIPS-approved) is set as the default in the OpenSSL configuration file. The server always respects the value of `--ssl-fips-mode` server command line option (`OFF`, `ON`, or `STRICT`). The `ssl_fips_mode` global system variable is read-only and cannot be changed at runtime.
+
+### Enable the FIPS mode
+
+To enable the FIPS mode, pass `--ssl-fips-mode=ON` or `--ssl-fips-mode=STRICT` to mysqld as a command line argument or add `ssl-fips-mode=ON` or `--ssl-fips-mode=STRICT` to the configuration file. Ignore the warning that the `--ssl-fips-mode` client/server option is deprecated.
+
+## Check that FIPS mode is enabled
+
+To ensure that the FIPS mode is enabled, do the following:
+
+* Pass `--log-error-verbosity=3` to mysqld as a command line argument or add `log-error-verbosity=3` to the configuration file.
+
+* Check that the error log contains the following message:
+
+    ```{.text .no-copy}
+    A FIPS-approved version of the OpenSSL cryptographic library has been detected in the operating system with a properly configured FIPS module available for loading. Percona XtraDB Cluster will load this module and run in FIPS mode.
+    ```
+
+## Next steps
+
+[Install Percona XtraDB Cluster Pro :material-arrow-right:](install-pro.md){.md-button}
+

docs/install-pro.md

@@ -0,0 +1,119 @@
+# Install Percona XtraDB Cluster Pro
+
+This document provides guidelines how to install Pro packages of Percona XtraDB Cluster from Percona repositories. [Check files in packages built for Percona XtraDB Cluster Pro :material-arrow-right:](pro-files.md){.md-button}
+
+## Prerequisites
+
+--8<--- "pro-build-announcement.md"
+
+* You need to have root access on the node where you will be installing Percona XtraDB Cluster (either logged in as a user with root privileges or be able to run commands with sudo).
+
+* Make sure that the following ports are not blocked by firewall or used by other software. Percona XtraDB Cluster requires them for communication.
+
+    * 3306
+
+
+    * 4444
+
+
+    * 4567
+
+
+    * 4568
+
+!!! admonition "See also"
+
+    For more information, see [Enabling AppArmor](apparmor.md#apparmor).
+
+## Procedure
+
+1. Request the access to the pro repository from Percona Support. You will receive the client ID and the access token which you use when downloading the packages.
+
+2. Configure the repository and install Percona XtraDB Cluster packages
+
+    === "On Debian or Ubuntu"
+
+        1. Use the apt package manager to dowload `percona-release`
+
+            ```{.bash .data-prompt="$"}
+            $ sudo apt update
+            ```
+
+        2. Install the necessary packages
+
+            ```{.bash .data-prompt="$"}
+            $ sudo apt install -y wget gnupg2 lsb-release curl
+            ```
+        
+        3. Download the `percona-release` repository package
+
+            ```{.bash .data-prompt="$"}
+            $  wget https://repo.percona.com/apt/percona-release_latest.generic_all.deb
+            ```
+
+        4. Install the package with `dpkg`:
+
+            ```{.bash .data-prompt="$"}
+            $ sudo dpkg -i percona-release_latest.generic_all.deb
+            ```
+
+        5. Refresh the local cache to update the package information
+
+            ```{.bash .data-prompt="$"}
+            $ sudo apt update
+            ```
+        
+        6. Enable the specific percona-release product
+
+            ```{.bash .data-prompt="$"}
+            $ sudo percona-release setup pxc-84-pro --user_name=<Your PRO repository user name> --repo_token=<Your PRO repository token>
+            ```
+
+        7.  Install the cluster:
+
+            ```{.bash .data-prompt="$"}
+            $ sudo apt install -y percona-xtradb-cluster-pro-84
+            ```
+
+            Install other required packages. [Check files in the DEB package built for Percona XtraDB Cluster 8.4](apt-files.md).
+
+    === "On RHEL or derivatives"
+
+        ```{.bash data-prompt="$"}
+        $ sudo yum install https://repo.percona.com/yum/percona-release-latest.noarch.rpm
+        $ sudo percona-release setup pxc-84-pro --user_name=<Your PRO repository user name> --repo_token=<Your PRO repository token>
+        $ sudo yum install percona-xtradb-cluster-pro-84
+        ```
+
+        ### After installation
+
+        After the installation, start the `mysql` service and find the temporary password using the `grep` command. 
+
+        ```{.bash data-prompt="$"}
+        $ sudo service mysql start
+        $ sudo grep 'temporary password' /var/log/mysqld.log
+        ```
+
+        Use the temporary password to log into the server:
+
+        ```{.bash data-prompt="$"}
+        $ mysql -u root -p
+        ```
+
+        Run an `ALTER USER` statement to change the temporary password, exit the client, and stop the service.
+
+        ```{.bash data-prompt="$"}
+        mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'rootPass';
+        mysql> exit
+        $ sudo service mysql stop
+        ```
+
+## Upgrade to Percona XtraDB Cluster Pro
+
+If you already use Percona XtraDB Cluster, you can upgrade to Percona XtraDB Cluster Pro.
+
+First, install the latest version of Percona XtraDB Cluster, enable the pro repository, and install the pro packages.
+
+## Next step
+
+[Enable the FIPS mode :material-arrow-right:](fips.md){.md-button}

docs/pro-files.md

@@ -0,0 +1,45 @@
+# Files in packages built for Percona XtraDB Cluster Pro
+
+--8<--- "pro-build-announcement.md"
+
+## Files in the DEB package
+
+| Package                      | Contains                                                                                                                                                                        |
+|------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+|libperconaserverclient22-dev   |The development package for the Percona Server client library version 22.|
+|libperconaserverclient22    |The client library package for Percona Server version 22.|
+|percona-xtradb-cluster-client-pro     |Client libraries and tools to connect to and interact with a Percona XtraDB Cluster.   |
+|percona-xtradb-cluster-garbd-pro-debug      |The debug build of the Galera Arbitrator (garbd).  |
+|percona-xtradb-cluster-garbd-pro    |Contains the garbd daemon.  |
+|percona-xtradb-cluster-pro-common    |Contains shared resources required for the Percona XtraDB Cluster.    |
+|percona-xtradb-cluster-pro-dbg   |Contains debugging symbols and tools to assist with troubleshooting and analyzing issues within the cluster.  |
+|percona-xtradb-cluster-pro-full       |The complete set of tools and features for deployment, management, and optimization.           |
+|percona-xtradb-cluster-pro-source      | Percona XtraDB Cluster source code.   |
+|percona-xtradb-cluster-pro      |The core component of Percona XtraDB Cluster.      |
+|percona-xtradb-cluster-server-pro-debug      |The debug symbols. |
+|percona-xtradb-cluster-server-pro       |The core server component.   |
+|percona-xtradb-cluster-test-pro       |A set of testing and validation tools for ensuring the health, performance, and reliability.     |
+
+## Files in the RPM package
+
+| Package                      | Contains                                                                                                                                                                        |
+|------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+|percona-xtradb-cluster-client-pro   |Client libraries and tools to connect to and interact with a Percona XtraDB Cluster.   |
+|percona-xtradb-cluster-client-pro-debuginfo    |The debug symbols and other information essential for troubleshooting and debugging client-side issues. |
+|percona-xtradb-cluster-devel-pro     |Header files needed to compile software using the client library.    |
+|percona-xtradb-cluster-garbd-pro      |Contains the garbd daemon.                                             |
+|percona-xtradb-cluster-garbd-pro-debuginfo    | The debug symbols for the garbd daemon.  |
+|percona-xtradb-cluster-icu-data-files    |The ICU data files .        |
+|percona-xtradb-cluster-mysql-router-pro   |Used to deploy and manage MySQL Router. |
+|percona-xtradb-cluster-mysql-router-pro-debuginfo | The debug symbols and additional information to help with diagnosing and debugging issues with MySQL Router. |
+|percona-xtradb-cluster-pro       | The core component of Percona XtraDB Cluster.  |
+|percona-xtradb-cluster-pro-debuginfo       | The debug symbols.                                                   |
+|percona-xtradb-cluster-pro-debugsource       |The debug source code.   |
+|percona-xtradb-cluster-pro-full       | The complete set of tools and features for deployment, management, and optimization.   |
+|percona-xtradb-cluster-server-pro       |The core server component.   |
+|percona-xtradb-cluster-server-pro-debuginfo       |The debug symbols for the server component.     |
+|percona-xtradb-cluster-shared-pro       |Shared libraries and components for the server, client, and other utilities within the cluster.   |
+|percona-xtradb-cluster-shared-pro-debuginfo       |The debug symbols for the shared libraries.     |
+|percona-xtradb-cluster-test-pro       |A set of testing and validation tools for ensuring the health, performance, and reliability.   |
+|percona-xtradb-cluster-test-pro-debuginfo       | A debugging package that contains additional debug symbols and information specifically designed for the test components.|
+

docs/pxc-pro.md

@@ -0,0 +1,20 @@
+# Percona XtraDB Cluster Pro
+
+--8<--- "pro-build-announcement.md"
+
+## Capabilities
+
+Find the list of capabilities available in Percona XtraDB Cluster Pro:
+
+| Name                                | Version | Description  | 
+| ----------------------------------- | ------------- | -------------|
+| [FIPS compliance](fips.md)| 8.4.3-3 | FIPS compliance enables all commercial cloud service providers who want to sell and increase their presence for US government entities. |
+
+## What's in it for you?
+
+* Save on deploying and maintaining build infrastructure as we do the build and testing for you 
+* Longer support for older versions of operating systems.  
+
+[Install Percona XtraDB Cluster Pro](install-pro.md){.md-button}
+
+Community users can receive all these capabilities by [building Percona XtraDB Cluster from the same source code](compile.md).

mkdocs-base.yml

@@ -145,6 +145,13 @@ extra:
 
 nav:
   - Home: index.md
+  - Percona XtraDB Cluster PRO:
+      - pxc-pro.md
+      - Install Percona XtraDB Cluster Pro:
+        - install-pro.md
+        - pro-files.md
+      - Pro build features:
+        - fips.md
   - get-help.md
   - Release notes:
       - Release notes index: release-notes/release-notes_index.md

snippets/pro-build-announcement.md

@@ -0,0 +1,3 @@
+Percona XtraDB Cluster Pro includes the [capabilities](pxc-pro.md#capabilities) that are typically requested by large enterprises. Percona XtraDB Cluster Pro contains packages created and tested by Percona. These packages are supported only for Percona Customers with a subscription.
+
+[Become a Percona Customer](https://www.percona.com/about/contact){.md-button}