Merge pull request #234152 from divargas-msft/patch-1

[Doc-a-thon] Updating confidential-enclave-nodes-aks-get-started.md

Author: prmerger-automator[bot]

articles/confidential-computing/confidential-enclave-nodes-aks-get-started.md

@@ -5,7 +5,7 @@ author: agowdamsft
 ms.service: virtual-machines 
 ms.subservice: confidential-computing
 ms.topic: quickstart
-ms.date: 3/1/2023
+ms.date: 04/11/2023
 ms.author: amgowda
 ms.custom: contentperf-fy21q3, devx-track-azurecli, ignite-fall-2021, mode-api
 ---
@@ -26,7 +26,6 @@ Features of confidential computing nodes include:
 > [!NOTE]
 > DCsv2/DCsv3 VMs use specialized hardware that's subject region availability. For more information, see the [available SKUs and supported regions](virtual-machine-solutions-sgx.md).
 
-
 ## Prerequisites
 
 This quickstart requires:
@@ -57,6 +56,7 @@ Now create an AKS cluster, with the confidential computing add-on enabled, by us
 ```azurecli-interactive
 az aks create -g myResourceGroup --name myAKSCluster --generate-ssh-keys --enable-addons confcom
 ```
+
 The above command will deploy a new AKS cluster with system node pool of non confidential computing node. Confidential computing Intel SGX nodes are not recommended for system node pools.
 
 ### Add a user node pool with confidential computing capabilities to the AKS cluster<a id="add-a-user-node-pool-with-confidential-computing-capabilities-to-the-aks-cluster"></a>
@@ -79,9 +79,11 @@ az aks get-credentials --resource-group myResourceGroup --name myAKSCluster
 
 Use the `kubectl get pods` command to verify that the nodes are created properly and the SGX-related DaemonSets are running on DCsv2 node pools:
 
-```console
-$ kubectl get pods --all-namespaces
+```bash
+kubectl get pods --all-namespaces
+```
 
+```output
 kube-system     sgx-device-plugin-xxxx     1/1     Running
 ```
 
@@ -122,21 +124,24 @@ az aks nodepool list --cluster-name myAKSCluster --resource-group myResourceGrou
 
 Sign in to your existing AKS cluster to perform the following verification:
 
-```console
+```bash
 kubectl get nodes
 ```
 
 The output should show the newly added *confcompool1* pool on the AKS cluster. You might also see other DaemonSets.
 
-```console
-$ kubectl get pods --all-namespaces
+```bash
+kubectl get pods --all-namespaces
+```
 
+```output
 kube-system     sgx-device-plugin-xxxx     1/1     Running
 ```
 
 If the output matches the preceding code, your AKS cluster is now ready to run confidential applications. 
 
 ## Deploy Hello World from an isolated enclave application <a id="hello-world"></a>
+
 You're now ready to deploy a test application. 
 
 Create a file named *hello-world-enclave.yaml* and paste in the following YAML manifest. You can find this sample application code in the [Open Enclave project](https://github.com/openenclave/openenclave/tree/master/samples/helloworld). This deployment assumes that you've deployed the *confcom* add-on.
@@ -165,7 +170,8 @@ spec:
             sgx.intel.com/epc: 5Mi # This limit will automatically place the job into a confidential computing node and mount the required driver volumes. sgx limit setting needs "confcom" AKS Addon as referenced above. 
       restartPolicy: Never
   backoffLimit: 0
-  ```
+```
+
 Alternatively you can also do a node pool selection deployment for your container deployments as shown below
 
 ```yaml
@@ -199,35 +205,43 @@ spec:
             kubernetes.azure.com/sgx_epc_mem_in_MiB: 10
       restartPolicy: "Never"
   backoffLimit: 0
-  ```
+```
 
 Now use the `kubectl apply` command to create a sample job that will open in a secure enclave, as shown in the following example output:
 
-```console
-$ kubectl apply -f hello-world-enclave.yaml
+```bash
+kubectl apply -f hello-world-enclave.yaml
+```
 
+```output
 job "sgx-test" created
 ```
 
 You can confirm that the workload successfully created a Trusted Execution Environment (enclave) by running the following commands:
 
-```console
-$ kubectl get jobs -l app=sgx-test
+```bash
+kubectl get jobs -l app=sgx-test
+```
 
+```output
 NAME       COMPLETIONS   DURATION   AGE
 sgx-test   1/1           1s         23s
 ```
 
-```console
-$ kubectl get pods -l app=sgx-test
+```bash
+kubectl get pods -l app=sgx-test
+```
 
+```output
 NAME             READY   STATUS      RESTARTS   AGE
 sgx-test-rchvg   0/1     Completed   0          25s
 ```
 
-```console
-$ kubectl logs -l app=sgx-test
+```bash
+kubectl logs -l app=sgx-test
+```
 
+```output
 Hello world from the enclave
 Enclave called into host to print: Hello World!
 ```
@@ -248,9 +262,9 @@ az aks delete --resource-group myResourceGroup --cluster-name myAKSCluster
 
 ## Next steps
 
-* Run Python, Node, or other applications through confidential containers using ISV/OSS SGX wrapper software. Review [confidential container samples in GitHub](https://github.com/Azure-Samples/confidential-container-samples).
+- Run Python, Node, or other applications through confidential containers using ISV/OSS SGX wrapper software. Review [confidential container samples in GitHub](https://github.com/Azure-Samples/confidential-container-samples).
 
-* Run enclave-aware applications by using the [enclave-aware Azure container samples in GitHub](https://github.com/Azure-Samples/confidential-computing/blob/main/containersamples/).
+- Run enclave-aware applications by using the [enclave-aware Azure container samples in GitHub](https://github.com/Azure-Samples/confidential-computing/blob/main/containersamples/).
 
 <!-- LINKS -->
 [az-group-create]: /cli/azure/group#az_group_create