(DOCSP-17256) TLS required for split Horizons (#686)

* (DOCSP-17256) TLS required for split Horizons

* Included tech review from Jack Alder

* Removed optional for the first step

* Address tech review

* Removed one more instance of optional, in the Openshift steps

* Remove tls steps from sharded procedures too

* Edits

Author: JuliaMongo

source/includes/steps-enable-external-sharded.yaml

@@ -16,46 +16,22 @@ replacement:
   k8sExampleFileName: example-sharded-cluster.yaml
   k8sResourceType: sharded-cluster
   k8sExample: |
-
-    .. tabs::
-
-       .. tab:: Without TLS
-          :tabid: k8s-without-tls
-
-          .. literalinclude:: /includes/code-examples/yaml-files/example-sharded-cluster.yaml
-             :language: yaml
-             :start-after: START-exposed-sharded-upper
-             :end-before: END-exposed-sharded-upper
-             :linenos:
-             :lineno-start: 1
-             :copyable: false
-
-          .. literalinclude:: /includes/code-examples/yaml-files/example-sharded-cluster.yaml
-             :language: yaml
-             :start-after: START-exposed-sharded-lower
-             :end-before: END-exposed-sharded-lower
-             :linenos:
-             :lineno-start: 19
-             :emphasize-lines: 1
-
-       .. tab:: With TLS
-          :tabid: k8s-with-tls
-
-          .. literalinclude:: /includes/code-examples/yaml-files/example-sharded-cluster.yaml
-             :language: yaml
-             :start-after: START-exposed-sharded-upper
-             :end-before: END-exposed-sharded-upper
-             :linenos:
-             :lineno-start: 1
-             :copyable: false
-
-          .. literalinclude:: /includes/code-examples/yaml-files/example-sharded-cluster.yaml
-             :language: yaml
-             :start-after: START-exposed-sharded-tls-lower
-             :end-before: END-exposed-sharded-tls-lower
-             :linenos:
-             :lineno-start: 19
-             :emphasize-lines: 1-6
+   
+    .. literalinclude:: /includes/code-examples/yaml-files/example-sharded-cluster.yaml
+       :language: yaml
+       :start-after: START-exposed-sharded-upper
+       :end-before: END-exposed-sharded-upper
+       :linenos:
+       :lineno-start: 1
+       :copyable: false
+
+    .. literalinclude:: /includes/code-examples/yaml-files/example-sharded-cluster.yaml
+       :language: yaml
+       :start-after: START-exposed-sharded-tls-lower
+       :end-before: END-exposed-sharded-tls-lower
+       :linenos:
+       :lineno-start: 19
+       :emphasize-lines: 1-6
 ---
 level: 4
 stepnum: 3
@@ -73,18 +49,7 @@ stepnum: 4
 ref: change-replset-resource
 content: |
 
-    .. tabs::
-
-       .. tab:: Without TLS
-          :tabid: k8s-without-tls
-
-          .. include:: /includes/list-tables/resource-keys-external-access-standalone.rst
-
-
-       .. tab:: With TLS
-          :tabid: k8s-with-tls
-
-          .. include:: /includes/list-tables/resource-keys-external-access-sharded.rst
+   .. include:: /includes/list-tables/resource-keys-external-access-sharded.rst
 
 ---
 level: 4

source/includes/steps-enable-split-horizon-openshift.yaml

@@ -2,7 +2,6 @@
 title: "Deploy a replica set with the |k8s-op-short|."
 stepnum: 1
 level: 4
-optional: true
 ref: pre-deploy-replica-set-openshift
 source:
   file: steps-enable-split-horizon.yaml

source/includes/steps-enable-split-horizon.yaml

@@ -2,28 +2,24 @@
 title: "Deploy a replica set with the |k8s-op-short|."
 stepnum: 1
 level: 4
-optional: true
 ref: pre-deploy-replicaset
 content: |
 
   If you haven't deployed a replica set, follow the instructions to
   :ref:`deploy one <deploy-replica-set>`.
 
-  To simplify the configuration, don't enable |tls| with the
-  :setting:`spec.security.tls.enabled` setting.
+  You must enable |tls| for the replica set with the
+  :setting:`spec.security.tls.enabled` setting. The replica set must use
+  a custom certificate stored with :setting:`spec.security.tls.ca`.
 
 ---
 title: "Add Subject Alternate Names to your |tls| certificates."
 level: 4
 stepnum: 2
-optional: true
 ref: remove-tls-existing-replicasets
 content: |
 
-   If the |k8s-op-short|-deployed replica set has |tls| enabled and 
-   uses a custom certificate stored with 
-   :setting:`spec.security.tls.ca`, 
-   add each external |dns| name to the certificate |san-dns|.
+  Add each external |dns| name to the certificate |san-dns|.
 
 ---
 title: "Create a NodePort for each |k8s-pod|."

source/tutorial/connect-from-outside-k8s.txt

@@ -22,12 +22,8 @@ Prerequisite
 Compatible MongoDB Versions
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-For your databases to be accessed outside of |k8s|, they must run one
-of the following versions of MongoDB:
-
-- 3.6.17 or later
-- 4.0.15 or later
-- 4.2.3 or later
+For your databases to be accessed outside of |k8s|, they must run
+MongoDB 4.2.3 or later.
 
 Procedure
 ---------
@@ -85,52 +81,32 @@ from outside of the |k8s| cluster depends on the resource.
    .. tab::
       :tabid: shard
 
-      This procedure uses the following example:
-
-      .. tabs::
-
-         .. tab:: Without TLS
-            :tabid: k8s-without-tls
-
-            .. literalinclude:: /includes/code-examples/yaml-files/example-sharded-cluster.yaml
-               :language: yaml
-               :start-after: START-exposed-sharded-full
-               :end-before: END-exposed-sharded-full
-               :linenos:
-               :lineno-start: 1
-               :emphasize-lines: 19
-               :copyable: false
-
-         .. tab:: With TLS
-            :tabid: k8s-with-tls
-
-            .. tip:: **Enable Direct Access to MongoDB hosts Using Split Horizons and TLS**
-
-               If the |k8s-op-short| deployed a |tls|\-enabled 
-               sharded cluster, provide the external |dns| names 
-               (|san-dns|\s) for each member.
+      For this procedure, you must deploy a |tls|\-enabled sharded MongoDB
+      cluster in the |k8s-op-short|.
+      Provide the external |dns| names (|san-dns|\s) for each member of
+      the MongoDB sharded cluster.
 
-               The |san-dns| for each MongoDB hosts corresponds to:
+      The |san-dns| for each MongoDB hosts corresponds to:
 
-               .. code-block:: sh
-                  :copyable: false
+      .. code-block:: sh
+         :copyable: false
 
-                  <mdb-resource-name><shard><pod-index>.<external-domain>
-                  <mdb-resource-name><config><pod-index>.<external-domain>
-                  <mdb-resource-name><mongos><pod-index>.<external-domain>
+         <mdb-resource-name><shard><pod-index>.<external-domain>
+         <mdb-resource-name><config><pod-index>.<external-domain>
+         <mdb-resource-name><mongos><pod-index>.<external-domain>
 
-               Each |tls| certificate requires the |fqdn| 
-               (|san-dns|) that corresponds to the |fqdn| that 
-               this host has outside the |k8s| cluster.
+         Each |tls| certificate requires the |fqdn| (|san-dns|) that
+         corresponds to the |fqdn| that this host has outside the
+         sharded cluster deployed with the |k8s-op-short|.
 
-            .. literalinclude:: /includes/code-examples/yaml-files/example-sharded-cluster.yaml
-               :language: yaml
-               :start-after: START-exposed-sharded-tls-full
-               :end-before: END-exposed-sharded-tls-full
-               :linenos:
-               :lineno-start: 1
-               :emphasize-lines: 19-24
-               :copyable: false
+         .. literalinclude:: /includes/code-examples/yaml-files/example-sharded-cluster.yaml
+            :language: yaml
+            :start-after: START-exposed-sharded-tls-full
+            :end-before: END-exposed-sharded-tls-full
+            :linenos:
+            :lineno-start: 1
+            :emphasize-lines: 19-24
+            :copyable: false
 
       To connect to your |k8s-op-short|-deployed MongoDB sharded
       cluster resource from outside of the |k8s| cluster: