Minor updates based on feedback

Author: schaffererin

articles/aks/aks-zone-resiliency.md

@@ -3,7 +3,7 @@ title: Zone resiliency considerations for Azure Kubernetes Service (AKS)
 titleSuffix: Azure Kubernetes Service
 description: Learn about the various considerations for zone resiliency in Azure Kubernetes Service (AKS).
 ms.topic: conceptual
-ms.date: 04/25/2024
+ms.date: 05/01/2024
 author: schaffererin
 ms.author: schaffererin
 ---
@@ -88,7 +88,7 @@ For more information, see [Kubernetes Pod Topology Spread Constraints](https://k
 
 If you have pods that serve network traffic, you should load balance traffic across multiple AZs to ensure that your application is highly available and resilient to failures. You can use [Azure Load Balancer](../load-balancer/load-balancer-overview.md) to distribute incoming traffic across the nodes in your AKS cluster.
 
-Azure Load Balancer supports both internal and external load balancing, and you can configure it to use a *Standard SKU* for zone-redundant load balancing. The Standard SKU supports AZs, zone resiliency, and cross-region load balancing to ensure your application isn't impacted by a region failure. In the event of a zone down scenario, a zone-redundant Standard SKU load balancer isn't impacted by the failure and enables your deployments to continue serving traffic from the remaining zones.
+Azure Load Balancer supports both internal and external load balancing, and you can configure it to use a *Standard SKU* for zone-redundant load balancing. The Standard SKU supports AZs, zone resiliency, and cross-region load balancing to ensure your application isn't impacted by a region failure. In the event of a zone down scenario, a zone-redundant Standard SKU load balancer isn't impacted by the failure and enables your deployments to continue serving traffic from the remaining zones. Standard SKU load balancers also support cross-region load balancing to ensure that your application isn't impacted by regional failures.
 
 To create a Standard SKU load balancer in AKS, see [Use a standard load balancer in Azure Kubernetes Service (AKS)](./load-balancer-standard.md).
 
@@ -97,8 +97,8 @@ To create a Standard SKU load balancer in AKS, see [Use a standard load balancer
 To ensure that your application's network traffic is resilient to failures, you should configure AZ-aware networking for your AKS workloads. Azure offers various networking services that support AZs:
 
 * [Azure VPN Gateway](../vpn-gateway/vpn-gateway-about-vpngateways.md): You can deploy VPN and [ExpressRoute](../expressroute/designing-for-high-availability-with-expressroute.md) gateways in Azure AZs to enable better resiliency, scalability, and availability to virtual network gateways. For more information, see [Create a zone-redundant virtual network gateways in availability zones](../vpn-gateway/create-zone-redundant-vnet-gateway.md).
-* [Azure Application Gateway v2](../application-gateway/overview-v2.md): The v2 SKU of Azure Application Gateway supports performance enhancements, including support for zone-redundant deployments. For more information, see [Direct web traffic with Azure Application Gateway](../application-gateway/quick-create-cli.md).
-* [Azure Front Door](../frontdoor/front-door-overview.md): Azure Front Door is a global, scalable entry-point that uses the Microsoft global network to create fast, secure, and resilient applications. It provides a globally distributed network of points of presence (POP). For more information, see [Azure Front Door POP locations](../frontdoor/edge-locations-by-region.md).
+* [Azure Application Gateway v2](../application-gateway/overview-v2.md): Azure Application Gateway provides a regional L7 load balancer with availability zone support. For more information, see [Direct web traffic with Azure Application Gateway](../application-gateway/quick-create-cli.md).
+* [Azure Front Door](../frontdoor/front-door-overview.md): Azure Front Door provides a global L7 load balancer and leverages points of presence (POPs) or Azure Content Delivery Network (CDN). For more information, see [Azure Front Door POP locations](../frontdoor/edge-locations-by-region.md).
 
 > [!IMPORTANT]
 > With [Azure NAT Gateway](../nat-gateway/nat-overview.md), you can create NAT gateways in specific AZs or use a zonal deployment for isolation to specific zones. NAT Gateway supports zonal deployments but not zone-redundant deployments. This might be an issue if you configure an AKS cluster with the outbound type equal to the NAT gateway and the NAT gateway is in a single zone. In this case, if the zone hosting your NAT gateway goes down, your cluster loses outbound connectivity. For more information, see [NAT Gateway and availability zones](../nat-gateway/nat-overview.md#availability-zones).
@@ -109,7 +109,7 @@ To ensure that your container images are highly available and resilient to failu
 
 ### Ensure availability and redundancy for keys and secrets
 
-[Azure Key Vault](../key-vault/general/overview.md) features multiple layers of redundancy to make sure your keys and secrets remain available to your application even if individual components of the service fail, or if Azure regions or AZs are unavailable. For more information, see [Azure Key Vault availability and redundancy](../key-vault/general/disaster-recovery-guidance.md).
+[Azure Key Vault](../key-vault/general/overview.md) provides multiple layers of redundancy to make sure your keys and secrets remain available to your application even if individual components of the service fail, or if Azure regions or AZs are unavailable. For more information, see [Azure Key Vault availability and redundancy](../key-vault/general/disaster-recovery-guidance.md).
 
 ### Leverage autoscaling features
 
@@ -154,7 +154,7 @@ For more information, see [Monitor Azure Kubernetes Service (AKS) with Azure Mon
 
 ### Method 1: Cordon and drain nodes in a single AZ
 
-One way to test your AKS cluster for AZ resiliency is to drain a node in one region and see how it affects traffic until it fails over to another region. This method simulates a real-world scenario where an entire zone is unavailable due to a disaster or outage. To test this scenario, you can use the `kubectl drain` command to gracefully evict all pods from a node and mark it as unschedulable. You can then monitor cluster traffic and performance using tools such as Azure Monitor or Prometheus.
+One way to test your AKS cluster for AZ resiliency is to drain a node in one zone and see how it affects traffic until it fails over to another zone. This method simulates a real-world scenario where an entire zone is unavailable due to a disaster or outage. To test this scenario, you can use the `kubectl drain` command to gracefully evict all pods from a node and mark it as unschedulable. You can then monitor cluster traffic and performance using tools such as Azure Monitor or Prometheus.
 
 The following table outlines pros and cons of this method:
 
@@ -174,3 +174,6 @@ The following table outlines pros and cons of this method:
 
 For more information, see [What is Azure Chaos Studio?](../chaos-studio/chaos-studio-overview.md).
 
+## Next steps
+
+For more implementation details, see the [Guide to zone redundant AKS clusters and storage](https://techcommunity.microsoft.com/t5/fasttrack-for-azure/a-practical-guide-to-zone-redundant-aks-clusters-and-storage/ba-p/4036254).