Resolved merge conflict.

Author: LouisBerner

.openpublishing.redirection.json

@@ -1316,6 +1316,11 @@
       "redirect_url": "/azure/azure-managed-lustre/client-install?pivots=ubuntu-22",
       "redirect_document_id": false
     },
+    {
+      "source_path": "azure-managed-lustre/install-ubuntu-24.md",
+      "redirect_url": "/azure/azure-managed-lustre/client-install?pivots=ubuntu-24",
+      "redirect_document_id": false
+    },
     {
       "source_path": "azure-stack/hci/get-started.md",
       "redirect_url": "/azure-stack/hci/manage/monitor-cluster",

AKS-Arc/TOC.yml

@@ -180,12 +180,15 @@
     - name: Can't see VM SKUs on Azure portal
       href: check-vm-sku.md
     - name: Connectivity issues with MetalLB
-      href: load-balancer-issues.md 
-
+      href: load-balancer-issues.md
+    - name: Network validation error due to .local domain
+      href: network-validation-error-local.md
   - name: Reference
     items:
     - name: Azure CLI
       href: /cli/azure/aksarc
+    - name: Azure PowerShell
+      href: /powershell/module/az.aksarc/
     - name: REST API reference
       href: /rest/api/hybridcontainer/operation-groups
   - name: Resources

AKS-Arc/aks-hci-network-system-requirements.md

@@ -2,7 +2,7 @@
 title: AKS enabled by Azure Arc network requirements
 description: Learn about AKS network prerequisites.
 ms.topic: overview
-ms.date: 11/19/2024
+ms.date: 04/23/2025
 author: sethmanheim
 ms.author: sethm
 ms.reviewer: abha
@@ -64,6 +64,9 @@ Regardless of the option you choose, you must ensure that the IP addresses alloc
 
 Proxy settings in AKS are inherited from the underlying infrastructure system. The functionality to set individual proxy settings for Kubernetes clusters and change proxy settings isn't supported yet. For more information on how to set proxy correctly, see [proxy requirements for Azure Local](/azure/azure-local/manage/configure-proxy-settings-23h2).
 
+> [!WARNING]
+> You cannot update incorrect proxy settings after you deploy Azure Local. If the proxy is misconfigured, you must redeploy Azure Local.
+
 ## Firewall URL exceptions
 
 Firewall requirements for AKS have been consolidated with Azure Local firewall requirements. See [Azure Local firewall requirements](/azure/azure-local/concepts/firewall-requirements) for list of URLs that need to be allowed to successfully deploy AKS.

AKS-Arc/aks-troubleshoot.md

@@ -3,7 +3,7 @@ title: Troubleshoot common issues in AKS enabled by Azure Arc
 description: Learn about common issues and workarounds in AKS enabled by Arc.
 ms.topic: how-to
 author: sethmanheim
-ms.date: 04/01/2025
+ms.date: 04/30/2025
 ms.author: sethm 
 ms.lastreviewed: 04/01/2025
 ms.reviewer: abha
@@ -25,24 +25,24 @@ The following sections describe known issues for AKS enabled by Azure Arc:
 | AKS Arc CRUD operation | Issue | Fix status |
 |------------------------|-------|------------|
 | AKS cluster create     | [Can't create AKS cluster or scale node pool because of issues with AKS Arc images](gallery-image-not-usable.md) | Partially fixed in 2503 release |
-| AKS steady state       | [AKS Arc telemetry pod consumes too much memory and CPU](telemetry-pod-resources.md) | Active
-| AKS steady state       | [Disk space exhaustion on control plane VMs due to accumulation of kube-apiserver audit logs](kube-apiserver-log-overflow.md) | Active
+| AKS steady state       | [AKS Arc telemetry pod consumes too much memory and CPU](telemetry-pod-resources.md) | Active |
+| AKS steady state       | [Disk space exhaustion on control plane VMs due to accumulation of kube-apiserver audit logs](kube-apiserver-log-overflow.md) | Active |
 | AKS cluster delete     | [Deleted AKS Arc cluster still visible on Azure portal](deleted-cluster-visible.md) | Active |
 | AKS cluster delete     | [Can't fully delete AKS Arc cluster with PodDisruptionBudget (PDB) resources](delete-cluster-pdb.md) | Fixed in 2503 release |
 | Azure portal           | [Can't see VM SKUs on Azure portal](check-vm-sku.md) | Fixed in 2411 release |
-| MetalLB Arc extension  | [Connectivity issues with MetalLB](load-balancer-issues.md) | Fixed in 2411 release | 
-
+| MetalLB Arc extension  | [Connectivity issues with MetalLB](load-balancer-issues.md) | Fixed in 2411 release |
 
 ## Guides to diagnose and troubleshoot Kubernetes CRUD failures
 
-| AKS Arc operation | Issue | 
+| AKS Arc operation | Issue |
 |------------------------|-------|
-| Create validation      | [Control plane configuration validation errors](control-plane-validation-errors.md) 
-| Create validation      | [K8sVersionValidation error](cluster-k8s-version.md)   
-| Create validation      | [KubeAPIServer unreachable error](kube-api-server-unreachable.md)  
-| Network configuration issues | [Use diagnostic checker](aks-arc-diagnostic-checker.md)
-| Kubernetes steady state   | [Resolve issues due to out-of-band deletion of storage volumes](delete-storage-volume.md)
-| Release validation     | [Azure Advisor upgrade recommendation message](azure-advisor-upgrade.md)
+| Create validation      | [Control plane configuration validation errors](control-plane-validation-errors.md) |
+| Create validation      | [K8sVersionValidation error](cluster-k8s-version.md) |
+| Create validation      | [KubeAPIServer unreachable error](kube-api-server-unreachable.md) |
+| Network configuration issues | [Use diagnostic checker](aks-arc-diagnostic-checker.md) |
+| Kubernetes steady state   | [Resolve issues due to out-of-band deletion of storage volumes](delete-storage-volume.md) |
+| Release validation     | [Azure Advisor upgrade recommendation message](azure-advisor-upgrade.md) |
+| Network validation | [Network validation error due to .local domain](network-validation-error-local.md) |
 
 ## Next steps
 

AKS-Arc/network-validation-error-local.md

@@ -0,0 +1,43 @@
+---
+title: Network validation error due to .local domain
+description: Learn how to troubleshoot network validation errors due to the .local domain.
+author: sethmanheim
+ms.author: sethm
+ms.topic: troubleshooting
+ms.date: 04/30/2025
+ms.reviewer: pradwivedi
+ms.lastreviewed: 04/30/2025
+
+---
+
+# Troubleshoot network validation error due to .local domain
+
+This article describes how to resolve the `Not able to connect to http://cloudagent.contoso.local:50000` error. This error occurs when you try to create and deploy an AKS on Azure Local cluster.
+
+## Symptoms
+
+You can deploy `.local` domains on Azure Local but might sometimes encounter failures during AKS scenarios, such as create, scale, update, upgrade, and delete. You might see the following error message:
+
+`Error: Network validation failed during cluster creation. Detailed message: Not able to connect to http://cloudagent.contoso.local:50000. Error returned: action failed after 5 attempts: Get "http://cloudagent.contoso.local:50000": dial tcp: lookup http://cloudagent.contoso.local: Temporary failure in name resolution`
+
+## Possible causes
+
+There are two possible causes for this error:
+
+1. Because `.local` is an officially reserved special-use domain name, host names with this top-level label are only resolvable via the multicast DNS name resolution protocol. Other mechanisms such as unicast DNS can also be used to resolve this name.
+
+   When a URL ending with `.local` for the failover cluster is used, a fully qualified domain name (FQDN) ending with `.local` is also used for the MOC cloud agent. The Azure Local 2503 release consists of various network validation tests. One of the tests tries to connect to the MOC cloud FQDN from the AKS Arc control plane VM. This specific test fails when the MOC cloud agent FQDN uses the `.local` domain name. This is because the **Go HTTP** client relies on standard DNS resolution, so it doesn't automatically resolve the `.local` address via mDNS.
+
+1. When the on-premises directory is synchronized with Microsoft 365, you must have a verified domain in Microsoft Entra ID. Only the user principal names (UPNs) that are associated with the on-premises Active Directory Domain Services (AD DS) domain are synchronized. However, any UPN that contains a non-routable domain, such as `.local` (for example, `[email protected]`), is synchronized to an `.onmicrosoft.com` domain (for example, `[email protected]`). For more information, see [Prepare a nonroutable domain for directory synchronization](/microsoft-365/enterprise/prepare-a-non-routable-domain-for-directory-synchronization?view=o365-worldwide&preserve-view=true).
+
+## Mitigation
+
+If you are on Azure Local 2503 or a later release, don't use `.local` in the domain name.
+
+Per the [possible cause #2](#possible-causes), if you currently use a `.local` domain for your user accounts in AD DS, we recommend that you change them to use a verified domain; for example, `[email protected]`, to properly synchronize with your Microsoft 365 domain.
+
+As a temporary mitigation, the checks for the `.local` domain are disabled in the Azure Local 2504 release. For more information, see [What's new in Azure Local, version 2504](/azure/azure-local/whats-new?view=azloc-2504&preserve-view=true).
+
+## Next steps
+
+[Troubleshoot issues in AKS enabled by Azure Arc](aks-troubleshoot.md)

azure-local/TOC.yml

@@ -152,7 +152,7 @@ items:
     - name: Using Express scripts
       href: deploy/sdn-express-23h2.md
     - name: Using Windows Admin Center
-      href: deploy/sdn-wizard-23h2.md     
+      href: deploy/sdn-wizard-23h2.md  
 
   - name: Deploy workloads
     items:

azure-local/concepts/billing.md

@@ -5,7 +5,7 @@ author: alkohli
 ms.author: alkohli
 ms.topic: conceptual
 ms.service: azure-local
-ms.date: 01/28/2025
+ms.date: 04/29/2025
 ---
 
 # Azure Local billing and payment
@@ -37,6 +37,14 @@ To determine how many cores are present in a system, Azure Local periodically ch
 
 To manually upload core data to Azure, use the **`Sync-AzureStackHCI`** cmdlet.
 
+## Billing changes for 12.2504.1001.20 and later
+
+For deployments running solution version 12.2504.1001.20 and later, the usage record originates from the Azure Local resource in Azure directly.
+
+If you shut down or decommission your system without deleting the Azure Local resource in Azure, billing continues until the Azure Local resource in Azure is in a disconnected state for over 31 days.
+
+To avoid unexpected charges, you must delete the Azure Local resource in Azure when you decide to decommission the cluster. If you need to deploy the service again, you must go through the Azure Local deployment process. For more information, see [Deploy Azure Local](../deploy/deploy-via-portal.md).
+
 ## FAQ
 
 - If I already have an Azure subscription, can I use it for Azure Local? **Yes**

azure-local/concepts/compare-windows-server.md

@@ -5,7 +5,7 @@ ms.topic: conceptual
 author: alkohli
 ms.author: alkohli
 ms.service: azure-local
-ms.date: 03/28/2025
+ms.date: 04/08/2025
 ---
 
 # Compare Azure Local to Windows Server
@@ -18,7 +18,7 @@ When replacing a datacenter primarily running VMware, Azure Local is typically n
 
 ## When to use Azure Local
 
-Azure Local is Microsoft's premier hyperconverged infrastructure platform for running VMs or virtual desktops on-premises with connections to Azure hybrid services. Azure Local can help to modernize and secure your datacenters and branch offices, and achieve industry-best performance with low latency and data sovereignty.
+Azure Local is Microsoft's premier hyperconverged infrastructure platform for running virtual machines (VMs) or virtual desktops on-premises with connections to Azure hybrid services. Azure Local can help to modernize and secure your datacenters and branch offices, and achieve industry-best performance with low latency and data sovereignty.
 
 :::image type="content" source="media/compare-windows-server/hci-scenarios.png" alt-text="When to use Azure Local over Windows Server 2019" border="false" lightbox="media/compare-windows-server/hci-scenarios.png":::
 
@@ -41,7 +41,7 @@ Windows Server is a highly versatile, multi-purpose operating system with dozens
 
 Use Windows Server for:
 
-- A guest operating system inside of virtual machines (VMs) or containers
+- A guest operating system inside of VMs or containers
 - As the runtime server for a Windows application
 - To use one or more of the built-in server roles such as Active Directory, file services, DNS, DHCP, or Internet Information Services (IIS)
 - As a traditional server, such as a bare-metal domain controller or SQL Server installation
@@ -119,7 +119,7 @@ The following table compares the management options for Azure Local and Windows
 | Azure portal > Windows Admin Center integration (preview) | Yes | Azure VMs only <sup>1</sup>|
 | Azure portal > Multi-cluster monitoring for Azure Local | Yes | No |
 | Azure portal > Azure Resource Manager integration for clusters | Yes | No |
-| Azure portal > Arc VM management | Yes | No |
+| Azure portal > Management of Azure Local VMs enabled by Arc | Yes | No |
 | Desktop experience | No | Yes |
 
 <sup>1</sup> Requires manually installing the Arc-git statusConnected Machine agent on every machine.

azure-local/concepts/firewall-requirements.md

@@ -65,6 +65,25 @@ For a consolidated list of endpoints for Japan East that includes Azure Local, A
 For a consolidated list of endpoints for South Central US that includes Azure Local, Arc-enabled servers, ARB, and AKS, use:
 - [Required endpoints in South Central US for Azure Local](https://github.com/Azure/AzureStack-Tools/blob/master/HCI/SouthCentralUSEndpoints/southcentralus-hci-endpoints.md)
 
+## Firewall requirements for OEMs
+
+Depending on the OEM you are using for Azure Local you may need to open additional endpoints in your firewall.
+
+DataON required endpoints for Azure Local deployments
+- [DataOn required endpoints](https://github.com/Azure/AzureStack-Tools/blob/master/HCI/OEMEndpoints/DataOn/DataOnAzureLocalEndpoints.md)
+
+Dell required endpoints for Azure Local deployments
+- [Dell required endpoints](https://github.com/Azure/AzureStack-Tools/blob/master/HCI/OEMEndpoints/Dell/DellAzureLocalEndpoints.md)
+
+HPE required endpoints for Azure Local deployments
+- [HPE required endpoints](https://github.com/Azure/AzureStack-Tools/blob/master/HCI/OEMEndpoints/HPE/HPEAzureLocalEndpoints.md)
+
+Hitachi required endpoints for Azure Local deployments
+- [Hitachi required endpoints](https://github.com/Azure/AzureStack-Tools/blob/master/HCI/OEMEndpoints/Hitachi/HitachiAzureLocalEndpoints.md)
+
+Lenovo required endpoints for Azure Local deployments
+- [Lenovo required endpoints](https://github.com/Azure/AzureStack-Tools/blob/master/HCI/OEMEndpoints/Lenovo/LenovoAzureLocalEndpoints.md)
+
 ## Firewall requirements for additional Azure services
 
 Depending on additional Azure services you enable for Azure Local, you may need to make additional firewall configuration changes. Refer to the following links for information on firewall requirements for each Azure service:

azure-local/concepts/observability.md

@@ -3,7 +3,7 @@ title: Azure Local observability
 description: Learn about observability in Azure Local.
 author: alkohli
 ms.author: alkohli
-ms.date: 10/18/2024
+ms.date: 04/25/2025
 ms.topic: conceptual
 ms.service: azure-local
 ---
@@ -109,6 +109,36 @@ The following table describes the types of data, their storage location, default
 | Metrics | Metrics are numerical values collected at regular intervals, describing aspects of a system. | Metrics data is sent to the respective region in which resource is deployed. | Enabled by default and can be disabled anytime. | Platform metrics are stored for 93 days, however, you can only query (in the Metrics tile) for a maximum of 30 days' worth of data on any single chart. | You can use metrics explorer to interactively analyze the data in your metric database. |
 | Billing and census | Billing data includes the system ID and the number of physical cores and hours used. Census data is required to enable basic management from Azure and includes system information (system name and ID, system connection status, storage pool ID, trial days remaining and billing model), machine information (number of machines, machine name, OS version, machine manufacturer, model and serial number, number of physical cores and memory size), and basic configuration such as, enablement of Azure verification for VMs, Azure managed identity and diagnostics level setting. | Billing and census data is sent to the respective resource region where the customer registered the device. | Billing is always enabled as it is required to charge for Azure Local usage. Census data is also always enabled, as it includes the minimal information required to manage Azure Local from Azure. | Data is deleted when the resource is deleted, except for billing data, which is retained. | To view billing data, navigate to the Azure Local system resource page in Azure portal, select **Overview** in the left pane, in the Essentials section select the **Billing status** link, followed by **View Cost Management**. To view census data, select **JSON View** located in the top right corner of the Essentials section. |
 
+## Crash dump collection
+
+Crash dump collection is a feature in Azure Local that allows for the automatic collection, analysis, and debugging of crashes. The data collected from a crash, referred to as the crash dump, is used for analysis and debugging.
+
+### Key features
+
+Here are the key features of crash dump collection for Azure Local:
+
+- **Automatic collection and analysis.** Automatically gathers data from Azure Local crashes and analyzes it to pinpoint the root causes of failures, aiding in quick diagnosis and resolution. This minimizes downtime and enhances service reliability.
+- **Compliance and security.** Ensures crash data is handled securely and in compliance with data protection regulations across all Azure regions and national clouds.
+- **Customizable settings.** Enabled by default for optimal performance and reliability, but can be disabled using specific commands if necessary. However, we recommend to keep it enabled to benefit from its diagnostic capabilities.
+
+### Prerequisites
+
+To use the crash dump collection feature, install the `AzureEdgeTelemetryAndDiagnostics` extension, version 2.0.18 or later. For information about the extension, see [Azure Local telemetry and diagnostics extension overview](./telemetry-and-diagnostics-overview.md).
+
+### Disable crash dump collection
+
+To disable the crash dump collection capability, use the following command:
+
+```powershell
+Set-EdgeCrashDumpCollection -SetState Disable
+```
+
+To re-enable it, use the following command:
+
+```powershell
+Set-EdgeCrashDumpCollection -SetState Enable
+```
+
 ## Next steps
 
 - [Azure Local telemetry and diagnostics extension](./telemetry-and-diagnostics-overview.md)