Merge branch 'main' of https://github.com/microsoftdocs/azure-docs-pr into 0804-vscode

Author: mumian

articles/aks/openfaas.md

@@ -105,7 +105,7 @@ gateway            ClusterIP      10.0.156.194   <none>         8080/TCP
 gateway-external   LoadBalancer   10.0.28.18     52.186.64.52   8080:30800/TCP   7m
 ```
 
-To test the OpenFaaS system, browse to the external IP address on port 8080, `http://52.186.64.52:8080` in this example. You will be prompted to log in. To fetch your password, enter `echo $PASSWORD`.
+To test the OpenFaaS system, browse to the external IP address on port 8080, `http://52.186.64.52:8080` in this example. You will be prompted to log in. The default user is `admin` and your password can be retrieved by using `echo $PASSWORD`.
 
 ![OpenFaaS UI](media/container-service-serverless/openfaas.png)
 

articles/api-management/virtual-network-reference.md

@@ -43,7 +43,8 @@ When an API Management service instance is hosted in a VNet, the ports in the fo
 | * / 443, 12000                     | Outbound           | TCP                | VirtualNetwork / AzureCloud            | Health and Monitoring Extension (optional)        | External & Internal  |
 | * / 1886, 443                     | Outbound           | TCP                | VirtualNetwork / AzureMonitor         | Publish [Diagnostics Logs and Metrics](api-management-howto-use-azure-monitor.md), [Resource Health](../service-health/resource-health-overview.md), and [Application Insights](api-management-howto-app-insights.md) (optional)                  | External & Internal  |
 | * / 25, 587, 25028                       | Outbound           | TCP                | VirtualNetwork / Internet            | Connect to SMTP Relay for sending e-mail (optional)                   | External & Internal  |
-| * / 6381 - 6383              | Inbound & Outbound | TCP                | VirtualNetwork / VirtualNetwork     | Access Redis Service for [Cache](api-management-caching-policies.md) policies between machines (optional)        | External & Internal  |
+| * / 6380             | Inbound & Outbound | TCP                | VirtualNetwork / VirtualNetwork     | Access external Azure Cache for Redis service for [caching](api-management-caching-policies.md) policies between machines (optional)        | External & Internal  |
+| * / 6381 - 6383              | Inbound & Outbound | TCP                | VirtualNetwork / VirtualNetwork     | Access internal Azure Cache for Redis service for [caching](api-management-caching-policies.md) policies between machines (optional)        | External & Internal  |
 | * / 4290              | Inbound & Outbound | UDP                | VirtualNetwork / VirtualNetwork     | Sync Counters for [Rate Limit](api-management-access-restriction-policies.md#LimitCallRateByKey) policies between machines (optional)        | External & Internal  |
 | * / 6390                       | Inbound            | TCP                | AzureLoadBalancer / VirtualNetwork | **Azure Infrastructure Load Balancer**                          | External & Internal  |
 

articles/azure-arc/kubernetes/agent-upgrade.md

@@ -10,7 +10,7 @@ keywords: "Kubernetes, Arc, Azure, K8s, containers, agent, update, auto upgrade"
 
 # Upgrade Azure Arc-enabled Kubernetes agents
 
-Azure Arc-enabled Kubernetes provides both automatic and manual upgrade capabilities for its agents. If you disable automatic upgrade and instead rely on manual upgrade, a [version support policy](#version-support-policy) applies for Arc agents and the underlying Kubernetes clusters.
+Azure Arc-enabled Kubernetes provides both automatic and manual upgrade capabilities for its [agents](conceptual-agent-overview.md). If you disable automatic upgrade and instead rely on manual upgrade, a [version support policy](#version-support-policy) applies for Arc agents and the underlying Kubernetes clusters.
 
 ## Toggle automatic upgrade on or off when connecting cluster to Azure Arc
 

articles/azure-arc/kubernetes/conceptual-agent-overview.md

@@ -2,52 +2,55 @@
 title: "Azure Arc-enabled Kubernetes agent architecture"
 services: azure-arc
 ms.service: azure-arc
-ms.date: 03/03/2021
+ms.date: 08/03/2021
 ms.topic: conceptual
-description: "This article provides an architectural overview of Azure Arc-enabled Kubernetes agents"
+description: "This article provides an architectural overview of Azure Arc-enabled Kubernetes agents."
 keywords: "Kubernetes, Arc, Azure, containers"
 ---
 
 # Azure Arc-enabled Kubernetes agent overview
 
-[Kubernetes](https://kubernetes.io/) can deploy containerized workloads consistently on hybrid and multi-cloud environments. Azure Arc-enabled Kubernetes provides a centralized, consistent control plane to manage policy, governance, and security across Kubernetes clusters on these heterogenous environments. This article provides an overview of the Azure Arc agents deployed on the Kubernetes clusters as part of connecting the cluster to Azure Arc.
+[Kubernetes](https://kubernetes.io/) can deploy containerized workloads consistently on hybrid and multi-cloud environments. [Azure Arc-enabled Kubernetes](overview.md) provides a centralized, consistent control plane to manage policy, governance, and security across Kubernetes clusters on these heterogenous environments.
+
+This article provides an overview of the Azure Arc agents deployed on the Kubernetes clusters when [connecting them to Azure Arc](quickstart-connect-cluster.md).
 
 ## Deploy agents to your cluster
 
-Most on-prem datacenters enforce strict network rules that prevent inbound communication on the network boundary firewall. Azure Arc-enabled Kubernetes works with these restrictions by not requiring inbound ports on the firewall. Azure Arc agents only require outbound communication to a prerequisite list of network endpoints.
+Most on-premises datacenters enforce strict network rules that prevent inbound communication on the network boundary firewall. Azure Arc-enabled Kubernetes works with these restrictions by not requiring inbound ports on the firewall. Azure Arc agents only require outbound communication to a [set list of network endpoints](quickstart-connect-cluster.md#meet-network-requirements).
 
-[ ![Architectural overview](./media/architectural-overview.png) ](./media/architectural-overview.png#lightbox)
+![Diagram showing an architectural overview of the Azure Arc-enabled Kubernetes agents](./media/architectural-overview.png) ](./media/architectural-overview.png#lightbox)
 
-The following steps are involved in connecting a Kubernetes cluster to Azure Arc:
+The following high-level steps are involved in [connecting a Kubernetes cluster to Azure Ar](quickstart-connect-cluster.md)c:
 
 1. Create a Kubernetes cluster on your choice of infrastructure (VMware vSphere, Amazon Web Services, Google Cloud Platform, etc.). 
 
     > [!NOTE]
-    > Since Azure Arc-enabled Kubernetes currently only supports attaching existing Kubernetes clusters to Azure Arc, customers are required to create and manage the lifecycle of the Kubernetes cluster themselves.  
+    > Azure Arc-enabled Kubernetes currently only supports attaching existing Kubernetes clusters to Azure Arc. You must create the cluster before you connect it to Azure Arc.
 
-1. Start the Azure Arc registration for your cluster using Azure CLI.
-    * Azure CLI uses Helm to deploy the agent Helm chart on the cluster.
-    * The cluster nodes initiate an outbound communication to the [Microsoft Container Registry](https://github.com/microsoft/containerregistry) and pull the images needed to create the following agents in the `azure-arc` namespace:
+1. Start the Azure Arc registration for your cluster.
+    * The agent Helm chart is deployed on the cluster.
+    * The cluster nodes initiate an outbound communication to the [Microsoft Container Registry](https://github.com/microsoft/containerregistry), pulling the images needed to create the following agents in the `azure-arc` namespace:
 
         | Agent | Description |
         | ----- | ----------- |
         | `deployment.apps/clusteridentityoperator` | Azure Arc-enabled Kubernetes currently supports only [system assigned identities](../../active-directory/managed-identities-azure-resources/overview.md). `clusteridentityoperator` initiates the first outbound communication. This first communication fetches the Managed Service Identity (MSI) certificate used by other agents for communication with Azure. |
         | `deployment.apps/config-agent` | Watches the connected cluster for source control configuration resources applied on the cluster. Updates the compliance state. |
-        | `deployment.apps/controller-manager` | An operator of operators that orchestrates interactions between Azure Arc components. |    
+        | `deployment.apps/controller-manager` | An operator of operators that orchestrates interactions between Azure Arc components. |
         | `deployment.apps/metrics-agent` | Collects metrics of other Arc agents to verify optimal performance. |
         | `deployment.apps/cluster-metadata-operator` | Gathers cluster metadata, including cluster version, node count, and Azure Arc agent version. |
         | `deployment.apps/resource-sync-agent` | Syncs the above-mentioned cluster metadata to Azure. |
         | `deployment.apps/flux-logs-agent` | Collects logs from the flux operators deployed as a part of source control configuration. |
         | `deployment.apps/extension-manager` | Installs and manages lifecycle of extension helm charts |
-        | `deployment.apps/kube-aad-proxy` | Used for authentication of requests sent to the cluster using Cluster Connect |
-        | `deployment.apps/clusterconnect-agent` | Reverse proxy agent that enables Cluster Connect feature to provide access to `apiserver` of cluster. Optional component deployed only if `cluster-connect` feature is enabled on the cluster   |
-        | `deployment.apps/guard` | Authentication and authorization webhook server used for Azure Active Directory (Azure AD) RBAC. Optional component deployed only if `azure-rbac` feature is enabled on the cluster   |
+        | `deployment.apps/kube-aad-proxy` | Used for authentication of requests sent to the cluster using Cluster Connect. |
+        | `deployment.apps/clusterconnect-agent` | Reverse proxy agent that enables the Cluster Connect feature to provide access to `apiserver` of the cluster. Optional component deployed only if the [Cluster Connect](conceptual-cluster-connect.md) feature is enabled.  |
+        | `deployment.apps/guard` | Authentication and authorization webhook server used for Azure Active Directory (Azure AD) RBAC. Optional component deployed only if [Azure RBAC](conceptual-azure-rbac.md) is enabled on the cluster.   |
 
-1. Once all the Azure Arc-enabled Kubernetes agent pods are in `Running` state, verify that your cluster connected to Azure Arc. You should see:
+1. Once all the Azure Arc-enabled Kubernetes agent pods are in `Running` state, verify that your cluster is connected to Azure Arc. You should see:
     * An Azure Arc-enabled Kubernetes resource in [Azure Resource Manager](../../azure-resource-manager/management/overview.md). Azure tracks this resource as a projection of the customer-managed Kubernetes cluster, not the actual Kubernetes cluster itself.
-    * Cluster metadata (like Kubernetes version, agent version, and number of nodes) appears on the Azure Arc-enabled Kubernetes resource as metadata.
+    * Cluster metadata (such as Kubernetes version, agent version, and number of nodes) appearing on the Azure Arc-enabled Kubernetes resource as metadata.
 
 ## Next steps
 
 * Walk through our quickstart to [connect a Kubernetes cluster to Azure Arc](./quickstart-connect-cluster.md).
+* Learn about [upgrading Azure Arc-enabled Kubernetes agents](agent-upgrade.md).
 * Learn more about the creating connections between your cluster and a Git repository as a [configuration resource with Azure Arc-enabled Kubernetes](./conceptual-configurations.md).

articles/azure-cache-for-redis/cache-best-practices-connection.md

@@ -3,9 +3,10 @@ title: Best practices for connection resilience
 titleSuffix: Azure Cache for Redis
 description: Learn how to make your Azure Cache for Redis connections resilient.
 author: flang-msft
+
 ms.service: cache
 ms.topic: conceptual
-ms.date: 11/3/2021
+ms.date: 08/03/2022
 ms.author: franlanglois
 ---
 
@@ -21,7 +22,9 @@ Test your system's resiliency to connection breaks using a [reboot](cache-admini
 
 ## TCP settings for Linux-hosted client applications
 
-Some Linux versions use optimistic TCP settings by default. The TCP settings can create a situation where a client connection to a cache cannot be reestablished for a long time when a Redis server stops responding before closing the connection gracefully. The failure to reestablish a connection can happen if the primary node of your Azure Cache For Redis becomes unavailable, for example, for unplanned maintenance.
+Some Linux versions use TCP settings that are too high by default. The higher TCP settings can create a situation where a client connection to a cache cannot be reestablished for a long time when a Redis server stops responding. The client waits too long before closing the connection gracefully.
+
+The failure to reestablish a connection can happen if the primary node of your Azure Cache For Redis becomes unavailable, for example, for unplanned maintenance.
 
 We recommend these TCP settings:
 

articles/azure-netapp-files/includes/oracle-dnfs.md

@@ -13,4 +13,4 @@ ms.custom: include file
 ---
 
 > [!IMPORTANT]
-> For correct and optional deployment of Orace dNFS, follow the patching guidelines outlined [here](../faq-nfs.md#oracle-dnfs).
+> For correct and optimal deployment of Orace dNFS, follow the patching guidelines outlined [here](../faq-nfs.md#oracle-dnfs).

articles/azure-resource-manager/custom-providers/index.yml

@@ -1,16 +1,16 @@
 ### YamlMime:Landing
 
 title: Azure Custom Providers documentation
-summary: Define custom APIs that extend the Azure experience
+summary: Define custom APIs that extend the Azure experience.
 
 metadata:
   title: Azure Custom Providers documentation
-  description: Azure Custom Providers is an extensibility platform to Azure that enables you define to custom APIs
+  description: Azure Custom Providers is an extensibility platform to Azure that enables you to define custom APIs.
   ms.service: azure-custom-providers
   ms.topic: landing-page
   ms.collection: na
-  author: tfitzmac
-  ms.author: tomfitz
+  author: davidsmatlak
+  ms.author: davidsmatlak
   ms.date: 01/02/2020
 
 # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new
@@ -29,7 +29,7 @@ landingContent:
             url: concepts-built-in-policy.md
           - text: Resource onboarding overview
             url: concepts-resource-onboarding.md
-      
+
   # Card
   - title: Create custom providers
     linkLists:
@@ -67,5 +67,3 @@ landingContent:
             url: proxy-cache-resource-endpoint-reference.md
           - text: Custom provider RESTful endpoint reference
             url: reference-custom-providers-csharp-endpoint.md
-          
-        

articles/azure-resource-manager/managed-applications/index.yml

@@ -1,16 +1,16 @@
 ### YamlMime:Landing
 
-title: Managed Applications documentation
+title: Azure Managed Applications documentation
 summary: Offer cloud solutions that are easy for consumers to deploy and operate.
 
 metadata:
   title: Azure Managed Applications documentation
-  description: Azure managed applications enable you to offer cloud solutions that are easy for consumers to deploy and operate.
+  description: Azure Managed Applications enable you to offer cloud solutions that are easy for consumers to deploy and operate.
   ms.service: managed-applications
   ms.topic: landing-page
   ms.collection: na
-  author: tfitzmac
-  ms.author: tomfitz
+  author: davidsmatlak
+  ms.author: davidsmatlak
   ms.date: 01/02/2020
 
 # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new
@@ -45,7 +45,7 @@ landingContent:
         links:
           - text: Create definition files
             url: publish-service-catalog-app.md
-          - text: Publish marketplace application 
+          - text: Publish marketplace application
             url: ../../marketplace/azure-app-offer-setup.md
           - text: Create managed application with custom provider
             url: tutorial-create-managed-app-with-custom-provider.md
@@ -94,4 +94,4 @@ landingContent:
           - text: Deploy with notifications
             url: publish-notifications.md
           - text: Update managed resources
-            url: update-managed-resources.md
+            url: update-managed-resources.md

articles/azure-resource-manager/templates/best-practices.md

@@ -189,6 +189,23 @@ The following information can be helpful when you work with [resources](./syntax
     ]
     ```
 
+   If your ARM template is stored in a `.jsonc` file, comments using the `//` syntax are supported, as shown here.
+
+    ```javascript
+    "resources": [
+      {
+        // This storage account is used to store the VM disks.
+        "name": "[variables('storageAccountName')]",
+        "type": "Microsoft.Storage/storageAccounts",
+        "apiVersion": "2019-06-01",
+        "location": "[resourceGroup().location]",
+          ...
+      }
+    ]
+    ```
+
+   For more details about comments and metadata see [Understand the structure and syntax of ARM templates](/azure/azure-resource-manager/templates/syntax#comments-and-metadata).
+
 * If you use a *public endpoint* in your template (such as an Azure Blob storage public endpoint), *don't hard-code* the namespace. Use the `reference` function to dynamically retrieve the namespace. You can use this approach to deploy the template to different public namespace environments without manually changing the endpoint in the template. Set the API version to the same version that you're using for the storage account in your template.
 
     ```json
@@ -272,6 +289,14 @@ The following information can be helpful when you work with [resources](./syntax
 
 * Specify explicit values for properties that have default values that could change over time. For example, if you're deploying an AKS cluster, you can either specify or omit the `kubernetesVersion` property. If you don't specify it, then [the cluster is defaulted to the N-1 minor version and latest patch](../../aks/supported-kubernetes-versions.md#azure-portal-and-cli-versions). When you deploy the cluster using an ARM template, this default behavior might not be what you expect. Redeploying your template may result in the cluster being upgraded to a new Kubernetes version unexpectedly. Instead, consider specifying an explicit version number and then manually changing it when you're ready to upgrade your cluster.
 
+## Comments
+
+In addition to the `comments` property, comments using the `//` syntax are supported.  For more details about comments and metadata see [Understand the structure and syntax of ARM templates](/azure/azure-resource-manager/templates/syntax#comments-and-metadata). You may choose to save JSON files that contain `//` comments using the `.jsonc` file extension, to indicate the JSON file contains comments. The ARM service will also accept comments in any JSON file including parameters files.
+
+## Visual Studio Code ARM Tools
+
+Working with ARM templates is much easier with the Azure Resource Manager (ARM) Tools for Visual Studio Code. This extension provides language support, resource snippets, and resource auto-completion to help you create and validate Azure Resource Manager templates. To learn more and install the extension, see [Azure Resource Manager (ARM) Tools](https://marketplace.visualstudio.com/items?itemName=msazurermtools.azurerm-vscode-tools).
+
 ## Use test toolkit
 
 The ARM template test toolkit is a script that checks whether your template uses recommended practices. When your template isn't compliant with recommended practices, it returns a list of warnings with suggested changes. The test toolkit can help you learn how to implement best practices in your template.