Merge pull request #268726 from MicrosoftDocs/main

3/12 11:00 AM IST Publish

Author: Saisang

.openpublishing.redirection.azure-datalake-storage-gen1.json

@@ -289,16 +289,6 @@
             "source_path": "articles/data-lake-store/security-controls-policy.md",
             "redirect_url": "/previous-versions/azure/data-lake-store/security-controls-policy",
             "redirect_document_id": false
-          },
-          {
-            "source_path": "articles/storage/blobs/data-lake-storage-migrate-gen1-to-gen2.md",
-            "redirect_url": "/previous-versions/azure/storage/blobs/data-lake-storage-migrate-gen1-to-gen2",
-            "redirect_document_id": false
-          },
-          {
-            "source_path": "articles/storage/blobs/data-lake-storage-migrate-gen1-to-gen2-azure-portal.md",
-            "redirect_url": "/previous-versions/azure/storage/blobs/data-lake-storage-migrate-gen1-to-gen2-azure-portal",
-            "redirect_document_id": false
           }
 
     ]

.openpublishing.redirection.json

@@ -6705,6 +6705,21 @@
             "redirect_url": "/azure/active-directory/conditional-access/concept-conditional-access-cloud-apps",
             "redirect_document_id": true
         },
+        {
+            "source_path_from_root": "/articles/role-based-access-control/deny-assignments-portal.md",
+            "redirect_url": "/azure/role-based-access-control/deny-assignments",
+            "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/role-based-access-control/deny-assignments-powershell.md",
+            "redirect_url": "/azure/role-based-access-control/deny-assignments",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/role-based-access-control/deny-assignments-rest.md",
+            "redirect_url": "/azure/role-based-access-control/deny-assignments",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/scheduler/scheduler-intro.md",
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",

articles/aks/TOC.yml

@@ -174,6 +174,8 @@
               href: active-passive-solution.md
             - name: Passive-cold
               href: passive-cold-solution.md
+    - name: Deployment and cluster reliability
+      href: best-practices-app-cluster-reliability.md
     - name: Security
       items:
         - name: Authentication and authorization

articles/aks/best-practices-app-cluster-reliability.md

@@ -58,7 +58,7 @@ Microsoft provides technical support for the following examples:
   * Connectivity to other Azure services and applications
   * Ingress controllers and ingress or load balancer configurations
   * Network performance and latency
-  * [Network policies](use-network-policies.md#differences-between-azure-network-policy-manager-and-calico-network-policy-and-their-capabilities)
+  * [Network policies](use-network-policies.md#compare-azure-network-policy-manager-and-calico-network-policy)
 
 > [!NOTE]
 > Any cluster actions taken by Microsoft/AKS are made with your consent under a built-in Kubernetes role `aks-service` and built-in role binding `aks-service-rolebinding`. This role enables AKS to troubleshoot and diagnose cluster issues, but can't modify permissions nor create roles or role bindings, or other high privilege actions. Role access is only enabled under active support tickets with just-in-time (JIT) access.

articles/aks/support-policies.md

@@ -8,7 +8,7 @@ ms.custom: fasttrack-edit, devx-track-azurecli, devx-track-azurepowershell
 
 # Manage system node pools in Azure Kubernetes Service (AKS)
 
-In Azure Kubernetes Service (AKS), nodes of the same configuration are grouped together into *node pools*. Node pools contain the underlying VMs that run your applications. System node pools and user node pools are two different node pool modes for your AKS clusters. System node pools serve the primary purpose of hosting critical system pods such as `CoreDNS` and `metrics-server`. User node pools serve the primary purpose of hosting your application pods. However, application pods can be scheduled on system node pools if you wish to only have one pool in your AKS cluster. Every AKS cluster must contain at least one system node pool with at least one node.
+In Azure Kubernetes Service (AKS), nodes of the same configuration are grouped together into *node pools*. Node pools contain the underlying VMs that run your applications. System node pools and user node pools are two different node pool modes for your AKS clusters. System node pools serve the primary purpose of hosting critical system pods such as `CoreDNS` and `metrics-server`. User node pools serve the primary purpose of hosting your application pods. However, application pods can be scheduled on system node pools if you wish to only have one pool in your AKS cluster. Every AKS cluster must contain at least one system node pool with at least two nodes.
 
 > [!Important]
 > If you run a single system node pool for your AKS cluster in a production environment, we recommend you use at least three nodes for the node pool.
@@ -47,10 +47,10 @@ System node pools have the following restrictions:
 * System node pools must support at least 30 pods as described by the [minimum and maximum value formula for pods][maximum-pods].
 * System pools osType must be Linux.
 * User node pools osType may be Linux or Windows.
-* System pools must contain at least one node, and user node pools may contain zero or more nodes.
-* System node pools require a VM SKU of at least 2 vCPUs and 4GB memory. 
+* System pools must contain at least two nodes, and user node pools may contain zero or more nodes.
+* System node pools require a VM SKU of at least 4 vCPUs and 4GB memory.
 * [B series VMs][b-series-vm] are not supported for system node pools. 
-* A minimum of two nodes 4 vCPUs is recommended (for example, Standard_DS4_v2), especially for large clusters (Multiple CoreDNS Pod replicas, 3-4+ add-ons, etc.).
+* A minimum of three nodes of 8 vCPUs or two nodes of at least 16 vCPUs is recommended (for example, Standard_DS4_v2), especially for large clusters (Multiple CoreDNS Pod replicas, 3-4+ add-ons, etc.).
 * Spot node pools require user node pools.
 * Adding another system node pool or changing which node pool is a system node pool *does not* automatically move system pods. System pods can continue to run on the same node pool, even if you change it to a user node pool. If you delete or scale down a node pool running system pods that were previously a system node pool, those system pods are redeployed with preferred scheduling to the new system node pool.
 
@@ -69,36 +69,36 @@ You can do the following operations with node pools:
 
 ### [Azure CLI](#tab/azure-cli)
 
-When you create a new AKS cluster, you automatically create a system node pool with a single node. The initial node pool defaults to a mode of type system. When you create new node pools with `az aks nodepool add`, those node pools are user node pools unless you explicitly specify the mode parameter.
+When you create a new AKS cluster, the initial node pool defaults to a mode of type `system`. When you create new node pools with `az aks nodepool add`, those node pools are user node pools unless you explicitly specify the mode parameter.
 
 The following example creates a resource group named *myResourceGroup* in the *eastus* region.
 
 ```azurecli-interactive
 az group create --name myResourceGroup --location eastus
 ```
 
-Use the [az aks create][az-aks-create] command to create an AKS cluster. The following example creates a cluster named *myAKSCluster* with one dedicated system pool containing one node. For your production workloads, ensure you're using system node pools with at least three nodes. This operation may take several minutes to complete.
+Use the [az aks create][az-aks-create] command to create an AKS cluster. The following example creates a cluster named *myAKSCluster* with one dedicated system pool containing two nodes. For your production workloads, ensure you're using system node pools with at least three nodes. This operation may take several minutes to complete.
 
 ```azurecli-interactive
 # Create a new AKS cluster with a single system pool
-az aks create -g myResourceGroup --name myAKSCluster --node-count 1 --generate-ssh-keys
+az aks create -g myResourceGroup --name myAKSCluster --node-count 2 --generate-ssh-keys
 ```
 
 ### [Azure PowerShell](#tab/azure-powershell)
 
-When you create a new AKS cluster, you automatically create a system node pool with a single node. The initial node pool defaults to a mode of type system. When you create new node pools with `New-AzAksNodePool`, those node pools are user node pools. A node pool's mode can be [updated at any time][update-node-pool-mode].
+When you create a new AKS cluster, the initial node pool defaults to a mode of type `system`. When you create new node pools with `New-AzAksNodePool`, those node pools are user node pools. A node pool's mode can be [updated at any time][update-node-pool-mode].
 
 The following example creates a resource group named *myResourceGroup* in the *eastus* region.
 
 ```azurepowershell-interactive
 New-AzResourceGroup -ResourceGroupName myResourceGroup -Location eastus
 ```
 
-Use the [New-AzAksCluster][new-azakscluster] cmdlet to create an AKS cluster. The following example creates a cluster named *myAKSCluster* with one dedicated system pool containing one node. For your production workloads, ensure you're using system node pools with at least three nodes. The create operation may take several minutes to complete.
+Use the [New-AzAksCluster][new-azakscluster] cmdlet to create an AKS cluster. The following example creates a cluster named *myAKSCluster* with one dedicated system pool containing two nodes. For your production workloads, ensure you're using system node pools with at least three nodes. The create operation may take several minutes to complete.
 
 ```azurepowershell-interactive
 # Create a new AKS cluster with a single system pool
-New-AzAksCluster -ResourceGroupName myResourceGroup -Name myAKSCluster -NodeCount 1 -GenerateSshKey
+New-AzAksCluster -ResourceGroupName myResourceGroup -Name myAKSCluster -NodeCount 2 -GenerateSshKey
 ```
 
 ---

articles/aks/use-network-policies.md

@@ -111,7 +111,7 @@ To learn more about Windows containers on AKS, see the following resources:
 [azure-cni-choose-network-model]: ./azure-cni-overlay.md#choosing-a-network-model-to-use
 [network-concepts-for-aks-applications]: ./concepts-network.md
 [windows-vs-linux]: ./windows-vs-linux-containers.md
-[azurenpm-vs-calico]: ./use-network-policies.md#differences-between-azure-network-policy-manager-and-calico-network-policy-and-their-capabilities
+[azurenpm-vs-calico]: ./use-network-policies.md#compare-azure-network-policy-manager-and-calico-network-policy
 [network-policies-aks]: ./use-network-policies.md
 [dsr]: ../load-balancer/load-balancer-multivip-overview.md#rule-type-2-backend-port-reuse-by-using-floating-ip
 [upgrade-aks-cluster]: ./upgrade-cluster.md

articles/aks/use-system-pools.md

@@ -30,7 +30,10 @@
         href: manage-apis-azure-cli.md
       - name: Import APIs from API Management
         href: import-api-management-apis.md
-#- name: API governance
+- name: API governance
+  items:
+      - name: Analyze APIs using linting rules
+        href: enable-api-analysis-linting.md
 - name: API discovery and consumption
   items:
       - name: Enable API Center portal