Merge pull request #246641 from greg-lindsay/appgw-public-prs

Edit note and add note per public PRs

Author: denrea

articles/application-gateway/ingress-controller-expose-service-over-http-https.md

@@ -15,7 +15,7 @@ ms.author: greglin
 These tutorials help illustrate the usage of [Kubernetes Ingress Resources](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose an example Kubernetes service through the [Azure Application Gateway](https://azure.microsoft.com/services/application-gateway/) over HTTP or HTTPS.
 
 > [!TIP]
-> Also see [What is Application Gateway for Containers?](for-containers/overview.md), currently in public preview.
+> Also see [What is Application Gateway for Containers?](for-containers/overview.md) currently in public preview.
 
 ## Prerequisites
 

articles/application-gateway/ingress-controller-expose-websocket-server.md

@@ -14,7 +14,7 @@ ms.author: greglin
 As outlined in the Application Gateway v2 documentation - it [provides native support for the WebSocket and HTTP/2 protocols](features.md#websocket-and-http2-traffic). Note that for both Application Gateway and the Kubernetes Ingress - there is no user-configurable setting to selectively enable or disable WebSocket support.
 
 > [!TIP]
-> Also see [What is Application Gateway for Containers?](for-containers/overview.md), currently in public preview.
+> Also see [What is Application Gateway for Containers?](for-containers/overview.md) currently in public preview.
 
 The following Kubernetes deployment YAML shows the minimum configuration used to deploy a WebSocket server, which is the same as deploying a regular web server:
 ```yaml

articles/application-gateway/ingress-controller-install-existing.md

@@ -6,7 +6,7 @@ author: greg-lindsay
 ms.service: application-gateway
 ms.custom: devx-track-arm-template, devx-track-linux
 ms.topic: how-to
-ms.date: 07/22/2023
+ms.date: 07/28/2023
 ms.author: greglin
 ---
 
@@ -17,7 +17,7 @@ AGIC monitors the Kubernetes [Ingress](https://kubernetes.io/docs/concepts/servi
 resources, and creates and applies Application Gateway config based on the status of the Kubernetes cluster.
 
 > [!TIP]
-> Also see [What is Application Gateway for Containers?](for-containers/overview.md), currently in public preview.
+> Also see [What is Application Gateway for Containers?](for-containers/overview.md) currently in public preview.
 
 ## Outline
 
@@ -49,7 +49,9 @@ Gateway should that become necessary
 ## Install Helm
 
 [Helm](../aks/kubernetes-helm.md) is a package manager for Kubernetes, used to install the `application-gateway-kubernetes-ingress` package.
-Use [Cloud Shell](https://shell.azure.com/) to install Helm:
+
+> [!NOTE]
+> If you use [Cloud Shell](https://shell.azure.com/), you don't need to install Helm.  Azure Cloud Shell comes with Helm version 3. Skip the first step and just add the AGIC Helm repository.
 
 1. Install [Helm](../aks/kubernetes-helm.md) and run the following to add `application-gateway-kubernetes-ingress` helm package:
 
@@ -67,8 +69,7 @@ Use [Cloud Shell](https://shell.azure.com/) to install Helm:
     helm init
     ```
 
-1. Add the AGIC Helm repository:
-
+2. Add the AGIC Helm repository:
     ```bash
     helm repo add application-gateway-kubernetes-ingress https://appgwingress.blob.core.windows.net/ingress-azure-helm-package/
     helm repo update

articles/application-gateway/ingress-controller-install-new.md

@@ -6,7 +6,7 @@ author: greg-lindsay
 ms.service: application-gateway
 ms.custom: devx-track-linux
 ms.topic: how-to
-ms.date: 07/22/2023
+ms.date: 07/28/2023
 ms.author: greglin
 ---
 
@@ -16,7 +16,7 @@ The instructions below assume Application Gateway Ingress Controller (AGIC) will
 installed in an environment with no pre-existing components.
 
 > [!TIP]
-> Also see [What is Application Gateway for Containers?](for-containers/overview.md), currently in public preview.
+> Also see [What is Application Gateway for Containers?](for-containers/overview.md) currently in public preview.
 
 ## Required Command Line Tools
 
@@ -110,7 +110,7 @@ This step will add the following components to your subscription:
 
 With the instructions in the previous section, we created and configured a new AKS cluster and an Application Gateway. We're now ready to deploy a sample app and an ingress controller to our new Kubernetes infrastructure.
 
-### Setup Kubernetes Credentials
+### Set up Kubernetes Credentials
 For the following steps, we need setup [kubectl](https://kubectl.docs.kubernetes.io/) command,
 which we'll use to connect to our new Kubernetes cluster. [Cloud Shell](https://shell.azure.com/) has `kubectl` already installed. We'll use `az` CLI to obtain credentials for Kubernetes.
 
@@ -148,8 +148,10 @@ To install Azure AD Pod Identity to your cluster:
      ```
 
 ### Install Helm
-[Helm](../aks/kubernetes-helm.md) is a package manager for
-Kubernetes. We'll use it to install the `application-gateway-kubernetes-ingress` package:
+[Helm](../aks/kubernetes-helm.md) is a package manager for Kubernetes. We'll use it to install the `application-gateway-kubernetes-ingress` package.
+
+> [!NOTE]
+> If you use [Cloud Shell](https://shell.azure.com/), you don't need to install Helm.  Azure Cloud Shell comes with Helm version 3. Skip the first step and just add the AGIC Helm repository.
 
 1. Install [Helm](../aks/kubernetes-helm.md) and run the following to add `application-gateway-kubernetes-ingress` helm package:
 
@@ -167,7 +169,7 @@ Kubernetes. We'll use it to install the `application-gateway-kubernetes-ingress`
         helm init
         ```
 
-1. Add the AGIC Helm repository:
+2. Add the AGIC Helm repository:
     ```bash
     helm repo add application-gateway-kubernetes-ingress https://appgwingress.blob.core.windows.net/ingress-azure-helm-package/
     helm repo update

articles/application-gateway/ingress-controller-letsencrypt-certificate-application-gateway.md

@@ -15,7 +15,7 @@ ms.author: greglin
 This section configures your AKS to use [LetsEncrypt.org](https://letsencrypt.org/) and automatically obtain a TLS/SSL certificate for your domain. The certificate is installed on Application Gateway, which performs SSL/TLS termination for your AKS cluster. The setup described here uses the [cert-manager](https://github.com/jetstack/cert-manager) Kubernetes add-on, which automates the creation and management of certificates.
 
 > [!TIP]
-> Also see [What is Application Gateway for Containers?](for-containers/overview.md), currently in public preview.
+> Also see [What is Application Gateway for Containers?](for-containers/overview.md) currently in public preview.
 
 Use the following steps to install [cert-manager](https://docs.cert-manager.io) on your existing AKS cluster.
 

articles/application-gateway/ingress-controller-migration.md

@@ -5,7 +5,7 @@ services: application-gateway
 author: greg-lindsay
 ms.service: application-gateway
 ms.topic: article
-ms.date: 07/22/2023
+ms.date: 07/28/2023
 ms.author: greglin
 ---
 
@@ -14,15 +14,15 @@ ms.author: greglin
 If you already have AGIC deployed through Helm but want to migrate to AGIC deployed as an AKS add-on, the following steps help to guide you through the migration process. 
 
 > [!TIP]
-> Also see [What is Application Gateway for Containers?](for-containers/overview.md), currently in public preview.
+> Also see [What is Application Gateway for Containers?](for-containers/overview.md) currently in public preview.
 
 ## Prerequisites 
 Before you start the migration process, there are a few things to check. 
   - Are you using any features with AGIC Helm that are [currently not supported with AGIC add-on](ingress-controller-overview.md#difference-between-helm-deployment-and-aks-add-on)?
   - Are you using more than one AGIC Helm deployment per AKS cluster? 
   - Are you using multiple AGIC Helm deployments to target one Application Gateway? 
 
-If you answered yes to any of the questions above, AGIC add-on won't support your use case yet so it is be best to continue using AGIC Helm in the meantime. Otherwise, continue with the migration process below during off-business hours. 
+If you answered yes to any of the previous questions, AGIC add-on won't support your use case yet, so it's best to continue using AGIC Helm. Otherwise, use the following migration process during off-business hours. 
 
 ## Find the Application Gateway resource ID that AGIC Helm is currently targeting 
 Navigate to the Application Gateway that your AGIC Helm deployment is targeting. Copy and save the resource ID of that Application Gateway. You need the resource ID in a later step. The resource ID can be found in Portal, under the Properties tab of your Application Gateway or through Azure CLI. The following example saves the Application Gateway resource ID to *appgwId* for a gateway named *myApplicationGateway* in the resource group *myResourceGroup*.
@@ -32,10 +32,10 @@ appgwId=$(az network application-gateway show -n myApplicationGateway -g myResou
 ```
 
 ## Delete AGIC Helm from your AKS cluster
-Through Azure CLI, delete your AGIC Helm deployment from your cluster. You'll need to delete the AGIC Helm deployment first before you can enable the AGIC AKS add-on. Please note that any changes that occur within your AKS cluster between the time of deleting your AGIC Helm deployment and the time you enable the AGIC add-on won't be reflected on your Application Gateway, and therefore this migration process should be done outside of business hours to minimize impact. Application Gateway continues to have the last configuration applied by AGIC so existing routing rules won't be affected. 
+Using Azure CLI, delete your AGIC Helm deployment from your cluster. You need to delete the AGIC Helm deployment first before you can enable the AGIC AKS add-on. Any changes that occur within your AKS cluster between the time of deleting your AGIC Helm deployment and the time you enable the AGIC add-on aren't reflected on your Application Gateway. Therefore, migration should be completed outside of business hours to minimize impact. Application Gateway continues to have the last configuration applied by AGIC so that existing routing rules aren't affected. 
 
 ## Enable AGIC add-on using your existing Application Gateway 
-You can now enable the AGIC add-on in your AKS cluster to target your existing Application Gateway through Azure CLI or Portal. Run the following Azure CLI command to enable the AGIC add-on in your AKS cluster. The example enables the add-on in a cluster called *myCluster*, in a resource group called *myResourceGroup*, using the Application Gateway resource ID *appgwId* we saved above in the earlier step. 
+You can now enable the AGIC add-on in your AKS cluster to target your existing Application Gateway through Azure CLI or Portal. Run the following Azure CLI command to enable the AGIC add-on in your AKS cluster. The example enables the add-on in a cluster called *myCluster*, in a resource group called *myResourceGroup*, using the Application Gateway resource ID *appgwId* we saved in the earlier step. 
 
 
 ```azurecli-interactive

articles/application-gateway/ingress-controller-multiple-namespace-support.md

@@ -33,7 +33,7 @@ namespace, unless this is explicitly changed to one or more different
 namespaces in the Helm configuration (see the following section).
 
 > [!TIP]
-> Also see [What is Application Gateway for Containers?](for-containers/overview.md), currently in public preview.
+> Also see [What is Application Gateway for Containers?](for-containers/overview.md) currently in public preview.
 
 ## Enable multiple namespace support
 To enable multiple namespace support:

articles/application-gateway/ingress-controller-overview.md

@@ -5,7 +5,7 @@ services: application-gateway
 author: greg-lindsay
 ms.service: application-gateway
 ms.topic: article
-ms.date: 07/22/2023
+ms.date: 07/28/2023
 ms.author: greglin
 ---
 
@@ -15,12 +15,12 @@ The Application Gateway Ingress Controller (AGIC) is a Kubernetes application, w
 The Ingress Controller runs in its own pod on the customer’s AKS. AGIC monitors a subset of Kubernetes Resources for changes. The state of the AKS cluster is translated to Application Gateway specific configuration and applied to the [Azure Resource Manager (ARM)](../azure-resource-manager/management/overview.md).
 
 > [!TIP]
-> Also see [What is Application Gateway for Containers?](for-containers/overview.md), currently in public preview.
+> Also see [What is Application Gateway for Containers?](for-containers/overview.md) currently in public preview.
 
 ## Benefits of Application Gateway Ingress Controller
-AGIC helps eliminate the need to have another load balancer/public IP in front of the AKS cluster and avoids multiple hops in your datapath before requests reach the AKS cluster. Application Gateway talks to pods using their private IP directly and doesn't require NodePort or KubeProxy services. This also brings better performance to your deployments.
+AGIC helps eliminate the need to have another load balancer/public IP address in front of the AKS cluster and avoids multiple hops in your datapath before requests reach the AKS cluster. Application Gateway talks to pods using their private IP address directly and doesn't require NodePort or KubeProxy services. This capability also brings better performance to your deployments.
 
-Ingress Controller is supported exclusively by Standard_v2 and WAF_v2 SKUs, which also enables autoscaling benefits. Application Gateway can react in response to an increase or decrease in traffic load and scale accordingly, without consuming any resources from your AKS cluster.
+Ingress Controller is supported exclusively by Standard_v2 and WAF_v2 SKUs, which also enable autoscaling benefits. Application Gateway can react in response to an increase or decrease in traffic load and scale accordingly, without consuming any resources from your AKS cluster.
 
 Using Application Gateway in addition to AGIC also helps protect your AKS cluster by providing TLS policy and Web Application Firewall (WAF) functionality.
 
@@ -35,16 +35,16 @@ AGIC is configured via the Kubernetes [Ingress resource](https://kubernetes.io/d
   - Integrated web application firewall
 
 ## Difference between Helm deployment and AKS Add-On
-There are two ways to deploy AGIC for your AKS cluster. The first way is through Helm; the second is through AKS as an add-on. The primary benefit of deploying AGIC as an AKS add-on is that it's much simpler than deploying through Helm. For a new setup, you can deploy a new Application Gateway and a new AKS cluster with AGIC enabled as an add-on in one line in Azure CLI. The add-on is also a fully managed service, which provides added benefits such as automatic updates and increased support. Both ways of deploying AGIC (Helm and AKS add-on) are fully supported by Microsoft. Additionally, the add-on allows for better integration with AKS as a first class add-on.
+There are two ways to deploy AGIC for your AKS cluster. The first way is through Helm; the second is through AKS as an add-on. The primary benefit of deploying AGIC as an AKS add-on is that it's simpler than deploying through Helm. For a new setup, you can deploy a new Application Gateway and a new AKS cluster with AGIC enabled as an add-on in one line in Azure CLI. The add-on is also a fully managed service, which provides added benefits such as automatic updates and increased support. Both ways of deploying AGIC (Helm and AKS add-on) are fully supported by Microsoft. Additionally, the add-on allows for better integration with AKS as a first class add-on.
 
-The AGIC add-on is still deployed as a pod in the customer's AKS cluster, however, there are a few differences between the Helm deployment version and the add-on version of AGIC. Below is a list of differences between the two versions: 
+The AGIC add-on is still deployed as a pod in the customer's AKS cluster, however, there are a few differences between the Helm deployment version and the add-on version of AGIC. The following is a list of differences between the two versions: 
   - Helm deployment values can't be modified on the AKS add-on:
     - `verbosityLevel` is set to 5 by default
-    - `usePrivateIp` is set to be false by default; this can be overwritten by the [use-private-ip annotation](ingress-controller-annotations.md#use-private-ip)
+    - `usePrivateIp` is set to be false by default; this setting can be overwritten by the [use-private-ip annotation](ingress-controller-annotations.md#use-private-ip)
     - `shared` isn't supported on add-on 
     - `reconcilePeriodSeconds` isn't supported on add-on
     - `armAuth.type` isn't supported on add-on
-  - AGIC deployed via Helm supports ProhibitedTargets, which means AGIC can configure the Application Gateway specifically for AKS clusters without affecting other existing backends. AGIC add-on doesn't currently support this. 
+  - AGIC deployed via Helm supports ProhibitedTargets, which means AGIC can configure the Application Gateway specifically for AKS clusters without affecting other existing backends. AGIC add-on doesn't currently support this capability. 
   - Since AGIC add-on is a managed service, customers are automatically updated to the latest version of AGIC add-on, unlike AGIC deployed through Helm where the customer must manually update AGIC. 
 
 > [!NOTE]

articles/application-gateway/ingress-controller-private-ip.md

@@ -15,7 +15,7 @@ ms.author: greglin
 This feature exposes the ingress endpoint within the `Virtual Network` using a private IP.
 
 > [!TIP]
-> Also see [What is Application Gateway for Containers?](for-containers/overview.md), currently in public preview.
+> Also see [What is Application Gateway for Containers?](for-containers/overview.md) currently in public preview.
 
 ## Prerequisites  
 Application Gateway with a [Private IP configuration](./configure-application-gateway-with-private-frontend-ip.md)

articles/application-gateway/ingress-controller-troubleshoot.md

@@ -18,7 +18,7 @@ and AGIC installation. Launch your shell from [shell.azure.com](https://shell.az
 [![Embed launch](https://shell.azure.com/images/launchcloudshell.png "Launch Azure Cloud Shell")](https://shell.azure.com)
 
 > [!TIP]
-> Also see [What is Application Gateway for Containers?](for-containers/overview.md), currently in public preview.
+> Also see [What is Application Gateway for Containers?](for-containers/overview.md) currently in public preview.
 
 ## Test with a simple Kubernetes app