Merge pull request #207063 from MikeRayMSFT/20220508-connectivity-proxy

liljack17 · web-flow · commit 19e141a589de · 2022-09-20T08:38:28.000-07:00
Add link to Kubernetes quickstart meet network requirements
diff --git a/articles/azure-arc/data/connectivity.md b/articles/azure-arc/data/connectivity.md
@@ -18,7 +18,7 @@ ms.topic: conceptual
 
 There are multiple options for the degree of connectivity from your Azure Arc-enabled data services environment to Azure. As your requirements vary based on business policy, government regulation, or the availability of network connectivity to Azure, you can choose from the following connectivity modes.
 
-Azure Arc-enabled data services provides you the option to connect to Azure in two different *connectivity modes*: 
+Azure Arc-enabled data services provide you the option to connect to Azure in two different *connectivity modes*: 
 
 - Directly connected 
 - Indirectly connected
@@ -43,7 +43,7 @@ Some Azure-attached services are only available when they can be directly reache
 |**Feature**|**Indirectly connected**|**Directly connected**|
 |---|---|---|
 |**Automatic high availability**|Supported|Supported|
-|**Self-service provisioning**|Supported<br/>Creation can be done through Azure Data Studio, the appropriate CLI, or Kubernetes native tools (helm, kubectl, oc, etc.), or using Azure Arc-enabled Kubernetes GitOps provisioning.|Supported<br/>In addition to the indirectly connected mode creation options, you can also create through the Azure portal, Azure Resource Manager APIs, the Azure CLI, or ARM templates. 
+|**Self-service provisioning**|Supported<br/>Use Azure Data Studio, the appropriate CLI, or Kubernetes native tools like Helm, `kubectl`, or `oc`, or use Azure Arc-enabled Kubernetes GitOps provisioning.|Supported<br/>In addition to the indirectly connected mode creation options, you can also create through the Azure portal, Azure Resource Manager APIs, the Azure CLI, or ARM templates. 
 |**Elastic scalability**|Supported|Supported<br/>|
 |**Billing**|Supported<br/>Billing data is periodically exported out and sent to Azure.|Supported<br/>Billing data is automatically and continuously sent to Azure and reflected in near real time. |
 |**Inventory management**|Supported<br/>Inventory data is periodically exported out and sent to Azure.<br/><br/>Use client tools like Azure Data Studio, Azure Data CLI, or `kubectl` to view and manage inventory locally.|Supported<br/>Inventory data is automatically and continuously sent to Azure and reflected in near real time. As such, you can manage inventory directly from the Azure portal.|
@@ -76,8 +76,10 @@ Some Azure-attached services are only available when they can be directly reache
 There are three connections required to services available on the Internet. These connections include:
 
 - [Microsoft Container Registry (MCR)](#microsoft-container-registry-mcr)
+- [Helm chart (direct connected mode)](#helm-chart-direct-connected-mode)
 - [Azure Resource Manager APIs](#azure-resource-manager-apis)
 - [Azure monitor APIs](#azure-monitor-apis)
+- [Azure Arc data processing service](#azure-arc-data-processing-service)
 
 All HTTPS connections to Azure and the Microsoft Container Registry are encrypted using SSL/TLS using officially signed and verifiable certificates.
 
@@ -111,9 +113,9 @@ Yes
 
 None
 
-### Helm chart used to create data controller in direct connected mode
+### Helm chart (direct connected mode)
 
-The helm chart used to provision the Azure Arc data controller bootstrapper and cluster level objects, such as custom resource definitions, cluster roles, and cluster role bindings, is pulled from an Azure Container Registry.
+The Helm chart used to provision the Azure Arc data controller bootstrapper and cluster level objects, such as custom resource definitions, cluster roles, and cluster role bindings, is pulled from an Azure Container Registry.
 
 #### Connection source
 
@@ -150,18 +152,6 @@ A computer running Azure Data Studio, or Azure CLI that is connecting to Azure.
 
 - `login.microsoftonline.com`
 - `management.azure.com`
-- `san-af-eastus-prod.azurewebsites.net`
-- `san-af-eastus2-prod.azurewebsites.net`
-- `san-af-australiaeast-prod.azurewebsites.net`
-- `san-af-centralus-prod.azurewebsites.net`
-- `san-af-westus2-prod.azurewebsites.net`
-- `san-af-westeurope-prod.azurewebsites.net`
-- `san-af-southeastasia-prod.azurewebsites.net`
-- `san-af-koreacentral-prod.azurewebsites.net`
-- `san-af-northeurope-prod.azurewebsites.net`
-- `san-af-westeurope-prod.azurewebsites.net`
-- `san-af-uksouth-prod.azurewebsites.net`
-- `san-af-francecentral-prod.azurewebsites.net`
 
 #### Protocol
 
@@ -175,6 +165,8 @@ HTTPS
 
 Yes
 
+To use proxy, verify that the agents meet the network requirements. See [Meet network requirements](../kubernetes/quickstart-connect-cluster.md#meet-network-requirements).
+
 #### Authentication 
 
 Azure Active Directory
@@ -219,3 +211,36 @@ Azure Active Directory
 > For now, all browser HTTPS/443 connections to the data controller for running the command `az arcdata dc export` and Grafana and Kibana dashboards are SSL encrypted using self-signed certificates.  A feature will be available in the future that will allow you to provide your own certificates for encryption of these SSL connections.
 
 Connectivity from Azure Data Studio to the Kubernetes API server uses the Kubernetes authentication and encryption that you have established.  Each user that is using Azure Data Studio or CLI must have an authenticated connection to the Kubernetes API to perform many of the actions related to Azure Arc-enabled data services.
+
+### Azure Arc data processing service
+
+Points to the data processing service endpoint in connection 
+
+#### Connection target
+
+- `san-af-eastus-prod.azurewebsites.net`
+- `san-af-eastus2-prod.azurewebsites.net`
+- `san-af-australiaeast-prod.azurewebsites.net`
+- `san-af-centralus-prod.azurewebsites.net`
+- `san-af-westus2-prod.azurewebsites.net`
+- `san-af-westeurope-prod.azurewebsites.net`
+- `san-af-southeastasia-prod.azurewebsites.net`
+- `san-af-koreacentral-prod.azurewebsites.net`
+- `san-af-northeurope-prod.azurewebsites.net`
+- `san-af-westeurope-prod.azurewebsites.net`
+- `san-af-uksouth-prod.azurewebsites.net`
+- `san-af-francecentral-prod.azurewebsites.net`
+
+#### Protocol
+
+HTTPS
+
+#### Can use proxy
+
+Yes
+
+To use proxy, verify that the agents meet the network requirements. See [Meet network requirements](../kubernetes/quickstart-connect-cluster.md#meet-network-requirements).
+
+#### Authentication
+
+None
