Merge pull request #284392 from MicrosoftDocs/repo_sync_working_branch

Taojunshen · web-flow · commit 4fc50c31ba46 · 2024-08-13T05:41:47.000+08:00
Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)
diff --git a/articles/container-instances/container-instances-tutorial-deploy-confidential-containers-cce-arm.md b/articles/container-instances/container-instances-tutorial-deploy-confidential-containers-cce-arm.md
@@ -30,15 +30,15 @@ In this tutorial, you learn how to:
 
 In this tutorial, you deploy a Hello World application that generates a hardware attestation report. You start by creating an ARM template with a container group resource to define the properties of this application. You then use this ARM template with the Azure CLI confcom tooling to generate a CCE policy for attestation.
 
-This tutorial uses [this ARM template](https://raw.githubusercontent.com/Azure-Samples/aci-confidential-hello-world/main/template.json?token=GHSAT0AAAAAAB5B6SJ7VUYU3G6MMQUL7KKKY7QBZBA) as an example. To view the source code for this application, see [Azure Container Instances Confidential Hello World](https://aka.ms/ccacihelloworld).
+This tutorial uses [this ARM template](https://raw.githubusercontent.com/microsoft/confidential-container-demos/main/hello-world/ACI/arm-template.json) as an example. To view the source code for this application, see [Azure Confidential Container Instances Hello World](https://github.com/microsoft/confidential-container-demos/tree/main/hello-world/ACI).
 
 The example template adds two properties to the Container Instances resource definition to make the container group confidential:
 
 * `sku`: Enables you to select between confidential and standard container group deployments. If you don't add this property to the resource, the container group will be a standard deployment.
 * `confidentialComputeProperties`: Enables you to pass in a custom CCE policy for attestation of your container group. If you don't add this object to the resource, the software components that run within the container group won't be validated.
 
 > [!NOTE]
-> The `ccePolicy` parameter under `confidentialComputeProperties` is blank. You'll fill it in after you generate the policy later in the tutorial.
+> The `ccePolicy` parameter under `confidentialComputeProperties` is blank. You'll fill it in when you generate the policy later in the tutorial.
 
 Use your preferred text editor to save this ARM template on your local machine as *template.json*.
 
@@ -63,7 +63,7 @@ Use your preferred text editor to save this ARM template on your local machine a
       },
       "image": {
         "type": "string",
-        "defaultValue": "mcr.microsoft.com/aci/aci-confidential-helloworld:v1",
+        "defaultValue": "mcr.microsoft.com/public/acc/samples/aci/helloworld:2.7",
         "metadata": {
           "description": "Container image to deploy. Should be of the form repoName/imagename:tag for images stored in public Docker Hub, or a fully qualified URI for other registries. Images from private registries require additional registry credentials."
         }
@@ -163,16 +163,10 @@ With the ARM template that you crafted and the Azure CLI confcom extension, you
 1. To generate the CCE policy, run the following command by using the ARM template as input:
 
    ```azurecli-interactive
-   az confcom acipolicygen -a .\template.json --print-policy
+   az confcom acipolicygen -a .\template.json
    ```
 
-   When this command finishes, a Base64 string generated as output should appear in the following format. This string is the CCE policy that you copy and paste into your ARM template as the value of the `ccePolicy` property.
-
-   ```output
-   cGFja2FnZSBwb2xpY3kKCmFwaV9zdm4gOj0gIjAuOS4wIgoKaW1wb3J0IGZ1dHVyZS5rZXl3b3Jkcy5ldmVyeQppbXBvcnQgZnV0dXJlLmtleXdvcmRzLmluCgpmcmFnbWVudHMgOj0gWwpdCgpjb250YWluZXJzIDo9IFsKICAgIHsKICAgICAgICAiY29tbWFuZCI6IFsiL3BhdXNlIl0sCiAgICAgICAgImVudl9ydWxlcyI6IFt7InBhdHRlcm4iOiAiUEFUSD0vdXNyL2xvY2FsL3NiaW46L3Vzci9sb2NhbC9iaW46L3Vzci9zYmluOi91c3IvYmluOi9zYmluOi9iaW4iLCAic3RyYXRlZ3kiOiAic3RyaW5nIiwgInJlcXVpcmVkIjogdHJ1ZX0seyJwYXR0ZXJuIjogIlRFUk09eHRlcm0iLCAic3RyYXRlZ3kiOiAic3RyaW5nIiwgInJlcXVpcmVkIjogZmFsc2V9XSwKICAgICAgICAibGF5ZXJzIjogWyIxNmI1MTQwNTdhMDZhZDY2NWY5MmMwMjg2M2FjYTA3NGZkNTk3NmM3NTVkMjZiZmYxNjM2NTI5OTE2OWU4NDE1Il0sCiAgICAgICAgIm1vdW50cyI6IFtdLAogICAgICAgICJleGVjX3Byb2Nlc3NlcyI6IFtdLAogICAgICAgICJzaWduYWxzIjogW10sCiAgICAgICAgImFsbG93X2VsZXZhdGVkIjogZmFsc2UsCiAgICAgICAgIndvcmtpbmdfZGlyIjogIi8iCiAgICB9LApdCmFsbG93X3Byb3BlcnRpZXNfYWNjZXNzIDo9IHRydWUKYWxsb3dfZHVtcF9zdGFja3MgOj0gdHJ1ZQphbGxvd19ydW50aW1lX2xvZ2dpbmcgOj0gdHJ1ZQphbGxvd19lbnZpcm9ubWVudF92YXJpYWJsZV9kcm9wcGluZyA6PSB0cnVlCmFsbG93X3VuZW5jcnlwdGVkX3NjcmF0Y2ggOj0gdHJ1ZQoKCm1vdW50X2RldmljZSA6PSB7ICJhbGxvd2VkIiA6IHRydWUgfQp1bm1vdW50X2RldmljZSA6PSB7ICJhbGxvd2VkIiA6IHRydWUgfQptb3VudF9vdmVybGF5IDo9IHsgImFsbG93ZWQiIDogdHJ1ZSB9CnVubW91bnRfb3ZlcmxheSA6PSB7ICJhbGxvd2VkIiA6IHRydWUgfQpjcmVhdGVfY29udGFpbmVyIDo9IHsgImFsbG93ZWQiIDogdHJ1ZSB9CmV4ZWNfaW5fY29udGFpbmVyIDo9IHsgImFsbG93ZWQiIDogdHJ1ZSB9CmV4ZWNfZXh0ZXJuYWwgOj0geyAiYWxsb3dlZCIgOiB0cnVlIH0Kc2h1dGRvd25fY29udGFpbmVyIDo9IHsgImFsbG93ZWQiIDogdHJ1ZSB9CnNpZ25hbF9jb250YWluZXJfcHJvY2VzcyA6PSB7ICJhbGxvd2VkIiA6IHRydWUgfQpwbGFuOV9tb3VudCA6PSB7ICJhbGxvd2VkIiA6IHRydWUgfQpwbGFuOV91bm1vdW50IDo9IHsgImFsbG93ZWQiIDogdHJ1ZSB9CmdldF9wcm9wZXJ0aWVzIDo9IHsgImFsbG93ZWQiIDogdHJ1ZSB9CmR1bXBfc3RhY2tzIDo9IHsgImFsbG93ZWQiIDogdHJ1ZSB9CnJ1bnRpbWVfbG9nZ2luZyA6PSB7ICJhbGxvd2VkIiA6IHRydWUgfQpsb2FkX2ZyYWdtZW50IDo9IHsgImFsbG93ZWQiIDogdHJ1ZSB9CnNjcmF0Y2hfbW91bnQgOj0geyAiYWxsb3dlZCIgOiB0cnVlIH0Kc2NyYXRjaF91bm1vdW50IDo9IHsgImFsbG93ZWQiIDogdHJ1ZSB9CnJlYXNvbiA6PSB7ImVycm9ycyI6IGRhdGEuZnJhbWV3b3JrLmVycm9yc30K
-   ```
-
-2. Save the changes to your local copy of the ARM template.
+   When this command finishes, a Base64 string generated as output will automatically appear in the `ccePolicy` property of the ARM template. 
 
 ## Deploy the template
 
@@ -228,12 +222,12 @@ In the following steps, you use the Azure portal to review the properties of the
 
     The presence of the attestation report below the Azure Container Instances logo confirms that the container is running on hardware that supports a TEE.
 
-    If you deploy to hardware that doesn't support a TEE (for example, by choosing a region where Container Instances Confidential isn't available), no attestation report appears.
+    If you deploy to hardware that doesn't support a TEE (for example, by choosing a region where Confidential Container Instances isn't available), no attestation report appears.
 
 ## Related content
 
 Now that you've deployed a confidential container group on Container Instances, you can learn more about how policies are enforced:
 
 * [Confidential containers on Azure Container Instances](./container-instances-confidential-overview.md)
 * [Azure CLI confcom extension examples](https://github.com/Azure/azure-cli-extensions/blob/main/src/confcom/azext_confcom/README.md)
-* [Confidential Hello World application](https://aka.ms/ccacihelloworld)
+* [Confidential Hello World application](https://github.com/microsoft/confidential-container-demos/tree/main/hello-world/ACI)
diff --git a/articles/openshift/howto-segregate-machinesets.md b/articles/openshift/howto-segregate-machinesets.md
@@ -89,7 +89,7 @@ apiVersion: machine.openshift.io/v1beta1
 kind: MachineSet
 metadata:
   labels:
-    machine.openshift.io/cluster-api-cluster: XXX-XXX-XXX
+    machine.openshift.io/cluster-api-cluster: <INFRASTRUCTURE_ID>
     machine.openshift.io/cluster-api-machine-role: worker
     machine.openshift.io/cluster-api-machine-type: worker
   name: XXX-XXX-XXX-XXX-XXX
@@ -98,21 +98,21 @@ spec:
   replicas: 1
   selector:
     matchLabels:
-      machine.openshift.io/cluster-api-cluster: XXX-XXX-XXX
-      machine.openshift.io/cluster-api-machineset: XXX-XXX-XXX-XXX-XXX
+      machine.openshift.io/cluster-api-cluster: <INFRASTRUCTURE_ID>
+      machine.openshift.io/cluster-api-machineset: <INFRASTRUCTURE_ID>-infra-<REGION><ZONE>
   template:
     metadata:
       creationTimestamp: null
       labels:
-        machine.openshift.io/cluster-api-cluster: XXX-XXX-XXX
+        machine.openshift.io/cluster-api-cluster: <INFRASTRUCTURE_ID>
         machine.openshift.io/cluster-api-machine-role: worker
         machine.openshift.io/cluster-api-machine-type: worker
-        machine.openshift.io/cluster-api-machineset: XXX-XXX-XXX-XXX-XXX
+        machine.openshift.io/cluster-api-machineset: <INFRASTRUCTURE_ID>-infra-<REGION><ZONE>
     spec:
       metadata:
         creationTimestamp: null
         labels:
-          node-role.kubernetes.io/<role>: ""
+          node-role.kubernetes.io/<role>: ""            #Example: worker,infra
       providerSpec:
         value:
           apiVersion: azureproviderconfig.openshift.io/v1beta1
@@ -123,31 +123,28 @@ spec:
             offer: aro4
             publisher: azureopenshift
             resourceID: ""
-            sku: XXX_XX
-            version: XX.XX.XXX
-          internalLoadBalancer: ""
+            sku: <SKU>
+            version: <VERSION>
           kind: AzureMachineProviderSpec
-          location: useast
+          location: <REGION>
           metadata:
             creationTimestamp: null
           natRule: null
-          networkResourceGroup: XX-XXXXXX
+          networkResourceGroup: <NETWORK_RESOURCE_GROUP>
           osDisk:
             diskSizeGB: 128
             managedDisk:
               storageAccountType: Premium_LRS
             osType: Linux
           publicIP: false
-          publicLoadBalancer: XXX-XXX-XXX
-          resourceGroup: aro-fq5v3vye
-          sshPrivateKey: ""
-          sshPublicKey: ""
-          subnet: XXX-XXX
+          publicLoadBalancer: <LOADBALANCER_NAME>
+          resourceGroup: <CLUSTER_RESOURCE_GROUP>
+          subnet: <SUBNET_NAME> 
           userDataSecret:
             name: worker-user-data
           vmSize: Standard_D4s_v3
-          vnet: XXX-XXX
-          zone: "X"
+          vnet: <VNET_NAME>
+          zone: <ZONE>
 ```
 
 ### Step 5: Apply the machine set
diff --git a/articles/reliability/availability-zones-service-support.md b/articles/reliability/availability-zones-service-support.md
@@ -197,6 +197,7 @@ Azure offerings are grouped into three categories that reflect their _regional_
 | [Azure SignalR](../azure-signalr/availability-zones.md) | ![An icon that signifies this service is zone redundant.](media/icon-zone-redundant.svg) |
 | [Azure Spring Apps](reliability-spring-apps.md#availability-zone-support) | ![An icon that signifies this service is zone redundant.](media/icon-zone-redundant.svg) |
 | Azure Storage: Ultra Disk | ![An icon that signifies this service is zonal.](media/icon-zonal.svg) |
+| [Azure VMware Services](../azure-vmware/architecture-private-clouds.md) | | ![An icon that signifies this service is zonal.](media/icon-zonal.svg) |
 | [Azure Web PubSub](../azure-web-pubsub/concept-availability-zones.md) | ![An icon that signifies this service is zone redundant.](media/icon-zone-redundant.svg) |
 | [Microsoft Fabric](reliability-fabric.md#availability-zone-support) |  ![An icon that signifies this service is zone redundant.](media/icon-zone-redundant.svg)  |
 
diff --git a/articles/virtual-machines/sizes/general-purpose/ddv4-series.md b/articles/virtual-machines/sizes/general-purpose/ddv4-series.md
@@ -19,8 +19,8 @@ ms.reviewer: mattmcinnes
 
 ## Feature support
 
-Premium Storage: Supported<br>
-Premium Storage caching: Supported<br>
+Premium Storage: Not Supported<br>
+Premium Storage caching: Not Supported<br>
 Live Migration: Supported<br>
 Memory Preserving Updates: Supported<br>
 VM Generation Support: Generation 1 and 2<br>
diff --git a/articles/virtual-machines/sizes/general-purpose/ddv5-series.md b/articles/virtual-machines/sizes/general-purpose/ddv5-series.md
@@ -19,8 +19,8 @@ ms.reviewer: mattmcinnes
 
 ## Feature support
 
-Premium Storage: Supported<br>
-Premium Storage caching: Supported<br>
+Premium Storage: Not Supported<br>
+Premium Storage caching: Not Supported<br>
 Live Migration: Supported<br>
 Memory Preserving Updates: Supported<br>
 VM Generation Support: Generation 1 and 2<br>
diff --git a/articles/virtual-machines/sizes/general-purpose/dv5-series.md b/articles/virtual-machines/sizes/general-purpose/dv5-series.md
@@ -19,8 +19,8 @@ ms.reviewer: mattmcinnes
 
 ## Feature support
 
-Premium Storage: Supported<br>
-Premium Storage caching: Supported<br>
+Premium Storage: Not Supported<br>
+Premium Storage caching: Not Supported<br>
 Live Migration: Supported<br>
 Memory Preserving Updates: Supported<br>
 VM Generation Support: Generation 1 and 2<br>
diff --git a/includes/container-instances-tutorial-prerequisites.md b/includes/container-instances-tutorial-prerequisites.md
@@ -25,8 +25,8 @@ You must satisfy the following requirements to complete this tutorial:
 <!-- LINKS - External -->
 [docker-get-started]: https://docs.docker.com/engine/docker-overview/
 [docker-linux]: https://docs.docker.com/engine/installation/#supported-platforms
-[docker-mac]: https://docs.docker.com/docker-for-mac/
-[docker-windows]: https://docs.docker.com/docker-for-windows/
+[docker-mac]: https://docs.docker.com/desktop/install/mac-install/
+[docker-windows]: https://docs.docker.com/desktop/install/windows-install/
 
 <!-- LINKS - Internal -->
 [azure-cli-install]: /cli/azure/install-azure-cli
