MicrosoftDocs
diff --git a/‎articles/active-directory-b2c/customize-ui-with-html.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/customize-ui-with-html.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/aks/aks-migration.md
Lines changed: 88 additions & 86 deletions b/‎articles/aks/aks-migration.md
Lines changed: 88 additions & 86 deletions
diff --git a/‎articles/aks/nat-gateway.md
Lines changed: 62 additions & 61 deletions b/‎articles/aks/nat-gateway.md
Lines changed: 62 additions & 61 deletions
diff --git a/‎articles/aks/node-auto-repair.md
Lines changed: 29 additions & 33 deletions b/‎articles/aks/node-auto-repair.md
Lines changed: 29 additions & 33 deletions
diff --git a/‎articles/azure-video-indexer/audio-effects-detection.md
Lines changed: 2 additions & 3 deletions b/‎articles/azure-video-indexer/audio-effects-detection.md
Lines changed: 2 additions & 3 deletions
@@ -233,7 +233,7 @@ To create a public container in Blob storage, perform the following steps:
 1. Under **Data storage** in the left-hand menu, select **Containers**.
 1. Select **+ Container**.
 1. For **Name**, enter *root*. The name can be a name of your choosing, for example *contoso*, but we use *root* in this example for simplicity.
-1. For **Public access level**, select **Blob**.
+1. For **Public access level**, select **Blob**. By selecting the **Blob** option, you allow an anonymous public read-only access for this container.
 1. Select **Create** to create the container.
 1. Select **root** to open the new container.
 
 
@@ -1,66 +1,60 @@
 ---
-title: Create a managed or user-assigned NAT gateway
+title: Create a managed or user-assigned NAT gateway for your Azure Kubernetes Service (AKS) cluster
 titleSuffix: Azure Kubernetes Service
 description: Learn how to create an AKS cluster with managed NAT integration and user-assigned NAT gateway.
 author: asudbring
 ms.subservice: aks-networking
 ms.custom: devx-track-azurecli
 ms.topic: how-to
-ms.date: 10/26/2021
+ms.date: 05/30/2023
 ms.author: allensu
 ---
 
-# Create a managed or user-assigned NAT gateway
+# Create a managed or user-assigned NAT gateway for your Azure Kubernetes Service (AKS) cluster
 
-While you can route egress traffic through an Azure Load Balancer, there are limitations on the amount of outbound flows of traffic you can have. Azure NAT Gateway allows up to 64,512 outbound UDP and TCP traffic flows per IP address with a maximum of 16 IP addresses.
+While you can route egress traffic through an Azure Load Balancer, there are limitations on the number of outbound flows of traffic you can have. Azure NAT Gateway allows up to 64,512 outbound UDP and TCP traffic flows per IP address with a maximum of 16 IP addresses.
 
-This article shows you how to create an AKS cluster with a managed NAT gateway and a user-assigned NAT gateway for egress traffic and how to disable OutboundNAT on Windows.
+This article shows you how to create an Azure Kubernetes Service (AKS) cluster with a managed NAT gateway and a user-assigned NAT gateway for egress traffic. It also shows you how to disable OutboundNAT on Windows.
 
 ## Before you begin
 
 * Make sure you're using the latest version of [Azure CLI][az-cli].
 * Make sure you're using Kubernetes version 1.20.x or above.
-* Managed NAT Gateway is incompatible with custom virtual networks.
+* Managed NAT gateway is incompatible with custom virtual networks.
 
 ## Create an AKS cluster with a managed NAT gateway
 
-To create an AKS cluster with a new managed NAT Gateway, use `--outbound-type managedNATGateway`, `--nat-gateway-managed-outbound-ip-count`, and `--nat-gateway-idle-timeout` when running `az aks create`. If you want the NAT gateway to be able to operate out of availability zones, specify the zones using `--zones`.
+* Create an AKS cluster with a new managed NAT gateway using the [`az aks create`][az-aks-create] command with the `--outbound-type managedNATGateway`, `--nat-gateway-managed-outbound-ip-count`, and `--nat-gateway-idle-timeout` parameters. If you want the NAT gateway to operate out of availability zones, specify the zones using `--zones`.
 
-The following example creates a *myResourceGroup* resource group, then creates a *natCluster* AKS cluster in *myResourceGroup* with a Managed NAT Gateway, two outbound IPs, and an idle timeout of 30 seconds.
-
-```azurecli-interactive
-az group create --name myResourceGroup --location southcentralus
-```
-
-```azurecli-interactive
-az aks create \
-    --resource-group myResourceGroup \
-    --name natcluster \
-    --node-count 3 \
-    --outbound-type managedNATGateway \
-    --nat-gateway-managed-outbound-ip-count 2 \
-    --nat-gateway-idle-timeout 4
-```
+    ```azurecli-interactive
+    az aks create \
+        --resource-group myResourceGroup \
+        --name myNatCluster \
+        --node-count 3 \
+        --outbound-type managedNATGateway \
+        --nat-gateway-managed-outbound-ip-count 2 \
+        --nat-gateway-idle-timeout 4
+    ```
 
-> [!IMPORTANT]
-> If no value for the outbound IP address is specified, the default value is one.
+    > [!IMPORTANT]
+    > If no value for the outbound IP address is specified, the default value is one.
 
 ### Update the number of outbound IP addresses
 
-To update the outbound IP address or idle timeout, use `--nat-gateway-managed-outbound-ip-count` or `--nat-gateway-idle-timeout` when running `az aks update`.
+* Update the outbound IP address or idle timeout using the [`az aks update`][az-aks-update] command with the `--nat-gateway-managed-outbound-ip-count` or `--nat-gateway-idle-timeout` parameter.
 
-```azurecli-interactive
-az aks update \ 
-    --resource-group myresourcegroup \
-    --name natcluster\
-    --nat-gateway-managed-outbound-ip-count 5
-```
+    ```azurecli-interactive
+    az aks update \ 
+        --resource-group myResourceGroup \
+        --name myNatCluster\
+        --nat-gateway-managed-outbound-ip-count 5
+    ```
 
 ## Create an AKS cluster with a user-assigned NAT gateway
 
-To create an AKS cluster with a user-assigned NAT gateway, use `--outbound-type userAssignedNATGateway` when running `az aks create`. This configuration requires bring-your-own networking (via [Kubenet][byo-vnet-kubenet] or [Azure CNI][byo-vnet-azure-cni]) and that the NAT Gateway is preconfigured on the subnet. The following commands create the required resources for this scenario. Make sure to run them all in the same session so that the values stored to variables are still available for the `az aks create` command.
+This configuration requires bring-your-own networking (via [Kubenet][byo-vnet-kubenet] or [Azure CNI][byo-vnet-azure-cni]) and that the NAT gateway is preconfigured on the subnet. The following commands create the required resources for this scenario.
 
-1. Create the resource group.
+1. Create a resource group using the [`az group create`][az-group-create] command.
 
     ```azurecli-interactive
     az group create --name myResourceGroup \
@@ -72,13 +66,13 @@ To create an AKS cluster with a user-assigned NAT gateway, use `--outbound-type
     ```azurecli-interactive
     IDENTITY_ID=$(az identity create \
         --resource-group myResourceGroup \
-        --name natClusterId \
+        --name myNatClusterId \
         --location southcentralus \
         --query id \
         --output tsv)
     ```
 
-3. Create a public IP for the NAT gateway.
+3. Create a public IP for the NAT gateway using the [`az network public-ip create`][az-network-public-ip-create] command.
 
     ```azurecli-interactive
     az network public-ip create \
@@ -88,7 +82,7 @@ To create an AKS cluster with a user-assigned NAT gateway, use `--outbound-type
         --sku standard
     ```
 
-4. Create the NAT gateway.
+4. Create the NAT gateway using the [`az network nat gateway create`][az-network-nat-gateway-create] command.
 
     ```azurecli-interactive
     az network nat gateway create \
@@ -98,7 +92,7 @@ To create an AKS cluster with a user-assigned NAT gateway, use `--outbound-type
         --public-ip-addresses myNatGatewayPip
     ```
 
-5. Create a virtual network.
+5. Create a virtual network using the [`az network vnet create`][az-network-vnet-create] command.
 
     ```azurecli-interactive
     az network vnet create \
@@ -114,19 +108,19 @@ To create an AKS cluster with a user-assigned NAT gateway, use `--outbound-type
     SUBNET_ID=$(az network vnet subnet create \
         --resource-group myResourceGroup \
         --vnet-name myVnet \
-        --name natCluster \
+        --name myNatCluster \
         --address-prefixes 172.16.0.0/22 \
         --nat-gateway myNatGateway \
         --query id \
         --output tsv)
     ```
 
-7. Create an AKS cluster using the subnet with the NAT gateway and the managed identity.
+7. Create an AKS cluster using the subnet with the NAT gateway and the managed identity using the [`az aks create`][az-aks-create] command.
 
     ```azurecli-interactive
     az aks create \
         --resource-group myResourceGroup \
-        --name natCluster \
+        --name myNatCluster \
         --location southcentralus \
         --network-plugin azure \
         --vnet-subnet-id $SUBNET_ID \
@@ -146,13 +140,13 @@ Windows OutboundNAT can cause certain connection and communication issues with y
 Windows enables OutboundNAT by default. You can now manually disable OutboundNAT when creating new Windows agent pools.
 
 > [!NOTE]
-> OutboundNAT can only be disabled on Windows Server 2019 nodepools.
+> OutboundNAT can only be disabled on Windows Server 2019 node pools.
 
 ### Prerequisites
 
 * You need to use `aks-preview` and register the feature flag.
 
-  1. Install or update `aks-preview`.
+  1. Install or update `aks-preview` using the [`az extension add`][az-extension-add] or [`az extension update`][az-extension-update] command.
 
     ```azurecli
     # Install aks-preview
@@ -164,44 +158,44 @@ Windows enables OutboundNAT by default. You can now manually disable OutboundNAT
     az extension update --name aks-preview
     ```
 
-  2. Register the feature flag.
+  2. Register the feature flag using the [`az feature register`][az-feature-register] command.
 
     ```azurecli
     az feature register --namespace Microsoft.ContainerService --name DisableWindowsOutboundNATPreview
     ```
 
-  3. Check the registration status.
+  3. Check the registration status using the [`az feature list`][az-feature-list] command.
 
     ```azurecli
     az feature list -o table --query "[?contains(name, 'Microsoft.ContainerService/DisableWindowsOutboundNATPreview')].{Name:name,State:properties.state}"
     ```
 
-  4. Refresh the registration of the `Microsoft.ContainerService` resource provider.
+  4. Refresh the registration of the `Microsoft.ContainerService` resource provider us
 
     ```azurecli
     az provider register --namespace Microsoft.ContainerService
     ```
 
-* Your clusters must have a Managed NAT Gateway (which may increase the overall cost).
+* Your clusters must have a managed NAT gateway (which may increase the overall cost).
 * If you're using Kubernetes version 1.25 or older, you need to [update your deployment configuration][upgrade-kubernetes].
-* If you need to switch from a load balancer to NAT Gateway, you can either add a NAT Gateway into the VNet or run [`az aks upgrade`][aks-upgrade] to update the outbound type.
+* If you need to switch from a load balancer to NAT gateway, you can either add a NAT gateway into the VNet or run [`az aks upgrade`][aks-upgrade] to update the outbound type.
 
 ### Manually disable OutboundNAT for Windows
 
-You can manually disable OutboundNAT for Windows when creating new Windows agent pools using `--disable-windows-outbound-nat`.
+* Manually disable OutboundNAT for Windows when creating new Windows agent pools using the [`az aks nodepool add`][az-aks-nodepool-add] command with the `--disable-windows-outbound-nat` flag.
 
-> [!NOTE]
-> You can use an existing AKS cluster, but you may need to update the outbound type and add a node pool to enable `--disable-windows-outbound-nat`.
-
-```azurecli
-az aks nodepool add \
-    --resource-group myResourceGroup
-    --cluster-name natCluster
-    --name mynodepool
-    --node-count 3
-    --os-type Windows
-    --disable-windows-outbound-nat
-```
+    > [!NOTE]
+    > You can use an existing AKS cluster, but you may need to update the outbound type and add a node pool to enable `--disable-windows-outbound-nat`.
+
+    ```azurecli
+    az aks nodepool add \
+        --resource-group myResourceGroup
+        --cluster-name myNatCluster
+        --name mynodepool
+        --node-count 3
+        --os-type Windows
+        --disable-windows-outbound-nat
+    ```
 
 ## Next steps
 
@@ -212,7 +206,7 @@ For more information on Azure NAT Gateway, see [Azure NAT Gateway][nat-docs].
 <!-- LINKS - external-->
 [nat-docs]: ../virtual-network/nat-gateway/nat-overview.md
 [az-feature-list]: /cli/azure/feature#az_feature_list
-[az-provider-register]: /cli/azure/provider#az_provider_register
+[az-feature-register]: /cli/azure/feature#az_feature_register
 [byo-vnet-azure-cni]: configure-azure-cni.md
 [byo-vnet-kubenet]: configure-kubenet.md
 [az-extension-add]: /cli/azure/extension#az_extension_add
@@ -222,3 +216,10 @@ For more information on Azure NAT Gateway, see [Azure NAT Gateway][nat-docs].
 [app-gw]: ../application-gateway/overview.md
 [upgrade-kubernetes]:tutorial-kubernetes-upgrade-cluster.md
 [aks-upgrade]: /cli/azure/aks#az-aks-update
+[az-aks-create]: /cli/azure/aks#az-aks-create
+[az-aks-update]: /cli/azure/aks#az-aks-update
+[az-group-create]: /cli/azure/group#az_group_create
+[az-network-public-ip-create]: /cli/azure/network/public-ip#az_network_public_ip_create
+[az-network-nat-gateway-create]: /cli/azure/network/nat/gateway#az_network_nat_gateway_create
+[az-network-vnet-create]: /cli/azure/network/vnet#az_network_vnet_create
+[az-aks-nodepool-add]: /cli/azure/aks/nodepool#az_aks_nodepool_add
@@ -1,69 +1,65 @@
 ---
-title: Automatically repairing Azure Kubernetes Service (AKS) nodes 
-description: Learn about node auto-repair functionality, and how AKS fixes broken worker nodes.
+title: Automatically repair Azure Kubernetes Service (AKS) nodes 
+description: Learn about node auto-repair functionality and how AKS fixes broken worker nodes.
 ms.topic: conceptual
-ms.date: 03/11/2021
+ms.date: 05/30/2023
 ---
 
 # Azure Kubernetes Service (AKS) node auto-repair
 
-AKS continuously monitors the health state of worker nodes and performs automatic node repair if they become unhealthy. The Azure virtual machine (VM) platform [performs maintenance on VMs][vm-updates] experiencing issues. 
+Azure Kubernetes Service (AKS) continuously monitors the health state of worker nodes and performs automatic node repair if they become unhealthy. The Azure virtual machine (VM) platform [performs maintenance on VMs][vm-updates] experiencing issues. AKS and Azure VMs work together to minimize service disruptions for clusters.
 
-AKS and Azure VMs work together to minimize service disruptions for clusters.
-
-In this document, you'll learn how automatic node repair functionality behaves for both Windows and Linux nodes. 
+In this article, you learn how the automatic node repair functionality behaves for Windows and Linux nodes.
 
 ## How AKS checks for unhealthy nodes
 
-AKS uses the following rules to determine if a node is unhealthy and needs repair: 
-* The node reports **NotReady** status on consecutive checks within a 10-minute timeframe.
-* The node doesn't report any status within 10 minutes.
+AKS uses the following rules to determine if a node is unhealthy and needs repair:
 
-You can manually check the health state of your nodes with kubectl.
+* The node reports the **NotReady** status on consecutive checks within a 10-minute time frame.
+* The node doesn't report any status within 10 minutes.
 
-```
-kubectl get nodes
-```
+You can manually check the health state of your nodes with the `kubectl get nodes` command.
 
 ## How automatic repair works
 
-> [!Note]
+> [!NOTE]
 > AKS initiates repair operations with the user account **aks-remediator**.
 
-If AKS identifies an unhealthy node that remains unhealthy for 5 minutes, AKS takes the following actions:
+If AKS identifies an unhealthy node that remains unhealthy for *five* minutes, AKS performs the following actions:
+
+1. Attempts to restart the node.
+2. If the node restart is unsuccessful, AKS reimages the node.
+3. If the reimage is unsuccessful and it's a Linux node, AKS redeploys the node.
 
-1. Restarts the node.
-1. If the restart is unsuccessful, reimages the node.
-1. If the reimage is unsuccessful, and this is a Linux node, redeploys the node.
+AKS engineers investigate alternative remediations if auto-repair is unsuccessful.
 
-Alternative remediations are investigated by AKS engineers if auto-repair is unsuccessful. 
-As well as if you want to get the node to reimage you can always add the nodeCondition "customerMarkedAsUnhealthy": true, and remediator will reimage your node that way. 
+If you want the remediator to reimage the node, you can add the `nodeCondition "customerMarkedAsUnhealthy": true`.
 
-## Node Autodrain
-[Scheduled Events][scheduled-events] can occur on the underlying virtual machines (VMs) in any of your node pools. For [spot node pools][spot-node-pools], scheduled events may cause a *preempt* node event for the node. Certain node events, such as  *preempt*, cause AKS node autodrain to attempt a cordon and drain of the affected node, which allows for a graceful reschedule of any affected workloads on that node. When this happens, you might notice the node to receive a taint with *"remediator.aks.microsoft.com/unschedulable"*, because of *"kubernetes.azure.com/scalesetpriority: spot"*.
+## Node auto-drain
 
+[Scheduled events][scheduled-events] can occur on the underlying VMs in any of your node pools. For [spot node pools][spot-node-pools], scheduled events may cause a *preempt* node event for the node. Certain node events, such as  *preempt*, cause AKS node auto-drain to attempt a cordon and drain of the affected node. This process enables rescheduling for any affected workloads on that node. You might notice the node receives a taint with `"remediator.aks.microsoft.com/unschedulable"`, because of `"kubernetes.azure.com/scalesetpriority: spot"`.
 
-The following table shows the node events, and the actions they cause for AKS node autodrain.
+The following table shows the node events and actions they cause for AKS node auto-drain:
 
 | Event | Description |   Action   |
 | --- | --- | --- |
-| Freeze | The VM is scheduled to pause for a few seconds. CPU and network connectivity may be suspended, but there is no impact on memory or open files  | No action |
-| Reboot | The VM is scheduled for reboot. The VM's non-persistent memory is lost. | No action | 
-| Redeploy | The VM is scheduled to move to another node. The VM's ephemeral disks are lost. | Cordon and drain |
+| Freeze | The VM is scheduled to pause for a few seconds. CPU and network connectivity may be suspended, but there's no impact on memory or open files.  | No action. |
+| Reboot | The VM is scheduled for reboot. The VM's non-persistent memory is lost. | No action. |
+| Redeploy | The VM is scheduled to move to another node. The VM's ephemeral disks are lost. | Cordon and drain. |
 | Preempt | The spot VM is being deleted. The VM's ephemeral disks are lost. | Cordon and drain |
-| Terminate | The VM is scheduled to be deleted.| Cordon and drain |
-
-
+| Terminate | The VM is scheduled for deletion.| Cordon and drain. |
 
 ## Limitations
 
-In many cases, AKS can determine if a node is unhealthy and attempt to repair the issue, but there are cases where AKS either can't repair the issue or can't detect that there is an issue. For example, AKS can't detect issues if a node status is not being reported due to error in network configuration, or has failed to initially register as a healthy node.
+In many cases, AKS can determine if a node is unhealthy and attempt to repair the issue. However, there are cases where AKS either can't repair the issue or detect that an issue exists. For example, AKS can't detect issues in the following example scenarios:
+
+* A node status isn't being reported due to error in network configuration.
+* A node failed to initially register as a healthy node.
 
 ## Next steps
 
-Use [Availability Zones][availability-zones] to increase high availability with your AKS cluster workloads.
+Use [availability zones][availability-zones] to increase high availability with your AKS cluster workloads.
 
-<!-- LINKS - External -->
 <!-- LINKS - Internal -->
 [availability-zones]: ./availability-zones.md
 [vm-updates]: ../virtual-machines/maintenance-and-updates.md
 
@@ -105,9 +105,8 @@ When audio effects are retrieved in the closed caption files, they are retrieved
 
 Audio Effects in closed captions file is retrieved with the following logic employed:
 
-* `Silence` event type will not be added to the closed captions
-* Maximum duration to show an event I 5 seconds
-* Minimum timer duration to show an event is 700 milliseconds
+* `Silence` event type will not be added to the closed captions.
+* Minimum timer duration to show an event is 700 milliseconds.
 
 ## Adding audio effects in closed caption files