You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/aks/enable-fips-nodes.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -189,7 +189,7 @@ Existing node pools can be updated to enable or disable FIPS. If you are plannin
189
189
```
190
190
191
191
### Enable FIPS on an existing Linux node pool
192
-
Existing Linux node pools can be updated to enable FIPS. When updating an existing node pool, the node image will change from the current image to the recommended FIPS image of the same OS SKU. The node image change will occur after a re-image.
192
+
Existing Linux node pools can be updated to enable FIPS. When you update an existing node pool, the node image will change from the current image to the recommended FIPS image of the same OS SKU. The node image change will occur after a re-image.
193
193
194
194
1. Update a Linux node pool using the [`az aks nodepool update`][az-aks-nodepool-update] command with the `--enable-fips-image` parameter.
195
195
@@ -202,7 +202,7 @@ Existing Linux node pools can be updated to enable FIPS. When updating an existi
202
202
```
203
203
204
204
205
-
2. Verify your node pool is FIPS-enabled using the [`az aks show`][az-aks-show] command and query for the *enableFIPS* value in *agentPoolProfiles*.
205
+
2. Verify that your node pool is FIPS-enabled using the [`az aks show`][az-aks-show] command and query for the *enableFIPS* value in *agentPoolProfiles*.
206
206
207
207
```azurecli-interactive
208
208
az aks show \
@@ -212,7 +212,7 @@ Existing Linux node pools can be updated to enable FIPS. When updating an existi
212
212
-o table
213
213
```
214
214
215
-
The following example output shows the *np* node pool is FIPS-enabled:
215
+
The following example output shows that the *np* node pool is FIPS-enabled:
216
216
217
217
```output
218
218
Name enableFips
@@ -253,7 +253,7 @@ Existing Linux node pools can be updated to enable FIPS. When updating an existi
253
253
FIPS-enabled node pools also have a *kubernetes.azure.com/fips_enabled=true* label, which deployments can use to target those node pools.
254
254
255
255
## Disable FIPS on an existing node pool
256
-
Existing Linux node pools can be updated to enable FIPS. When updating an existing node pool, the node image will change from the current image to the recommended FIPS image of the same OS SKU. The node image change will occur after a re-image.
256
+
Existing Linux node pools can be updated to disable FIPS. When updating an existing node pool, the node image will change from the current FIPS image to the recommended non-FIPS image of the same OS SKU. The node image change will occur after a re-image.
257
257
258
258
1. Update a Linux node pool using the [`az aks nodepool update`][az-aks-nodepool-update] command with the `--disable-fips-image` parameter.
259
259
@@ -266,7 +266,7 @@ Existing Linux node pools can be updated to enable FIPS. When updating an existi
266
266
```
267
267
268
268
269
-
2. Verify your node pool is not FIPS-enabled using the [`az aks show`][az-aks-show] command and query for the *enableFIPS* value in *agentPoolProfiles*.
269
+
2. Verify that your node pool is not FIPS-enabled using the [`az aks show`][az-aks-show] command and query for the *enableFIPS* value in *agentPoolProfiles*.
270
270
271
271
```azurecli-interactive
272
272
az aks show \
@@ -276,7 +276,7 @@ Existing Linux node pools can be updated to enable FIPS. When updating an existi
276
276
-o table
277
277
```
278
278
279
-
The following example output shows the *np* node pool is not FIPS-enabled:
279
+
The following example output shows that the *np* node pool is not FIPS-enabled:
0 commit comments