Skip to content

Commit 61f6676

Browse files
Fixed comments
1 parent 3118ba9 commit 61f6676

File tree

1 file changed

+5
-5
lines changed

1 file changed

+5
-5
lines changed

articles/virtual-network/kubernetes-network-policies.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ Network Policies provides micro-segmentation for pods just like Network Security
2626

2727
![Kubernetes network policies overview](./media/kubernetes-network-policies/kubernetes-network-policies-overview.png)
2828

29-
Azure NPM implementation works in conjunction with the Azure CNI that provides VNet integration for containers. NPM is supported only on Linux today. The implementation enforces traffic filtering by configuring allow and deny IP rules in Linux IPTables based on the defined policies. These rules are grouped together using Linux IPSets.
29+
Azure NPM implementation works with the Azure CNI that provides VNet integration for containers. NPM is supported only on Linux today. The implementation enforces traffic filtering by configuring allow and deny IP rules in Linux IPTables based on the defined policies. These rules are grouped together using Linux IPSets.
3030

3131
## Planning security for your Kubernetes cluster
3232
When implementing security for your cluster, use network security groups (NSGs) to filter traffic entering and leaving your cluster subnet (North-South traffic). Use Azure NPM for traffic between pods in your cluster (East-West traffic).
@@ -75,8 +75,8 @@ See a [configuration for these alerts](#set-up-alerts-for-alertmanager) below.
7575

7676
##### Visualizations and Debugging via our Grafana Dashboard or Azure Monitor Workbook
7777
1. See how many IPTables rules your policies create (having a massive amount of IPTables rules may increase latency slightly).
78-
2. Correlate cluster counts (e.g. ACLs) to execution times.
79-
3. Get the human-friendly name of an ipset in a given IPTables rule (e.g. "azure-npm-487392" represents "podlabel-role:database").
78+
2. Correlate cluster counts (for example, ACLs) to execution times.
79+
3. Get the human-friendly name of an ipset in a given IPTables rule (for example, "azure-npm-487392" represents "podlabel-role:database").
8080

8181
### All supported metrics
8282
The following is the list of supported metrics. Any `quantile` label has possible values `0.5`, `0.9`, and `0.99`. Any `had_error` label has possible values `false` and `true`, representing whether the operation succeeded or failed.
@@ -137,7 +137,7 @@ The dashboard has visuals similar to the Azure Workbook. You can add panels to c
137137
### Set up for Prometheus Server
138138
Some users may choose to collect metrics with a Prometheus Server instead of Azure Monitor for containers. You merely need to add two jobs to your scrape config to collect NPM metrics.
139139

140-
To install a simple Prometheus Server, add this helm repo on your cluster
140+
To install a Prometheus Server, add this helm repo on your cluster
141141
```
142142
helm repo add stable https://kubernetes-charts.storage.googleapis.com
143143
helm repo update
@@ -198,7 +198,7 @@ You can also replace the `azure-npm-node-metrics` job with the content below or
198198
```
199199

200200
#### Set up Alerts for AlertManager
201-
If you use a Prometheus Server, you can set up an AlertManager like so. Here is an example config for [the two alerting rules described above](#alerts-via-a-prometheus-alertmanager):
201+
If you use a Prometheus Server, you can set up an AlertManager like so. Here's an example config for [the two alerting rules described above](#alerts-via-a-prometheus-alertmanager):
202202
```
203203
groups:
204204
- name: npm.rules

0 commit comments

Comments
 (0)