MicrosoftDocs
diff --git a/‎articles/aks/ingress-tls.md
Lines changed: 182 additions & 8 deletions b/‎articles/aks/ingress-tls.md
Lines changed: 182 additions & 8 deletions
diff --git a/‎articles/azure-monitor/app/platforms.md
Lines changed: 1 addition & 0 deletions b/‎articles/azure-monitor/app/platforms.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎articles/marketplace/.openpublishing.redirection.marketplace.json
Lines changed: 5 additions & 0 deletions b/‎articles/marketplace/.openpublishing.redirection.marketplace.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/marketplace/TOC.yml
Lines changed: 0 additions & 2 deletions b/‎articles/marketplace/TOC.yml
Lines changed: 0 additions & 2 deletions
@@ -26,21 +26,34 @@ You can also:
 
 ## Before you begin
 
-This article assumes that you have an existing AKS cluster. If you need an AKS cluster, see the AKS quickstart [using the Azure CLI][aks-quickstart-cli] or [using the Azure portal][aks-quickstart-portal].
+This article assumes that you have an existing AKS cluster. If you need an AKS cluster, see the AKS quickstart [using the Azure CLI][aks-quickstart-cli], [using Azure PowerShell][aks-quickstart-powershell] or [using the Azure portal][aks-quickstart-portal].
 
 This article also assumes you have [a custom domain][custom-domain] with a [DNS Zone][dns-zone] in the same resource group as your AKS cluster.
 
 This article uses [Helm 3][helm] to install the NGINX ingress controller on a [supported version of Kubernetes][aks-supported versions]. Make sure that you are using the latest release of Helm and have access to the `ingress-nginx` and `jetstack` Helm repositories. The steps outlined in this article may not be compatible with previous versions of the Helm chart, NGINX ingress controller, or Kubernetes.
 
 For more information on configuring and using Helm, see [Install applications with Helm in Azure Kubernetes Service (AKS)][use-helm]. For upgrade instructions, see the [Helm install docs][helm-install].
 
-This article also requires that you are running the Azure CLI version 2.0.64 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI][azure-cli-install].
+### [Azure CLI](#tab/azure-cli)
 
 In addition, this article assumes you have an existing AKS cluster with an integrated ACR. For more details on creating an AKS cluster with an integrated ACR, see [Authenticate with Azure Container Registry from Azure Kubernetes Service][aks-integrated-acr].
 
+This article also requires that you are running the Azure CLI version 2.0.64 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI][azure-cli-install].
+
+### [Azure PowerShell](#tab/azure-powershell)
+
+In addition, this article assumes you have an existing AKS cluster with an integrated ACR. For more details on creating an AKS cluster with an integrated ACR, see [Authenticate with Azure Container Registry from Azure Kubernetes Service][aks-integrated-acr-ps].
+
+This article also requires that you're running Azure PowerShell version 5.9.0 or later. Run `Get-InstalledModule -Name Az` to find the version. If you need to install or upgrade, see [Install Azure PowerShell][azure-powershell-install].
+
+---
 ## Import the images used by the Helm chart into your ACR
 
-This article uses the [NGINX ingress controller Helm chart][ingress-nginx-helm-chart], which relies on three container images. Use `az acr import` to import those images into your ACR.
+This article uses the [NGINX ingress controller Helm chart][ingress-nginx-helm-chart], which relies on three container images. 
+
+### [Azure CLI](#tab/azure-cli)
+
+Use `az acr import` to import those images into your ACR.
 
 ```azurecli
 REGISTRY_NAME=<REGISTRY_NAME>
@@ -65,6 +78,37 @@ az acr import --name $REGISTRY_NAME --source $CERT_MANAGER_REGISTRY/$CERT_MANAGE
 az acr import --name $REGISTRY_NAME --source $CERT_MANAGER_REGISTRY/$CERT_MANAGER_IMAGE_CAINJECTOR:$CERT_MANAGER_TAG --image $CERT_MANAGER_IMAGE_CAINJECTOR:$CERT_MANAGER_TAG
 ```
 
+### [Azure PowerShell](#tab/azure-powershell)
+
+```azurepowershell
+$RegistryName = "<REGISTRY_NAME>"
+$ResourceGroup = (Get-AzContainerRegistry | Where-Object {$_.name -eq $RegistryName} ).ResourceGroupName
+$ControllerRegistry = "k8s.gcr.io"
+$ControllerImage = "ingress-nginx/controller"
+$ControllerTag = "v1.0.4"
+$PatchRegistry = "docker.io"
+$PatchImage = "jettech/kube-webhook-certgen"
+$PatchTag = "v1.5.1"
+$DefaultBackendRegistry = "k8s.gcr.io"
+$DefaultBackendImage = "defaultbackend-amd64"
+$DefaultBackendTag = "1.5"
+$CertManagerRegistry = "quay.io"
+$CertManagerTag = "v1.3.1"
+$CertManagerImageController = "jetstack/cert-manager-controller"
+$CertManagerImageWebhook = "jetstack/cert-manager-webhook"
+$CertManagerImageCaInjector = "jetstack/cert-manager-cainjector"
+
+Import-AzContainerRegistryImage -ResourceGroupName $ResourceGroup -RegistryName $RegistryName -SourceRegistryUri $ControllerRegistry -SourceImage "${ControllerImage}:${ControllerTag}"
+Import-AzContainerRegistryImage -ResourceGroupName $ResourceGroup -RegistryName $RegistryName -SourceRegistryUri $PatchRegistry -SourceImage "${PatchImage}:${PatchTag}"
+Import-AzContainerRegistryImage -ResourceGroupName $ResourceGroup -RegistryName $RegistryName -SourceRegistryUri $DefaultBackendRegistry -SourceImage "${DefaultBackendImage}:${DefaultBackendTag}"
+Import-AzContainerRegistryImage -ResourceGroupName $ResourceGroup -RegistryName $RegistryName -SourceRegistryUri $CertManagerRegistry -SourceImage "${CertManagerImageController}:${CertManagerTag}"
+Import-AzContainerRegistryImage -ResourceGroupName $ResourceGroup -RegistryName $RegistryName -SourceRegistryUri $CertManagerRegistry -SourceImage "${CertManagerImageWebhook}:${CertManagerTag}"
+Import-AzContainerRegistryImage -ResourceGroupName $ResourceGroup -RegistryName $RegistryName -SourceRegistryUri $CertManagerRegistry -SourceImage "${CertManagerImageCaInjector}:${CertManagerTag}"
+
+```
+
+---
+
 > [!NOTE]
 > In addition to importing container images into your ACR, you can also import Helm charts into your ACR. For more information, see [Push and pull Helm charts to an Azure container registry][acr-helm].
 
@@ -80,6 +124,8 @@ The ingress controller also needs to be scheduled on a Linux node. Windows Serve
 > [!TIP]
 > If you would like to enable [client source IP preservation][client-source-ip] for requests to containers in your cluster, add `--set controller.service.externalTrafficPolicy=Local` to the Helm install command. The client source IP is stored in the request header under *X-Forwarded-For*. When using an ingress controller with client source IP preservation enabled, TLS pass-through will not work.
 
+### [Azure CLI](#tab/azure-cli)
+
 ```console
 # Add the ingress-nginx repository
 helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
@@ -108,6 +154,44 @@ helm install nginx-ingress ingress-nginx/ingress-nginx \
     --set defaultBackend.image.digest=""
 ```
 
+### [Azure PowerShell](#tab/azure-powershell)
+
+```azurepowershell
+# Create a namespace for your ingress resources
+kubectl create namespace ingress-basic
+
+# Add the ingress-nginx repository
+helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
+
+# Set variable for ACR location to use for pulling images
+$AcrUrl = "$RegistryName.azurecr.io"
+
+# Get the SHA256 digest of the controller and patch images
+$ControllerDigest = (Get-AzContainerRegistryTag -RegistryName $RegistryName -RepositoryName $ControllerImage -Name $ControllerTag).Attributes.digest
+$PatchDigest = (Get-AzContainerRegistryTag -RegistryName $RegistryName -RepositoryName $PatchImage -Name $PatchTag).Attributes.digest
+
+# Use Helm to deploy an NGINX ingress controller
+helm install nginx-ingress ingress-nginx/ingress-nginx `
+    --namespace ingress-basic `
+    --set controller.replicaCount=2 `
+    --set controller.nodeSelector."kubernetes\.io/os"=linux `
+    --set controller.image.registry=$AcrUrl `
+    --set controller.image.image=$ControllerImage `
+    --set controller.image.tag=$ControllerTag `
+    --set controller.image.digest=$ControllerDigest `
+    --set controller.admissionWebhooks.patch.nodeSelector."kubernetes\.io/os"=linux `
+    --set controller.admissionWebhooks.patch.image.registry=$AcrUrl `
+    --set controller.admissionWebhooks.patch.image.image=$PatchImage `
+    --set controller.admissionWebhooks.patch.image.tag=$PatchTag `
+    --set controller.admissionWebhooks.patch.image.digest=$PatchDigest `
+    --set defaultBackend.nodeSelector."kubernetes\.io/os"=linux `
+    --set defaultBackend.image.registry=$AcrUrl `
+    --set defaultBackend.image.image=$DefaultBackendImage `
+    --set defaultBackend.image.tag=$DefaultBackendTag
+```
+
+---
+
 During the installation, an Azure public IP address is created for the ingress controller. This public IP address is static for the life-span of the ingress controller. If you delete the ingress controller, the public IP address assignment is lost. If you then create an additional ingress controller, a new public IP address is assigned. If you wish to retain the use of the public IP address, you can instead [create an ingress controller with a static public IP address][aks-ingress-static-tls].
 
 To get the public IP address, use the `kubectl get service` command. It takes a few minutes for the IP address to be assigned to the service.
@@ -123,16 +207,35 @@ No ingress rules have been created yet. If you browse to the public IP address,
 
 ## Add an A record to your DNS zone
 
+### [Azure CLI](#tab/azure-cli)
+
 Add an *A* record to your DNS zone with the external IP address of the NGINX service using [az network dns record-set a add-record][az-network-dns-record-set-a-add-record].
 
-```console
+```azurecli
 az network dns record-set a add-record \
     --resource-group myResourceGroup \
     --zone-name MY_CUSTOM_DOMAIN \
     --record-set-name "*" \
     --ipv4-address MY_EXTERNAL_IP
 ```
 
+### [Azure PowerShell](#tab/azure-powershell)
+
+Add an *A* record to your DNS zone with the external IP address of the NGINX service using [New-AzDnsRecordSet][new-az-dns-recordset-create-a-record].
+
+```azurepowershell
+$Records = @()
+$Records += New-AzDnsRecordConfig -IPv4Address <External IP>
+New-AzDnsRecordSet -Name "*" `
+    -RecordType A `
+    -ResourceGroupName <Name of Resource Group for the DNS Zone> `
+    -ZoneName <Custom Domain Name> `
+    -TTL 3600
+    -DnsRecords $Records
+```
+
+---
+
 ### Configure an FQDN for the ingress controller
 Optionally, you can configure an FQDN for the ingress controller IP address instead of a custom domain.  Your FQDN will be of the form `<CUSTOM LABEL>.<AZURE REGION NAME>.cloudapp.azure.com`.
 
@@ -141,6 +244,8 @@ There are two methods for this configuration described below.
 #### Method 1: Set the DNS label using the Azure CLI
 Note that this sample is for a Bash shell.
 
+### [Azure CLI](#tab/azure-cli)
+
 ```bash
 # Public IP address of your ingress controller
 IP="MY_EXTERNAL_IP"
@@ -158,11 +263,32 @@ az network public-ip update --ids $PUBLICIPID --dns-name $DNSNAME
 az network public-ip show --ids $PUBLICIPID --query "[dnsSettings.fqdn]" --output tsv
  ```
 
+### [Azure PowerShell](#tab/azure-powershell)
+
+```azurepowershell
+# Public IP address of your ingress controller
+$AksIpAddress = "MY_EXTERNAL_IP"
+
+# Get the Public IP Address for the ingress controller
+$PublicIp = Get-AzPublicIpAddress | Where-Object {$_.IpAddress -eq $AksIpAddress}
+
+# Update public ip address with DNS name
+$PublicIp.DnsSettings = @{"DomainNameLabel" = "demo-aks-ingress"}
+$UpdatedPublicIp = Set-AzPublicIpAddress -PublicIpAddress $publicIp
+
+# Display the FQDN
+Write-Output $UpdatedPublicIp.DnsSettings.Fqdn
+```
+
+---
+
 #### Method 2: Set the DNS label using helm chart settings
 You can pass an annotation setting to your helm chart configuration by using the `--set controller.service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"` parameter.  This can be set either when the ingress controller is first deployed, or it can be configured later.
 The following example shows how to update this setting after the controller has been deployed.
 
-```
+### [Azure CLI](#tab/azure-cli)
+
+```bash
 DNS_LABEL="demo-aks-ingress"
 NAMESPACE="nginx-basic"
 
@@ -172,13 +298,29 @@ helm upgrade ingress-nginx ingress-nginx/ingress-nginx \
 
 ```
 
+### [Azure PowerShell](#tab/azure-powershell)
+
+```azurepowershell
+$DnsLabel = "demo-aks-ingress"
+$Namespace = "nginx-basic"
+
+helm upgrade ingress-nginx ingress-nginx/ingress-nginx \
+  --namespace $Namespace \
+  --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"=$DnsLabel
+
+```
+
+---
+
 ## Install cert-manager
 
 The NGINX ingress controller supports TLS termination. There are several ways to retrieve and configure certificates for HTTPS. This article demonstrates using [cert-manager][cert-manager], which provides automatic [Lets Encrypt][lets-encrypt] certificate generation and management functionality.
 
 To install the cert-manager controller:
 
-```console
+### [Azure CLI](#tab/azure-cli)
+
+```bash
 # Label the ingress-basic namespace to disable resource validation
 kubectl label namespace ingress-basic cert-manager.io/disable-validation=true
 
@@ -202,6 +344,34 @@ helm install cert-manager jetstack/cert-manager \
   --set cainjector.image.tag=$CERT_MANAGER_TAG
 ```
 
+### [Azure PowerShell](#tab/azure-powershell)
+
+```azurepowershell
+# Label the ingress-basic namespace to disable resource validation
+kubectl label namespace ingress-basic cert-manager.io/disable-validation=true
+
+# Add the Jetstack Helm repository
+helm repo add jetstack https://charts.jetstack.io
+
+# Update your local Helm chart repository cache
+helm repo update
+
+# Install the cert-manager Helm chart
+helm install cert-manager jetstack/cert-manager `
+  --namespace ingress-basic `
+  --version $CertManagerTag `
+  --set installCRDs=true `
+  --set nodeSelector."kubernetes\.io/os"=linux `
+  --set image.repository="${AcrUrl}/${CertManagerImageController}" `
+  --set image.tag=$CertManagerTag `
+  --set webhook.image.repository="${AcrUrl}/${CertManagerImageWebhook}" `
+  --set webhook.image.tag=$CertManagerTag `
+  --set cainjector.image.repository="${AcrUrl}/${CertManagerImageCaInjector}" `
+  --set cainjector.image.tag=$CertManagerTag
+```
+
+---
+
 For more information on cert-manager configuration, see the [cert-manager project][cert-manager].
 
 ## Create a CA cluster issuer
@@ -245,7 +415,7 @@ To see the ingress controller in action, run two demo applications in your AKS c
 
 Create a *aks-helloworld-one.yaml* file and copy in the following example YAML:
 
-```yml
+```yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -283,7 +453,7 @@ spec:
 
 Create a *aks-helloworld-two.yaml* file and copy in the following example YAML:
 
-```yml
+```yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -505,6 +675,7 @@ You can also:
 
 <!-- LINKS - external -->
 [az-network-dns-record-set-a-add-record]: /cli/azure/network/dns/record-set/#az_network_dns_record_set_a_add_record
+[new-az-dns-recordset-create-a-record]: /powershell/module/az.dns/new-azdnsrecordset
 [custom-domain]: ../app-service/manage-custom-dns-buy-domain.md#buy-an-app-service-domain
 [dns-zone]: ../dns/dns-getstarted-cli.md
 [helm]: https://helm.sh/
@@ -530,9 +701,12 @@ You can also:
 [aks-http-app-routing]: http-application-routing.md
 [aks-ingress-own-tls]: ingress-own-tls.md
 [aks-quickstart-cli]: kubernetes-walkthrough.md
+[aks-quickstart-powershell]: kubernetes-walkthrough-powershell.md
 [aks-quickstart-portal]: kubernetes-walkthrough-portal.md
 [client-source-ip]: concepts-network.md#ingress-controllers
 [install-azure-cli]: /cli/azure/install-azure-cli
 [aks-supported versions]: supported-kubernetes-versions.md
 [aks-integrated-acr]: cluster-container-registry-integration.md?tabs=azure-cli#create-a-new-aks-cluster-with-acr-integration
+[aks-integrated-acr-ps]: cluster-container-registry-integration.md?tabs=azure-powershell#create-a-new-aks-cluster-with-acr-integration
+[azure-powershell-install]: /powershell/azure/install-az-ps
 [acr-helm]: ../container-registry/container-registry-helm-repos.md
@@ -25,6 +25,7 @@ ms.reviewer: olegan
 
 ### Auto-instrumentation (enable without code changes)
 * [ASP.NET - for web apps hosted with IIS](./status-monitor-v2-overview.md)
+* [ASP.NET Core - for web apps hosted with IIS](./status-monitor-v2-overview.md)
 * [Java](./java-in-process-agent.md)
 
 ### Manual instrumentation / SDK (some code changes required)
 
@@ -205,6 +205,11 @@
             "redirect_url": "/azure/marketplace/azure-vm-use-own-image",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/marketplace/azure-vm-sas-failure-messages.md",
+            "redirect_url": "/azure/marketplace/azure-vm-get-sas-uri",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/marketplace/become-publisher.md",
             "redirect_url": "/azure/marketplace/partner-center-portal/create-account",
 
@@ -223,8 +223,6 @@
         href: azure-vm-image-test.md
       - name: Get SAS URI
         href: azure-vm-get-sas-uri.md
-      - name: SAS failure messages
-        href: azure-vm-sas-failure-messages.md
       - name: VM creation FAQ
         href: azure-vm-faq.yml
       - name: VM certification troubleshooting