Edits

sethmanheim · sethmanheim · commit 755892c5de6f · 2025-06-26T13:41:09.000-07:00
diff --git a/AKS-Arc/aks-on-azure-local-support-policy.md b/AKS-Arc/aks-on-azure-local-support-policy.md
@@ -15,13 +15,13 @@ This article provides details about technical support policies and limitations f
 
 ## Service updates and releases
 
-AKS on Azure Local adheres to the Kubernetes support calendar and releases Kubernetes versions to ensure AKS on Azure Local customers can always operate on a supported version of Kubernetes.
+AKS on Azure Local adheres to the Kubernetes support calendar and releases Kubernetes versions to ensure that AKS on Azure Local customers can always operate on a supported version of Kubernetes.
 
 A Kubernetes cluster that operates on a deprecated minor version must be updated to a supported version to be eligible for support. Once a minor version is deprecated, any Kubernetes clusters still running on this version continue to function. You can still perform operations such as scaling up or down.
 
-Once a minor version is deprecated, it's removed from the Microsoft servers. At that point, Kubernetes clusters using this version are unable to update Kubernetes or OS versions and must be upgraded to the latest release. In some cases, this upgrade can also mean full re-deployment if the system is not in a healthy state.
+Once a minor version is deprecated, it's removed from the Microsoft servers. At that point, Kubernetes clusters using this version are unable to update Kubernetes or OS versions and must be upgraded to the latest release. In some cases, this upgrade can also mean full redeployment if the system is not in a healthy state.
 
-For release information, see the [AKS on Azure Local release notes.](/azure/aks/aksarc/aks-whats-new-23h2)
+For release information, see the [AKS on Azure Local release notes](/azure/aks/aksarc/aks-whats-new-23h2).
 
 ## Managed features in AKS Arc
 
@@ -31,37 +31,36 @@ By contrast, AKS Arc provides a turnkey Kubernetes deployment that gives you the
 
 Microsoft maintains the following components through the Arc Resource Bridge and the associated virtual machine base images for AKS Arc clusters:
 
-- kubelet or Kubernetes API servers.
-- etcd or a compatible key-value store, providing Quality of Service (QoS), scalability, and runtime.
-- DNS services (for example, kube-dns or CoreDNS).
+- **kubelet** or Kubernetes API servers.
+- **etcd** or a compatible key-value store, providing Quality of Service (QoS), scalability, and runtime.
+- DNS services (for example, **kube-dns** or CoreDNS).
 - Kubernetes proxy or networking.
 - Any other add-on or system component running in the kube-system namespace.
 
 AKS Arc isn't a Platform-as-a-Service (PaaS) solution, and AKS clusters on Azure Local have shared responsibility. Users must help maintain the Kubernetes cluster. User input is required, for example, to apply an operating system (OS) security patch or update to a newer Kubernetes version.
 
-The services are *managed* in the sense that Microsoft and the AKS team provide the tooling that deploys the Kubernetes components such as control plane nodes and nodepools for the AKS Arc clusters. Microsoft limits customization to ensure a consistent and scalable user experience.
+The services are *managed* in the sense that Microsoft and the AKS team provide the tooling that deploys the Kubernetes components such as control plane nodes and nodepools for AKS Arc clusters. Microsoft limits customization to ensure a consistent and scalable user experience.
 
 ## Supported version policy
 
 Kubernetes versions in AKS Arc follow the [Kubernetes version policy](https://kubernetes.io/releases/version-skew-policy/).
 
 AKS Arc doesn't make any runtime (or other) guarantees for clusters outside of the supported versions list. "Outside of support" means that:
 
-Your cluster operates on a deprecated minor version. The version you're running is outside of the supported versions list.
+- Your cluster operates on a deprecated minor version. The version you're running is outside of the supported versions list.
+- You are asked to upgrade the cluster to a supported version when you request support.
 
-You are asked to upgrade the cluster to a supported version when requesting support.
-
-For information about the supported Kubernetes versions, see [Supported Kubernetes versions](supported-kubernetes-versions.md).
+For information about supported Kubernetes versions, see [Supported Kubernetes versions](supported-kubernetes-versions.md).
 
 AKS Arc follows the platform version support timeframes for those products. That is, AKS Arc is not supported on unsupported versions of those products. For more information, see [Azure Local supported versions information](/azure/azure-local/release-information-23h2).
 
 ## Shared responsibility
 
 When an AKS Arc cluster is created, you define the Kubernetes node pools that AKS Arc creates. Your workloads are executed on these node pools.
 
-Because your node pools execute private code and store sensitive data, Microsoft Support has limited access to them. Microsoft Support can't sign in to execute commands on, or view logs for these nodes without your express permission or assistance. Any direct modification of the agent nodes by using any of the IaaS APIs renders the cluster unsupportable. Any modification done to the node pools must be done using Kubernetes-native mechanisms such as  Daemon Sets.
+Because your node pools execute private code and store sensitive data, Microsoft Support has limited access to them. Microsoft Support can't sign in to execute commands on, or view logs for these nodes without your express permission or assistance. Any direct modification of the agent nodes by using any of the IaaS APIs renders the cluster unsupportable. Any modification done to the node pools must be done using Kubernetes-native mechanisms such as **Daemon Sets**.
 
-Similarly, while you can add any metadata, such as tags and labels, to the AKS Arc cluster and nodes, changing any of the system-created metadata renders the AKS Arc cluster unsupported.
+Similarly, while you can add any metadata, such as tags and labels to the AKS Arc cluster and nodes, changing any of the system-created metadata renders the AKS Arc cluster unsupported.
 
 ## AKS Arc support coverage
 
@@ -72,7 +71,7 @@ Microsoft provides technical support for the following features and components:
 - Etcd data store.
 - Integration with Azure Arc and Arc enabled Kubernetes extensions.
 - Questions or issues about customization of control plane components such as the Kubernetes API server, etcd, and coreDNS.
-- Issues with networking, network access, and functionality. Issues could include DNS resolution, packet loss, and routing.
+- Issues with networking, network access, and functionality. Issues can include DNS resolution, packet loss, and routing.
 
 Microsoft supports various networking scenarios:
 
@@ -81,25 +80,27 @@ Microsoft supports various networking scenarios:
 - Network performance and latency.
 
 > [!NOTE]
-> Any cluster actions taken by Microsoft AKS Arc support teams are made with user consent and assistance. Microsoft Support doesn't log into your AKS Arc cluster unless you configure access for the support engineer.
+> Any cluster actions taken by Microsoft AKS Arc support teams are made with user consent and assistance. Microsoft Support doesn't log in to your AKS Arc cluster unless you configure access for the support engineer.
 
 Microsoft doesn't provide technical support for questions about how to use Kubernetes. For example, Microsoft Support doesn't provide advice on:
 
-- How to create custom ingress controllers
-- Use application workloads
-- Apply third-party or open-source software packages or tools.
+- How to create custom ingress controllers.
+- How to use application workloads.
+- How to apply third-party or open-source software packages or tools.
 - Third-party open-source projects that aren't provided as part of the Kubernetes control plane or deployed when AKS Arc clusters are created. These projects might include Istio, Helm, Envoy, or others.
 - Third-party closed-source software. This software can include security scanning tools and networking devices or software.
 - Network customizations other than the ones listed in the [AKS Arc documentation](aks-hci-network-system-requirements.md).
 
 > [!NOTE]
-> Microsoft Support can advise on cluster functionality, customization, and tuning in AKS Arc, for example, Kubernetes operations issues and procedures.
+> Microsoft Support can advise on cluster functionality, customization, and tuning in AKS Arc; for example, Kubernetes operations issues and procedures.
 
 > [!NOTE]
 > Microsoft can provide best-effort support for third-party open-source projects such as Helm. Where the third-party open-source tool integrates with Kubernetes or other AKS Arc-specific bugs, Microsoft supports examples and applications from Microsoft documentation.
 
 ## AKS Arc support coverage for node pools
 
+This section describes the support coverage for AKS Arc node pools. Node pools are the Kubernetes agent nodes that run your workloads.
+
 ### Microsoft responsibilities for AKS Arc node pools
 
 Microsoft and users share responsibility for Kubernetes agent nodes where:
@@ -116,12 +117,12 @@ Microsoft and users share responsibility for Kubernetes agent nodes where:
 
 ### Customer responsibilities for AKS Arc node pools
 
-AKS Arc regularly releases new Kubernetes patches and minor versions. These updates can contain security or functionality improvements to Kubernetes. You're responsible for keeping your cluster's Kubernetes version and therefore node pool versions are updated according to the [AKS Arc supported versions policy.](/azure/aks/aksarc/aks-whats-new-23h2)
+AKS Arc regularly releases new Kubernetes patches and minor versions. These updates can contain security or functionality improvements to Kubernetes. You're responsible for keeping your cluster's Kubernetes version and node pool versions updated according to the [AKS Arc supported versions policy](/azure/aks/aksarc/aks-whats-new-23h2).
 
 ### User customization of node pools
 
 > [!NOTE]
-> AKS Arc agent nodes appear in Hyper-V as regular virtual machine resources. These virtual machines are deployed with a custom OS image, and supported and managed Kubernetes components. You cannot change the base OS image or do any direct customizations to these nodes using the Hyper-V APIs or resources. Any custom changes that are not done via the AKS Arc API do not persist through an upgrade, scale, update, or reboot, and can render the Kubernetes cluster unsupported. Avoid performing changes to the agent nodes unless Microsoft Support directs you to make changes.
+> AKS Arc agent nodes appear in Hyper-V as regular virtual machine resources. These virtual machines are deployed with a custom OS image, and supported and managed Kubernetes components. You can't change the base OS image or do any direct customizations to these nodes using the Hyper-V APIs or resources. Any custom changes that are not done via the AKS Arc API do not persist through an upgrade, scale, update, or reboot, and can render the Kubernetes cluster unsupported. Avoid performing changes to the agent nodes unless Microsoft Support directs you to make changes.
 
 AKS Arc manages the lifecycle and operations of node pool images on your behalf. Modifying the resources associated with the node pools is not supported. For example, customizing a virtual machine's network settings by manually changing configurations through the Hyper-V API or tools is not supported.
 
@@ -149,11 +150,11 @@ Clusters that are stopped for more than 30 days can no longer be updated. The co
 
 ## Deleted or suspended subscription
 
-If your Azure subscription is suspended or deleted, your AKS cluster(s) are out of support after 60 days, unless the subscription is reinstated before the 60-day limit is reached. All other limitations described previously also apply. Once the subscription is deleted, the cluster connection to Azure cannot be recovered and Azure Local and AKS Arc must be re-deployed.
+If your Azure subscription is suspended or deleted, your AKS cluster(s) are out of support after 60 days, unless the subscription is reinstated before the 60-day limit is reached. All other limitations described previously also apply. Once the subscription is deleted, the cluster connection to Azure cannot be recovered and Azure Local and AKS Arc must be redeployed.
 
 ## Unsupported preview and beta Kubernetes features
 
-AKS Arc only supports stable and beta features in the upstream Kubernetes project. Unless otherwise documented, AKS Arc doesn't support any preview feature that is available in the upstream Kubernetes project.
+AKS Arc only supports stable and beta features in the upstream Kubernetes project. Unless otherwise documented, AKS Arc doesn't support any preview feature that's available in the upstream Kubernetes project.
 
 ## Preview features or feature flags
 
@@ -163,12 +164,12 @@ Features in public preview receive "best effort" support, as these features are
 
 ## Upstream bugs and issues
 
-Given the speed of development in the upstream Kubernetes project, bugs invariably arise. Some of these bugs can't be patched or worked around within the AKS Arc system. Instead, bug fixes require larger patches to upstream projects (such as Kubernetes, node or agent operating systems, and kernel). For components that Microsoft owns (such as the cluster API providers for Azure Local), AKS Arc and Azure personnel are committed to fixing issues upstream in the community.
+Given the speed of development in the upstream Kubernetes project, bugs invariably occur. Some of these bugs can't be patched or worked around within the AKS Arc system. Instead, bug fixes require larger patches to upstream projects (such as Kubernetes, node or agent operating systems, and kernel). For components that Microsoft owns (such as the cluster API providers for Azure Local), AKS Arc and Azure personnel are committed to fixing issues upstream in the community.
 
-When a technical support issue is root-caused by one or more upstream bugs, AKS Arc support and engineering teams will do the following:
+When a technical support issue is caused by one or more upstream bugs, AKS Arc support and engineering teams do the following:
 
-- Identify and link the upstream bugs with any supporting details to help explain why this issue affects your cluster or workload. Customers receive links to the required repositories, so they can watch the issues and see when a new release will provide fixes.
-- Provide potential workarounds or mitigation. If the issue can be mitigated, a [known issue is filed in the AKS on Azure Local and Windows Server repository](https://github.com/Azure/aksArc/issues?q=is%3Aopen+is%3Aissue+label%3Aknown-issue). The known-issue filing explains:
+- Identify and link the upstream bugs with any supporting details to help explain why this issue affects your cluster or workload. Customers receive links to the required repositories, so they can watch the issues and see when a new release provides fixes.
+- Provide potential workarounds or mitigation. If the issue can be mitigated, a [known issue is filed in the AKS on Azure Local and Windows Server repository](https://github.com/Azure/aksArc/issues?q=is%3Aopen+is%3Aissue+label%3Aknown-issue). The known issue filing explains:
   - The issue, including links to upstream bugs.
   - The workaround and details about an upgrade or another option for the solution.
   - Rough timelines for the issue's inclusion, based on the upstream release cadence.
