edits

tejaswikolli-web · tejaswikolli-web · commit 82698df5dd23 · 2024-09-09T13:37:45.000-07:00
diff --git a/articles/container-registry/connected-registry-glossary.md b/articles/container-registry/connected-registry-glossary.md
@@ -116,19 +116,19 @@ This glossary provides terms and definitions for the connected registry extensio
 
 ### Parent Registry
 
-- **Description:** The primary registry that synchronizes with its child connected registries. A single parent registry can have multiple child registries connected to it. In a nested scenarios, there can be multiple layers of registries within the hierarchy.
+- **Description:** The primary registry that synchronizes with its child connected registries. A single parent registry can have multiple child registries connected to it. In a nested scenario, there can be multiple layers of registries within the hierarchy.
 
 ### Protected Settings File (--config-protected-file)
 
-- **Definition:** The file containing the connection string for deploying the connected registry extension on the Kubernetes cluster. This file would also includes the Kubernetes Secret or Public Cert + Private Key values pair for BYOC scenarios.
+- **Definition:** The file containing the connection string for deploying the connected registry extension on the Kubernetes cluster. This file would also include the Kubernetes Secret or Public Cert + Private Key values pair for BYOC scenarios.
 - **Accepted Values:** Alphanumerical value
 - **Note:** Customer must specify.
 
 ### Public Certificate + Private Key
 
 - **Value Type:** Alphanumerical base64-encoded
 - **Customer Action:** Must specify
-- **Description:** The public key certificate comprises of a pair of keys: a public key available to anyone for identity verification of the certificate holder, and a private key, a unique secret key.
+- **Description:** The public key certificate comprises a pair of keys: a public key available to anyone for identity verification of the certificate holder, and a private key, a unique secret key.
 
 ### Pvc.storageClassName
 
diff --git a/articles/container-registry/quickstart-connected-registry-arc-cli.md b/articles/container-registry/quickstart-connected-registry-arc-cli.md
@@ -1,5 +1,5 @@
 ---
-title: "Quickstart: Deploying the Connected Registry Arc Extension"
+title: "Quickstart: Deploying the connected registry Arc extension"
 description: "Learn how to deploy the Connected Registry Arc Extension CLI UX with secure-by-default settings for efficient and secure container workload operations."
 author: tejaswikolli-web
 ms.author: tejaswikolli
@@ -11,7 +11,7 @@ ai-usage: ai-assisted
 #customer intent: As a user, I want to learn how to deploy the connected registry Arc extension using the CLI UX with secure-by-default settings, such as using HTTPS, Read Only, Trust Distribution, and Cert Manager service, so that I can ensure the secure and efficient operation of my container workloads."
 ---
 
-# Quickstart: Deploy the connected registry Arc extension (Preview)
+# Quickstart: Deploy the connected registry Arc extension (preview)
 
 In this quickstart, you learn how to deploy the Connected registry Arc extension using the CLI UX with secure-by-default settings to ensure robust security and operational integrity. 
  
@@ -25,11 +25,11 @@ The connected registry is a pivotal tool for edge customers, enabling efficient
 
 * Set up the firewall access and communication between the ACR and the connected registry by enabling the [dedicated data endpoints.][dedicated data endpoints]
 
-* Create or use an existing Azure Kubernetes Service (AKS) cluster with the [tutorial.][tutorial-aks-cluster]
+* Create or use an existing Azure KubernetesService (AKS) cluster with the [tutorial.][tutorial-aks-cluster]
 
-* Set up the connection between the Kubernetes cluster and Azure Arc by following the [quickstart.][quickstart-connect-cluster]
+* Set up the connection between the Kubernetescluster and Azure Arc by following the [quickstart.][quickstart-connect-cluster]
 
-* Use the [k8s-extension][k8s-extension] command to manage Kubernetes extensions.
+* Use the [k8s-extension][k8s-extension] command to manage Kubernetesextensions.
 
     ```azurecli
     az extension add --name k8s-extension
@@ -52,9 +52,9 @@ The connected registry is a pivotal tool for edge customers, enabling efficient
     The `hello-world` repository is created in the ACR registry `myacrregistry` to synchronize with the Connected registry.
 
 
-## Deploy the Connected registry Arc extension with secure-by-default settings
+## Deploy the connected registry Arc extension with secure-by-default settings
 
-Once the prerequisites and necessary conditions and components are in place, follow the streamlined approach to securely deploy a connected registry extension on an Arc-enabled Kubernetes cluster using the following settings. These settings define the following configuration with HTTPS, Read Only, Trust Distribution, and Cert Manager service. Follow the steps for a successful deployment: 
+Once the prerequisites and necessary conditions and components are in place, follow the streamlined approach to securely deploy a connected registry extension on an Arc-enabled Kubernetescluster using the following settings. These settings define the following configuration with HTTPS, Read Only, Trust Distribution, and Cert Manager service. Follow the steps for a successful deployment: 
 
 1.	[Create the connected registry.](#create-the-connected-registry-and-synchronize-with-acr)
 2.	[Deploy the connected registry Arc extension.](#deploy-the-connected-registry-arc-extension-on-the-arc-enabled-kubernetes-cluster)
@@ -81,15 +81,15 @@ Creating the connected registry to synchronize with ACR is the foundational step
 - The [az acr connected-registry create][az-acr-connected-registry-create] command overwrites actions if the sync scope map named `myscopemap` exists and overwrites properties if the sync token named `mysynctoken` exists. 
 - The [az acr connected-registry create][az-acr-connected-registry-create] command validates a dedicated data endpoint during the creation of the connected registry and provides a command to enable the dedicated data endpoint on the ACR registry.
 
-### Deploy the connected registry Arc extension on the Arc-enabled kubernetes cluster
+### Deploy the connected registry Arc extension on the Arc-enabled Kubernetes cluster
 
 By deploying the connected Registry Arc extension, you can synchronize container images and other Open Container Initiative (OCI) artifacts with your ACR registry. The deployment helps speed-up access to registry artifacts and enables the building of advanced scenarios. The extension deployment ensures secure trust distribution between the connected registry and all client nodes within the cluster, and installs the cert-manager service for Transport Layer Security (TLS) encryption. 
 
 1. Generate the Connection String and Protected Settings JSON File
 
    For secure deployment of the connected registry extension, generate the connection string, including a new password, transport protocol, and create the `protected-settings-extension.json` file required for the extension deployment with [az acr connected-registry get-settings][az-acr-connected-registry-get-settings] command:
 
-  ```bash
+```bash
     cat << EOF > protected-settings-extension.json
     {
       "connectionString": "$(az acr connected-registry get-settings \
@@ -100,9 +100,9 @@ By deploying the connected Registry Arc extension, you can synchronize container
       --query ACR_REGISTRY_CONNECTION_STRING --output tsv --yes)"
     }
     EOF
-  ```
+```
 
-  ```bash
+```bash
     cat << EOF > protected-settings-extension.json
     {
       "connectionString": "$(az acr connected-registry get-settings \
@@ -113,7 +113,7 @@ By deploying the connected Registry Arc extension, you can synchronize container
       --query ACR_REGISTRY_CONNECTION_STRING --output tsv --yes)"
     }
     EOF
-  ```
+```
 
 ```azurepowershell
     echo "{\"connectionString\":\"$(az acr connected-registry get-settings \
@@ -143,14 +143,14 @@ By deploying the connected Registry Arc extension, you can synchronize container
     --config-protected-file protected-settings-extension.json  
   ```
 
-- The [az k8s-extension create][az-k8s-extension-create] command deploys the connected registry extension on the Kubernetes cluster with the provided configuration parameters and protected settings file. 
+- The [az k8s-extension create][az-k8s-extension-create] command deploys the connected registry extension on the Kubernetescluster with the provided configuration parameters and protected settings file. 
 - It ensures secure trust distribution between the connected registry and all client nodes within the cluster, and installs the cert-manager service for Transport Layer Security (TLS) encryption.
-- The clusterIP must be from the AKS cluster subnet IP range. The `service.clusterIP` parameter specifies the IP address of the connected registry service within the cluster. It is essential to set the `service.clusterIP` within the range of valid service IPs for the Kubernetes cluster. Ensure that the IP address specified for `service.clusterIP` falls within the designated service IP range defined during the cluster's initial configuration, typically found in the cluster's networking settings. If the `service.clusterIP` is not within this range, it must be updated to an IP address that is both within the valid range and not currently in use by another service.
+- The clusterIP must be from the AKS cluster subnet IP range. The `service.clusterIP` parameter specifies the IP address of the connected registry service within the cluster. It is essential to set the `service.clusterIP` within the range of valid service IPs for the Kubernetescluster. Ensure that the IP address specified for `service.clusterIP` falls within the designated service IP range defined during the cluster's initial configuration, typically found in the cluster's networking settings. If the `service.clusterIP` is not within this range, it must be updated to an IP address that is both within the valid range and not currently in use by another service.
 
 
 ### Verify the connected registry extension deployment
 
-To verify the deployment of the connected registry extension on the Arc-enabled Kubernetes cluster, follow the steps:
+To verify the deployment of the connected registry extension on the Arc-enabled Kubernetescluster, follow the steps:
 
 1. Verify the deployment status
 
diff --git a/articles/container-registry/troubleshoot-connected-registry-arc.md b/articles/container-registry/troubleshoot-connected-registry-arc.md
@@ -154,7 +154,7 @@ az k8s-extension update \
 --config-protected-file protected-settings-extension.json
 ```
 
-### Issue: Extension created, but connected registry is not an “Online” state** 
+### Issue: Extension created, but connected registry is not an “Online” state 
 
 **Possibility 1:** Previous connected registry has not been deactivated 
 
@@ -184,7 +184,7 @@ az acr connected-registry deactivate -n <myconnectedregistry> -r <mycontainerreg
 
 After a few minutes, the connected registry pod should be recreated, and the error should disappear. 
  
-## Enable Logging
+## Enable logging
 
 - Run the [az acr connected-registry update] command to update the connected registry extension with the debug log level:
 
diff --git a/articles/container-registry/tutorial-connected-registry-arc.md b/articles/container-registry/tutorial-connected-registry-arc.md
@@ -1,5 +1,5 @@
 ---
-title: "Secure and deploy Connected registry Arc extension"
+title: "Secure and deploy connected registry Arc extension"
 description: "Learn to secure the connected registry Arc extension deployment with HTTPS, TLS, optional no TLS, BYOC certificate, and trust distribution."
 author: tejaswikolli-web
 ms.author: tejaswikolli
@@ -11,7 +11,7 @@ ms.date: 06/17/2024
 
 ---
 
-# Tutorial: Secure deployment methods for the connected registry extension 
+# Tutorial: Secure deployment methods for the connected registry extension
 
 These tutorials cover various deployment scenarios for the connected registry extension in an Arc-enabled Kubernetes cluster. Once the connected registry extension is installed, you can synchronize images from your cloud registry to on-premises or remote locations.  
 
@@ -25,7 +25,7 @@ The connected registry cert manager is a service that manages TLS certificates f
 
 [Cert-Manager][cert-manager] is an open-source Kubernetes add-on that automates the management and issuance of TLS certificates from various sources. It manages the lifecycle of certificates issued by CA pools created using CA Service, ensuring they are valid and renewed before they expire.  
 
-### What is Trust Distribution? 
+### What is trust distribution?
 
 Connected registry trust distribution refers to the process of securely distributing trust between the connected registry service and Kubernetes clients within a cluster. This is achieved by using a Certificate Authority (CA), such as cert-manager, to sign TLS certificates, which are then distributed to both the registry service and the clients. This ensures that all entities can securely authenticate each other, maintaining a secure and trusted environment within the Kubernetes cluster.
 
@@ -34,7 +34,7 @@ In this tutorial, you:
 > [!div class="checklist"]
 > - [Deploy Connected registry extension using preinstalled cert-manager.](#deploy-connected-registry-extension-using-your-preinstalled-cert-manager)
 > - [Deploy Connected registry extension using Bring Your Own Certificate (BYOC).](#deploy-connected-registry-extension-using-bring-your-own-certificate-byoc)
-> - [Deploy Connected registry with kubernetes secret management.](#deploy-connected-registry-with-kubernetes-secret-management)
+> - [Deploy Connected registry with Kubernetes secret management.](#deploy-connected-registry-with-Kubernetes-secret-management)
 > - [Deploy the Connected registry Arc extension with inherent trust distribution or reject Connected registry trust distribution.](#deploy-the-connected-registry-using-your-own-trust-distribution-and-disable-the-connected-registrys-default-trust-distribution)
 
 ## Prerequisites
@@ -47,7 +47,7 @@ To complete this tutorial, you need:
 
 In this tutorial, we demonstrate how to use a preinstalled cert-manager service on the cluster. This setup gives you control over certificate management, enabling you to deploy the connected registry extension with encryption by following the steps provided:
 
-1. Run the [az-k8s-extension-create][az-k8s-extension-create] command in the [quickstart][quickstart] and set the `cert-manager.enabled=true` and `cert-manager.install=false` parameters to determine the cert-manager service is installed and enabled:
+Run the [az-k8s-extension-create][az-k8s-extension-create] command in the [quickstart][quickstart] and set the `cert-manager.enabled=true` and `cert-manager.install=false` parameters to determine the cert-manager service is installed and enabled:
 
     ```azurecli
     az k8s-extension create --cluster-name myarck8scluster \ 
@@ -60,7 +60,7 @@ In this tutorial, we demonstrate how to use a preinstalled cert-manager service
     --config-protected-file protected-settings-extension.json
     ```
 
-## Deploy Connected registry extension using Bring Your Own Certificate (BYOC)
+## Deploy connected registry extension using bring your own certificate (BYOC)
 
 In this tutorial, we demonstrate how to use your own certificate (BYOC) on the cluster. BYOC allows you to use your own public certificate and private key pair, giving you control over certificate management. This setup enables you to deploy the connected registry extension with encryption by following the provided steps:
 
@@ -100,9 +100,9 @@ export TLS_KEY=$(cat mycert.key | base64 -w0)
     } 
 ```
 
-2. Now, you can deploy the Connected registry extension with HTTPS (TLS encryption) using the public certificate and private key pair management by configuring variables set to `cert-manager.enabled=false` and `cert-manager.install=false`. With these parameters, the cert-manager isn't installed or enabled since the public certificate and private key pair is used instead for encryption.  
+4. Now, you can deploy the Connected registry extension with HTTPS (TLS encryption) using the public certificate and private key pair management by configuring variables set to `cert-manager.enabled=false` and `cert-manager.install=false`. With these parameters, the cert-manager isn't installed or enabled since the public certificate and private key pair is used instead for encryption.  
 
-3. Run the [az-k8s-extension-create][az-k8s-extension-create] command for deployment after protected settings file is edited:
+5. Run the [az-k8s-extension-create][az-k8s-extension-create] command for deployment after protected settings file is edited:
 
     ```azurecli
     az k8s-extension create --cluster-name myarck8scluster \
@@ -164,7 +164,7 @@ EOF
         } 
     ```
 
-Now, you can deploy the Connected registry extension with HTTPS (TLS encryption) using the kubernetes secret management by configuring variables set to `cert-manager.enabled=false` and `cert-manager.install=false`. With these parameters, the cert-manager isn't installed or enabled since the kubernetes secret is used instead for encryption.  
+Now, you can deploy the Connected registry extension with HTTPS (TLS encryption) using the Kubernetes secret management by configuring variables set to `cert-manager.enabled=false` and `cert-manager.install=false`. With these parameters, the cert-manager isn't installed or enabled since the Kubernetes secret is used instead for encryption.  
 
 5. Run the [az-k8s-extension-create][az-k8s-extension-create] command for deployment after protected settings file is edited:
 
@@ -226,15 +226,13 @@ By deleting the deployed Connected registry extension, you remove the correspond
 
 By deleting the Connected registry extension and the Connected registry, you remove all the associated resources and configurations.
 
-## Next steps -or- Related content
-
-> [!div class="nextstepaction"]
+## Next steps
 
-> [Enable Connected registry with Azure arc CLI][quickstart]
-> [Upgrade Connected registry with Azure arc](tutorial-connected-registry-upgrade.md)
-> [Sync Connected registry with Azure arc in Scheduled window](tutorial-connected-registry-sync.md)
-> [Troubleshoot Connected registry with Azure arc](troubleshoot-connected-registry-arc.md)
-> [Glossary of terms](connected-registry-glossary.md)
+-[Enable Connected registry with Azure arc CLI][quickstart]
+-[Upgrade Connected registry with Azure arc](tutorial-connected-registry-upgrade.md)
+-[Sync Connected registry with Azure arc in Scheduled window](tutorial-connected-registry-sync.md)
+-[Troubleshoot Connected registry with Azure arc](troubleshoot-connected-registry-arc.md)
+-[Glossary of terms](connected-registry-glossary.md)
 
 <!-- LINKS - internal -->
 [create-acr]: container-registry-get-started-azure-cli.md
diff --git a/articles/container-registry/tutorial-connected-registry-sync.md b/articles/container-registry/tutorial-connected-registry-sync.md
diff --git a/articles/container-registry/tutorial-connected-registry-upgrade.md b/articles/container-registry/tutorial-connected-registry-upgrade.md
