Merge pull request #290549 from kgremban/ga-deploy

Jill Grant · web-flow · commit 86228a89cfeb · 2024-11-14T13:29:49.000-07:00
Deploy touchups
diff --git a/articles/iot-operations/deploy-iot-ops/howto-prepare-cluster.md b/articles/iot-operations/deploy-iot-ops/howto-prepare-cluster.md
@@ -218,7 +218,7 @@ For instructions on running the script, see [Configure an AKS Edge Essentials cl
 
 ### [AKS on Azure Local](#tab/azure-local)
 
-For instructions on creating and Arc-enabling an AKS cluster on Azure Local, see [Create Kubernetes clusters using Azure CLI](/azure/aks/hybrid/aks-create-clusters-cli).
+For instructions on creating and Arc-enabling an AKS cluster on Azure Local, see [Create Kubernetes clusters using Azure CLI](/azure/aks/hybrid/aks-create-clusters-cli). By default, a Kubernetes cluster is created with a node pool that can run Linux containers. If you add additional node pools after creation, make sure the OS is set to Linux. Azure IoT Operations doesn't support deployment to Windows nodes.
 
 Then, once you have an Azure Arc-enabled Kubernetes cluster, you can [deploy Azure IoT Operations](howto-deploy-iot-operations.md).
 
diff --git a/articles/iot-operations/deploy-iot-ops/media/howto-deploy-iot-operations/deploy-basics.png b/articles/iot-operations/deploy-iot-ops/media/howto-deploy-iot-operations/deploy-basics.png
diff --git a/articles/iot-operations/deploy-iot-ops/overview-deploy.md b/articles/iot-operations/deploy-iot-ops/overview-deploy.md
@@ -12,7 +12,7 @@ ms.date: 11/06/2024
 
 # Deployment details
 
-When you deploy Azure IoT Operations, you install a suite of services on an Azure Arc-enabled Kubernetes cluster. This article provides an overview of the different deployment options to consider for your scenario.
+When you deploy Azure IoT Operations, you install a suite of services on an [Azure Arc-enabled Kubernetes cluster](/azure/azure-arc/kubernetes/overview). This article provides an overview of the different deployment options to consider for your scenario.
 
 ## Supported environments
 
@@ -21,8 +21,10 @@ Microsoft supports the following environments for Azure IoT Operations deploymen
 | Environment | Minimum version | Availability |
 | ----------- | --------------- | ------------ |
 | K3s on Ubuntu 24.04 | K3s version 1.31.1 | General availability |
-| Azure Kubernetes Service (AKS) Edge Essentials on Windows 11 IoT Enterprise | AksEdge-K3s-1.29.6-1.8.202.0 | Public preview |
-| Azure Kubernetes Service (AKS) on Azure Local | Azure Stack HCI OS, version 23H2, build 2411 | Public preview |
+| Azure Kubernetes Service (AKS) Edge Essentials on Windows 11 IoT Enterprise <sup>1</sup> | AksEdge-K3s-1.29.6-1.8.202.0 | Public preview |
+| Azure Kubernetes Service (AKS) on Azure Local <sup>1</sup> | Azure Stack HCI OS, version 23H2, build 2411 | Public preview |
+
+<sup>1</sup> Regardless of the host system environment, Azure IoT Operations only supports deployment to Kubernetes clusters running on Linux nodes.
 
 >[!NOTE]
 >Billing usage records are collected on any environment where Azure IoT Operations is installed, regardless of support or availability levels.
@@ -44,23 +46,14 @@ A deployment with only test settings:
 
 * Doesn't configure secrets or user-assigned managed identity capabilities.
 * Is meant to enable the end-to-end quickstart sample for evaluation purposes, so supports the OPC PLC simulator and connects to cloud resources using system-assigned managed identity.
-* Can be upgraded to use secure settings.
-
-The quickstart scenario, [Quickstart: Run Azure IoT Operations in GitHub Codespaces](../get-started-end-to-end-sample/quickstart-deploy.md), uses test settings.
-
-At any point, you can upgrade an Azure IoT Operations instance to use secure settings by following the steps in [Enable secure settings](howto-enable-secure-settings.md).
+* Can be upgraded to use secure settings by following the steps in [Enable secure settings](howto-enable-secure-settings.md).
 
 ### Secure settings deployment
 
 A deployment with secure settings:
 
 * Enables secrets and user-assignment managed identity, both of which are important capabilities for developing a production-ready scenario. Secrets are used whenever Azure IoT Operations components connect to a resource outside of the cluster; for example, an OPC UA server or a dataflow endpoint.
 
-To deploy Azure IoT Operations with secure settings, follow these articles:
-
-1. Start with [Prepare your Azure Arc-enabled Kubernetes cluster](./howto-prepare-cluster.md) to configure and Arc-enable your cluster.
-1. Then, [Deploy Azure IoT Operations](./howto-deploy-iot-operations.md).
-
 ## Required permissions
 
 The following table describes Azure IoT Operations deployment and management tasks that require elevated permissions. For information about assigning roles to users, see [Steps to assign an Azure role](../../role-based-access-control/role-assignments-steps.md).
@@ -96,7 +89,7 @@ If you use enterprise firewalls or proxies to manage outbound traffic, configure
 
 * Endpoints in [Azure CLI endpoints](/cli/azure/azure-cli-endpoints?tabs=azure-cloud#endpoints).
 
-  You need `graph.windows.net`, `*.azurecr.io`, `*.blob.core.windows.net`, `*.vault.azure.net` from this endpoint list.
+  Azure IoT Operations uses `graph.windows.net`, `*.azurecr.io`, `*.blob.core.windows.net`, `*.vault.azure.net` from this endpoint list.
 
 * The following endpoints are required specifically for Azure IoT Operations:
 
@@ -111,6 +104,7 @@ If you use enterprise firewalls or proxies to manage outbound traffic, configure
   * Event Grid: [Troubleshoot connectivity issues - Azure Event Grid](/azure/event-grid/troubleshoot-network-connectivity).
   * Azure Data Lake Storage Gen 2: [Storage account standard endpoints](/azure/storage/common/storage-account-overview#standard-endpoints).
 
+Currently, Azure IoT Operations doesn't support proxies that perform TLS inspection.
 
 ## Next steps
 
diff --git a/articles/iot-operations/overview-iot-operations.md b/articles/iot-operations/overview-iot-operations.md
@@ -19,7 +19,7 @@ Azure IoT Operations:
 * Is built from ground up by using Kubernetes native applications.
 * Includes an industrial-grade, edge-native MQTT broker that powers event-driven architectures.
 * Is highly extensible, scalable, resilient, and secure.
-* Lets you manage edge services and resources from the cloud by using Azure Arc.
+* Lets you manage edge services and resources from the cloud by using [Azure Arc](/azure/azure-arc/overview).
 * Can integrate customer workloads into the platform to create a unified solution.
 * Supports GitOps configuration as code for deployment and updates.
 * Natively integrates with [Azure Event Hubs](../event-hubs/azure-event-hubs-kafka-overview.md), [Azure Event Grid's MQTT broker](../event-grid/mqtt-overview.md), and [Microsoft Fabric](/fabric/) in the cloud.
