More files updated

Author: sethmanheim

AKS-Arc/ad-sso.md

@@ -3,10 +3,10 @@ title: Use Active Directory single sign-on for secure connection to Kubernetes A
 description: Use Active Directory Authentication to securely connect to the API server with SSO credentials
 author: sethmanheim
 ms.topic: how-to
-ms.date: 08/07/2024
+ms.date: 04/02/2025
 ms.author: sethm 
 ms.lastreviewed: 1/14/2022
-ms.reviewer: sulahiri
+ms.reviewer: leslielin
 
 # Intent: As an IT Pro, I want to ue Active Directory Authentication to securely connect to the Kubernetes API server with SSO credentials.
 # Keyword: secure connection to Kubernetes API server
@@ -21,11 +21,11 @@ You can create a secure connection to your Kubernetes API server in AKS enabled
 
 ## Overview of AD in AKS enabled by Arc
 
-Without Active Directory authentication, you must rely on a certificate-based _kubeconfig_ file when you connect to the API server via the `kubectl` command. The **kubeconfig** file contains secrets such as private keys and certificates that need to be carefully distributed, which can be a significant security risk.
+Without Active Directory authentication, you must rely on a certificate-based *kubeconfig* file when you connect to the API server via the `kubectl` command. The **kubeconfig** file contains secrets such as private keys and certificates that need to be carefully distributed, which can be a significant security risk.
 
-As an alternative to using certificate-based kubeconfig, you can use AD SSO credentials as a secure way to connect to the API server. AD integration with AKS Arc lets users on a Windows domain-joined machine connect to the API server via `kubectl` using their SSO credentials. This removes the need to manage and distribute certificate-based kubeconfig files that contain private keys.
+As an alternative to using certificate-based **kubeconfig**, you can use AD SSO credentials as a secure way to connect to the API server. AD integration with AKS Arc lets users on a Windows domain-joined machine connect to the API server via `kubectl` using their SSO credentials. This removes the need to manage and distribute certificate-based **kubeconfig** files that contain private keys.
 
-AD integration uses AD kubeconfig, which is distinct from the certificate-based kubeconfig files and doesn't contain any secrets. However, the certificate-based kubeconfig file can be used for backup purposes, such as troubleshooting, if there are issues with connecting using Active Directory credentials.
+AD integration uses AD **kubeconfig**, which is distinct from the certificate-based **kubeconfig** files and doesn't contain any secrets. However, the certificate-based **kubeconfig** file can be used for backup purposes, such as troubleshooting, if there are issues with connecting using Active Directory credentials.
 
 Another security benefit with AD integration is that the users and groups are stored as [security identifiers (SIDs)](/troubleshoot/windows-server/identity/security-identifiers-in-windows). Unlike group names, SIDs are immutable and unique and therefore present no naming conflicts.
 
@@ -77,7 +77,7 @@ Before you can install AD authentication, the workload cluster must be installed
 
 #### Option 1
 
-For a domain-joined Azure Local or Windows Server cluster, open PowerShell as an administrator and run the following command:
+For a domain-joined Windows Server cluster, open PowerShell as an administrator and run the following command:
 
 ```powershell
 Install-AksHciAdAuth -name mynewcluster1 -keytab .\current.keytab -SPN k8s/[email protected] -adminUser contoso\bob

AKS-Arc/azure-rbac-aks-hybrid.md

@@ -5,8 +5,8 @@ ms.topic: how-to
 ms.custom: devx-track-azurecli
 author: sethmanheim
 ms.author: sethm
-ms.date: 06/28/2024
-ms.reviewer: sulahiri
+ms.date: 04/02/2025
+ms.reviewer: leslielin
 ms.lastreviewed: 06/28/2024
 
 # Intent: As an IT Pro, I want to use Azure RBAC to authenticate connections to my AKS clusters over the Internet or on a private network.
@@ -33,7 +33,7 @@ Before you deploy a Kubernetes cluster with Azure Arc enabled, you must complete
 
 ### Install the Azure CLI extension
 
-The preview version of the Azure Arc-enabled Kubernetes Azure CLI extension is the only compatible version for this preview setup of AKS on Azure Local 22H2. Using a higher version can cause incompatibility issues with Azure RBAC and AKS Arc. To install the extension, run the following command:
+The preview version of the Azure Arc-enabled Kubernetes Azure CLI extension is the only compatible version for this preview setup of AKS on Windows Server. Using a higher version can cause incompatibility issues with Azure RBAC and AKS Arc. To install the extension, run the following command:
 
 ```azurecli
 az extension add -n connectedk8s --version 1.5.4
@@ -146,7 +146,7 @@ To create an AKS target cluster with Azure RBAC enabled using an SPN:
 
 1. If you don't already have an SPN to use with the target cluster, [create the SPN](/cli/azure/azure-cli-sp-tutorial-1) now.
 1. Note that the new SPN is for one time use when creating the cluster and doesn't require managing passwords.
-1. Open a PowerShell window on the Azure Local node or Windows server where you deploy the cluster, and run the following command:
+1. Open a PowerShell window on the AKS node or Windows Server where you deploy the cluster, and run the following command:
 
    ```powershell
    New-AksHciCluster -name "<cluster name>"  -enableAzureRBAC -resourceGroup "<resource group name>" -subscriptionID "<subscription ID>" -tenantId "<tenant ID>" -credential $Credential -location "eastus" -appId $SERVER_APP_ID -appSecret $SERVER_APP_SECRET -aadClientId $CLIENT_APP_ID -nodePoolName <name of node pool> 
@@ -156,7 +156,7 @@ To create an AKS target cluster with Azure RBAC enabled using an SPN:
 
 If you prefer to create your Azure RBAC-enabled target cluster interactively, follow these steps:
 
-1. Open a PowerShell window on the Azure Local node or Windows server where you deploy the cluster.
+1. Open a PowerShell window on the AKS node or Windows server where you deploy the cluster.
 1. Sign in to Azure by running the following `connect-azaccount -deviceauth` command:
 
    ```powershell
@@ -215,7 +215,7 @@ To connect to an AKS cluster using the `connectedk8s` proxy method, perform the
 
 When you connect to an AKS cluster over a private network, there's no limit the on number of groups you can use.
 
-To retrieve the Microsoft Entra kubeconfig log into and on-premises machine (for example, an Azure Local cluster), generate the Microsoft Entra kubeconfig using the following command. You can distribute the Microsoft Entra kubeconfig to users that connect from their client machine. The Microsoft Entra kubeconfig doesn't contain any secrets.
+To retrieve the Microsoft Entra kubeconfig log into and on-premises machine (for example, a Windows Server cluster), generate the Microsoft Entra kubeconfig using the following command. You can distribute the Microsoft Entra kubeconfig to users that connect from their client machine. The Microsoft Entra kubeconfig doesn't contain any secrets.
 
 To connect to an AKS cluster over a private network, perform the following steps:
 
@@ -246,7 +246,7 @@ This command also downloads the **kubelogin.exe** binary. To find the location o
 $workingdir = (Get-AksHciConfig).Akshci.installationPackageDir
 ```
 
-This command returns the path to where **kubelogin.exe** is downloaded. Copy the **kubelogin.exe** file to your Azure Local node or client machine. For Azure Local, copy the file to the path as described in the following example. For a client machine, copy the executable to your client machine and add it to your path. For example:
+This command returns the path to where **kubelogin.exe** is downloaded. Copy the **kubelogin.exe** file to your Windows Server node or client machine. For Windows Server, copy the file to the path as described in the following example. For a client machine, copy the executable to your client machine and add it to your path. For example:
 
 ```powershell
 cp $workingdir\kubelogin.exe "c:\program files\akshci"

AKS-Arc/configure-custom-load-balancer.md

@@ -1,9 +1,9 @@
 ---
-title: Create and use a custom load balancer with Azure Kubernetes Service on Azure Local
-description: Learn how to create and use a custom load balancer with Azure Kubernetes Service on Azure Local.
+title: Create and use a custom load balancer with Azure Kubernetes Service on Windows Server
+description: Learn how to create and use a custom load balancer with Azure Kubernetes Service on Windows Server.
 author: sethmanheim
 ms.topic: how-to
-ms.date: 04/27/2022
+ms.date: 04/02/2025
 ms.author: sethm 
 ms.lastreviewed: 1/14/2022
 ms.reviewer: rbaziwane
@@ -13,51 +13,47 @@ ms.reviewer: rbaziwane
 
 ---
 
-# Create and use a custom load balancer in Azure Kubernetes Service on Azure Local and Windows Server
+# Create and use a custom load balancer in Azure Kubernetes Service on Windows Server
 
 [!INCLUDE [aks-hybrid-applies-to-azure-stack-hci-windows-server-sku](includes/aks-hci-applies-to-skus/aks-hybrid-applies-to-azure-stack-hci-windows-server-sku.md)]
 
-This article covers how to create and use a custom load balancer. In Azure Kubernetes Service (AKS) on Azure Local and Windows Server, you use load balancers to send requests to the Kubernetes API server and to manage traffic to application services. When using a custom load balancer, [kube-vip](https://kube-vip.io/) automatically deploys to manage the load balancing of requests to the Kubernetes API server and to make sure that it's highly available.
+This article describes how to create and use a custom load balancer. In Azure Kubernetes Service (AKS) on Windows Server, you can use load balancers to send requests to the Kubernetes API server and to manage traffic to application services. When you use a custom load balancer, [kube-vip](https://kube-vip.io/) automatically deploys to manage the load balancing of requests to the Kubernetes API server and to make sure that it's highly available.
 
 > [!NOTE]
 > You can also use a other load balancers, such as MetalLB or Software Defined Networking (SDN) load balancing, to load balance traffic to application services.  
 
-## Before you begin 
+## Before you begin
 
-You must have installed [AKS on Azure Local and Windows Server](kubernetes-walkthrough-powershell.md) and provided a range of virtual IP addresses for the load balancer during the network configuration step during installation.
+You must install [AKS on Windows Server](kubernetes-walkthrough-powershell.md) and provide a range of virtual IP addresses for the load balancer during the network configuration step during installation.
 
-## Configure a custom load balancer 
+## Configure a custom load balancer
 
 > [!WARNING]
-> If you choose to deploy your own load balancer, the Kubernetes cluster will be unreachable after installation. If you deploy any services with `type=LoadBalancer`, the services will also be unreachable until you configure your load balancer.
+> If you choose to deploy your own load balancer, the Kubernetes cluster becomes unreachable after installation. If you deploy any services with `type=LoadBalancer`, the services are also unreachable until you configure your load balancer.
 
-This configuration assumes you want to leverage a custom load balancer in your cluster. In this case, the workload cluster is deployed without a load balancer. 
+This configuration assumes you want to use a custom load balancer in your cluster. In this case, the workload cluster is deployed without a load balancer:
 
 1. Create a load balancer configuration using the [New-AksHciLoadBalancerSetting](./reference/ps/new-akshciloadbalancersetting.md) cmdlet and then select `none` for the `loadBalancerSku` parameter:
 
    ```powershell
    $lbCfg=New-AksHciLoadBalancerSetting -name "myLb" -loadBalancerSku "none" 
    ```
- 
-2. Deploy a workload cluster without providing the load balancer configuration using the following command:
+
+1. Deploy a workload cluster without providing the load balancer configuration using the following command:
 
    ```powershell
    New-AksHciCluster -name "summertime" -nodePoolName mynodepool -nodeCount 2 -OSType linux -nodeVmSize Standard_A4_v2 -loadBalancerSettings $lbCfg 
    ```
 
-3. Use [Get-AksHciCluster](./reference/ps/get-akshcicluster.md) to verify that the cluster is successfully deployed with the control plane nodes running `kube-vip` and that the API server requests are reachable. 
+1. Use [Get-AksHciCluster](./reference/ps/get-akshcicluster.md) to verify that the cluster is successfully deployed with the control plane nodes running `kube-vip` and that the API server requests are reachable.
 
-4. Manually configure your load balancer.  
+1. Manually configure your load balancer.  
 
-If you run an upgrade, the load balancer configuration (`loadBalancerSku` and `count`) you defined during installation will remain the same after the upgrade completes. However, if you want to update `loadBalancerSku` during an upgrade, you must redeploy your workload clusters. If you have existing clusters running a HAProxy-based load balancer, you can continue running your workloads and the upgrade will successfully complete. 
+If you run an upgrade, the load balancer configuration (`loadBalancerSku` and `count`) you defined during installation remains the same after the upgrade completes. However, if you want to update `loadBalancerSku` during an upgrade, you must redeploy your workload clusters. If you have existing clusters running a HAProxy-based load balancer, you can continue running your workloads and the upgrade completes successfully.
 
 > [!IMPORTANT]
-> If you change from using a custom load balancer to using the default load balancer, you're required to  redeploy your workload cluster with the new load balancer configuration. For instructions on how to configure the default load balancer, see [Configure load balancer](configure-load-balancer.md).  
-
-## Next steps 
-
-To learn more about Kubernetes services, see the [Kubernetes services documentation](https://kubernetes.io/docs/concepts/services-networking/service/). 
+> If you change from using a custom load balancer to using the default load balancer, you're required to redeploy your workload cluster with the new load balancer configuration. For information about how to configure the default load balancer, see [Configure load balancer](configure-load-balancer.md).  
 
- 
+## Next steps
 
- 
+To learn more about Kubernetes services, see the [Kubernetes services documentation](https://kubernetes.io/docs/concepts/services-networking/service/).

AKS-Arc/connect-to-arc.md

@@ -5,13 +5,13 @@ author: sethmanheim
 ms.topic: how-to
 ms.custom:
   - devx-track-azurepowershell
-ms.date: 07/02/2024
+ms.date: 04/02/2025
 ms.author: sethm 
 ms.lastreviewed: 1/14/2022
 ms.reviewer: abha
 
 # Intent: As an IT Pro, I want to learn how to connect an Azure Kubernetes Service cluster to Kubernetes so I can extend those capabilities to my Kubernetes clusters.
-# Keyword: AKS cluster Azure Local cluster
+# Keyword: AKS cluster Kubernetes cluster
 ---
 
 # Connect an Azure Kubernetes Service cluster to Azure Arc

AKS-Arc/deploy-arc-data-services.md

@@ -3,10 +3,11 @@ title: Deploy Azure Arc-enabled data services in AKS enabled by Azure Arc
 description: Learn how to deploy Azure Arc-enabled data services in AKS enabled by Azure Arc.
 author: sethmanheim
 ms.topic: how-to
-ms.date: 07/03/2024
+ms.date: 04/02/2025
 ms.author: sethm 
 ms.lastreviewed: 1/14/2022
 ms.reviewer: rbaziwane
+
 # Intent: As an IT Pro, I need to learn the requirements needed in order to deploy Azure Arc data.
 # Keyword: Azure Arc data services
 ---
@@ -17,7 +18,7 @@ ms.reviewer: rbaziwane
 
 This article provides a checklist of prerequisites you can follow to deploy Azure Arc-enabled data services on Azure Kubernetes Service (AKS) enabled by Azure Arc. You must have [AKS](kubernetes-walkthrough-powershell.md) installed before using the checklist.
 
-## Prerequisites for AKS on Azure Local and Windows Server
+## Prerequisites for AKS on Windows Server
 
 > [!div class="checklist"]
 > * [Provision a workload cluster with only Linux node pools](use-node-pools.md).
@@ -28,13 +29,13 @@ This article provides a checklist of prerequisites you can follow to deploy Azur
 > [!div class="checklist"]
 > * [Connect your clusters to Azure Arc for Kubernetes](connect-to-arc.md).
 
-Confirm whether custom location is enabled on your Kubernetes cluster by running the following command and checking for `customLocation: enabled: true`:
+Confirm whether the custom location is enabled on your Kubernetes cluster by running the following command and checking for `customLocation: enabled: true`:
 
 ```console
 helm get values azure-arc
 ```
 
-If custom location isn't enabled, run the following CLI command:
+If the custom location isn't enabled, run the following CLI command:
 
 ```azurecli
 az connectedk8s enable-features -n <clusterName> -g <resourceGroupName> --features cluster-connect custom-locations

AKS-Arc/deploy-gpu-node-pool-22h2.md

@@ -1,12 +1,12 @@
 ---
 title: Use GPUs for compute-intensive workloads
-description: Learn how to deploy GPU-enabled node pools in AKS enabled by Arc on Azure Local 22H2.
+description: Learn how to deploy GPU-enabled node pools in AKS enabled by Azure Arc on Windows Server.
 author: sethmanheim
 ms.topic: how-to
-ms.date: 02/29/2024
+ms.date: 04/02/2025
 ms.author: sethm 
 ms.lastreviewed: 03/21/2023
-ms.reviewer: sethm
+
 # Intent: As an IT Pro, I want to learn how to deploy GPU-enabled node pools
 # Keyword: Run GPU workloads on Kubernetes
 ---
@@ -97,7 +97,7 @@ OK       Nvidia T4_base - Dismounted               PCI\VEN_10DE&DEV_1EB8&SUBSYS_
 Repeat steps 1 to 3 for each node in your failover cluster.
 
 > [!IMPORTANT]
-> GPU-enabled virtual machines are not added to failover clustering in Windows Server 2019, Windows Server 2022, or Azure Local.
+> GPU-enabled virtual machines are not added to failover clustering in Windows Server 2019 and Windows Server 2022.
 
 ## Install or update AKS
 
@@ -232,4 +232,4 @@ If an upgrade is triggered on a cluster without extra GPU resources to facilitat
 
 ## Next steps
 
-- [AKS on Azure Local and Windows Server overview](overview.md)
+- [AKS on Windows Server overview](overview.md)

AKS-Arc/deploy-target-clusters-virtual-networks.md

@@ -45,7 +45,7 @@ New-AksHciClusterNetwork -name "SDNVNet1" -vswitchName "ConvergedSwitch(hci)" `
 |     `ipAddressPrefix`                      |   Subnet prefix for creating the virtual network in the network controller. This prefix is a subnet prefix, not a virtual network prefix. Currently, MOC only supports a single subnet.                                           |
 |     `gateway`                              |   Default gateway for the subnet. Must be the first IP of the subnet. SDN doesn't support custom default gateways for virtual networks.                                                                                  |
 |     `dnsServers`                           |   DNS servers reachable from SDN VMs public IP or other (for example, an L3 connection), used for name resolutions.                                                                                                              |
-|     `K8sNodeIpPoolStart`, `K8sNodeIpPoolEnd`  |   A subset or full IP range from the `ipAddressPrefix`. Used by MOC IPAM to allocate IP addresses for nodes. Useful if deploying non-AKS on Azure Local VMs on the same subnet, but not recommended due to possible misconfiguration.  |
+|     `K8sNodeIpPoolStart`, `K8sNodeIpPoolEnd`  |   A subset or full IP range from the `ipAddressPrefix`. Used by MOC IPAM to allocate IP addresses for nodes. Useful if deploying non-AKS on Windows Server VMs on the same subnet, but not recommended due to possible misconfiguration.  |
 
 ## Create a Kubernetes cluster on your SDN virtual network
 

AKS-Arc/encrypt-secrets.md

@@ -8,7 +8,7 @@ ms.author: sethm
 ms.lastreviewed: 1/14/2022
 ms.reviewer: aathipsa
 # Intent: As an IT Pro, I want to learn about encrypted etcd secrets and how they are used in my AKS deployment. 
-# Keyword: etcd secrets AKS Azure Local 
+# Keyword: etcd secrets AKS Windows Server
 
 ---