merge conflict fix

Author: v-sissondan

.openpublishing.redirection.aks.json

@@ -1439,6 +1439,56 @@
         "source_path": "AKS-Arc/aks-known-issues.md",
         "redirect_url": "/azure/aks/aksarc/aks-troubleshoot",
         "redirect_document_id": false
+      },
+      {
+        "source_path": "AKS-Arc/aks-whats-new-23h2.md",
+        "redirect_url": "/azure/aks/aksarc/aks-whats-new-local",
+        "redirect_document_id": false
+      },
+      {
+        "source_path": "AKS-Arc/azure-rbac-23h2.md",
+        "redirect_url": "/azure/aks/aksarc/azure-rbac-local",
+        "redirect_document_id": false
+      },
+      {
+        "source_path": "AKS-Arc/kubernetes-rbac-23h2.md",
+        "redirect_url": "/azure/aks/aksarc/kubernetes-rbac-local",
+        "redirect_document_id": false
+      },
+      {
+        "source_path": "AKS-Arc/tutorial-kubernetes-prepare-application.md",
+        "redirect_url": "/azure/aks/aksarc/overview",
+        "redirect_document_id": false
+      },
+      {
+        "source_path": "AKS-Arc/tutorial-kubernetes-prepare-azure-container-registry.md",
+        "redirect_url": "/azure/aks/aksarc/overview",
+        "redirect_document_id": false
+      },
+      {
+        "source_path": "AKS-Arc/tutorial-kubernetes-deploy-cluster.md",
+        "redirect_url": "/azure/aks/aksarc/overview",
+        "redirect_document_id": false
+      },
+      {
+        "source_path": "AKS-Arc/tutorial-kubernetes-deploy-application.md",
+        "redirect_url": "/azure/aks/aksarc/overview",
+        "redirect_document_id": false
+      },
+      {
+        "source_path": "AKS-Arc/tutorial-kubernetes-scale.md",
+        "redirect_url": "/azure/aks/aksarc/overview",
+        "redirect_document_id": false
+      },
+      {
+        "source_path": "AKS-Arc/tutorial-kubernetes-app-update.md",
+        "redirect_url": "/azure/aks/aksarc/overview",
+        "redirect_document_id": false
+      },
+      {
+        "source_path": "AKS-Arc/tutorial-kubernetes-upgrade-cluster.md",
+        "redirect_url": "/azure/aks/aksarc/overview",
+        "redirect_document_id": false
       }
     ]
   }

AKS-Arc/TOC.yml

@@ -11,11 +11,11 @@
     href: data-collection.md
   - name: Blogs and announcements
     href: blogs-announcements.md
-- name: AKS on Azure Local, version 23H2
+- name: AKS on Azure Local
   expanded: true
   items:
-  - name: What's new in AKS on Azure Local, version 23H2
-    href: aks-whats-new-23h2.md
+  - name: What's new in AKS on Azure Local
+    href: aks-whats-new-local.md
   - name: Concepts
     items:
     - name: Architecture
@@ -33,9 +33,11 @@
     - name: High availability
       items: 
       - name: Use availability sets
-        href: availability-sets.md   
+        href: availability-sets.md
     - name: Supported scale requirements
       href: scale-requirements.md
+    - name: Connectivity modes
+      href: connectivity-modes.md  
     - name: Billing
       items:
       - name: Pricing details
@@ -76,6 +78,10 @@
           href: deploy-load-balancer-portal.md
         # - name: Troubleshoot issues
         #   href: load-balancer-troubleshoot.md
+    - name: Security
+      items:
+      - name: Encrypt etcd secrets
+        href: encrypt-etcd-secrets.md
     - name: AI and Machine Learning
       items:
       - name: Deploy an AI model with the AI toolchain operator
@@ -85,9 +91,9 @@
       - name: Enable Microsoft Entra ID authentication for Kubernetes clusters
         href: enable-authentication-microsoft-entra-id.md
       - name: Use Azure RBAC for Kubernetes authorization
-        href: azure-rbac-23h2.md
+        href: azure-rbac-local.md
       - name: Use Kubernetes RBAC with Microsoft Entra ID
-        href: kubernetes-rbac-23h2.md
+        href: kubernetes-rbac-local.md
       - name: Retrieve certificate-based admin kubeconfig
         href: retrieve-admin-kubeconfig.md
       - name: Configure SSH keys for a cluster
@@ -278,6 +284,8 @@
     items:
     - name: AKS Edge Essentials PowerShell 
       href: ./reference/aks-edge-ps/index.md
+    - name: Get support
+      href: aks-edge-help-support.md
     - name: Troubleshooting 
       href: aks-edge-troubleshoot-overview.md
     - name: Logs 
@@ -358,23 +366,6 @@
             href: setup.md
           - name: Create a Kubernetes cluster
             href: create-kubernetes-cluster.md
-  - name: Tutorial
-    items:
-      - name: 1 - Prepare an application
-        href: tutorial-kubernetes-prepare-application.md
-      - name: 2 - Create container registry
-        href: tutorial-kubernetes-prepare-azure-container-registry.md
-      - name: 3 - Deploy a workload cluster
-        href: tutorial-kubernetes-deploy-cluster.md
-      - name: 4 - Run an application
-        href: tutorial-kubernetes-deploy-application.md
-      - name: 5 - Scale an application
-        href: tutorial-kubernetes-scale.md
-      - name: 6 - Update an application
-        href: tutorial-kubernetes-app-update.md
-      - name: 7 - Upgrade Kubernetes cluster 
-        # Remove this, we don tneed to upgrade K8s in this tutorial.
-        href: tutorial-kubernetes-upgrade-cluster.md
   - name: Concepts
     items:
     - name: Quotas and resource limits
@@ -554,7 +545,7 @@
       - name: Use OpenFaaS
         href: openfaas.md
       - name: Use Bridge to Kubernetes with Visual Studio Code
-        href: https://code.visualstudio.com/docs/containers/bridge-to-kubernetes
+        href: /visualstudio/bridge/bridge-to-kubernetes-vs-code
       - name: Use Bridge to Kubernetes with Visual Studio
         href: /visualstudio/containers/bridge-to-kubernetes
       - name: Deploy a Java application with Open Liberty or WebSphere Liberty
@@ -573,7 +564,7 @@
       href: aks-hybrid-preview-uninstall.md
     - name: Troubleshooting overview
       href: troubleshoot-overview.md
-    - name: Azure Arc enabled Kubernetes
+    - name: Azure Arc-enabled Kubernetes
       href: known-issues-arc.yml
     - name: Pre-installation validation tests
       href: validation-tests.md
@@ -599,12 +590,6 @@
       href: known-issues-uninstall.yml
     - name: Other
       href: known-issues.yml
-    - name: Azure Local issues
-      items:
-      - name: Cluster validation reporting in Azure Local
-        href: /azure-stack/hci/manage/validate-qos
-      - name: CredSSP in Azure Local
-        href: /azure-stack/hci/manage/troubleshoot-credssp
     - name: Support policies
       href: support-policies.md
     - name: Get support

AKS-Arc/ad-sso.md

@@ -1,31 +1,31 @@
 ---
-title: Use Active Directory single sign-on for secure connection to Kubernetes API server in AKS enabled by Azure Arc
+title: Use Active Directory single sign-on for secure connection to Kubernetes API server in AKS on Windows Server
 description: Use Active Directory Authentication to securely connect to the API server with SSO credentials
 author: sethmanheim
 ms.topic: how-to
-ms.date: 08/07/2024
+ms.date: 04/02/2025
 ms.author: sethm 
 ms.lastreviewed: 1/14/2022
-ms.reviewer: sulahiri
+ms.reviewer: leslielin
 
 # Intent: As an IT Pro, I want to ue Active Directory Authentication to securely connect to the Kubernetes API server with SSO credentials.
 # Keyword: secure connection to Kubernetes API server
 
 ---
 
-# Use Active Directory single sign-on for secure connection to Kubernetes API server in AKS enabled by Azure Arc
+# Use Active Directory single sign-on for secure connection to Kubernetes API server in AKS on Windows Server
 
 [!INCLUDE [applies-to-azure stack-hci-and-windows-server-skus](includes/aks-hci-applies-to-skus/aks-hybrid-applies-to-azure-stack-hci-windows-server-sku.md)]
 
-You can create a secure connection to your Kubernetes API server in AKS enabled by Arc using Active Directory (AD) single sign-on (SSO) credentials.
+You can create a secure connection to your Kubernetes API server in AKS on Windows Server using Active Directory (AD) single sign-on (SSO) credentials.
 
-## Overview of AD in AKS enabled by Arc
+## Overview of AD in AKS on Windows Server
 
-Without Active Directory authentication, you must rely on a certificate-based _kubeconfig_ file when you connect to the API server via the `kubectl` command. The **kubeconfig** file contains secrets such as private keys and certificates that need to be carefully distributed, which can be a significant security risk.
+Without Active Directory authentication, you must rely on a certificate-based *kubeconfig* file when you connect to the API server via the `kubectl` command. The **kubeconfig** file contains secrets such as private keys and certificates that need to be carefully distributed, which can be a significant security risk.
 
-As an alternative to using certificate-based kubeconfig, you can use AD SSO credentials as a secure way to connect to the API server. AD integration with AKS Arc lets users on a Windows domain-joined machine connect to the API server via `kubectl` using their SSO credentials. This removes the need to manage and distribute certificate-based kubeconfig files that contain private keys.
+As an alternative to using certificate-based **kubeconfig**, you can use AD SSO credentials as a secure way to connect to the API server. AD integration with AKS Arc lets users on a Windows domain-joined machine connect to the API server via `kubectl` using their SSO credentials. This removes the need to manage and distribute certificate-based **kubeconfig** files that contain private keys.
 
-AD integration uses AD kubeconfig, which is distinct from the certificate-based kubeconfig files and doesn't contain any secrets. However, the certificate-based kubeconfig file can be used for backup purposes, such as troubleshooting, if there are issues with connecting using Active Directory credentials.
+AD integration uses AD **kubeconfig**, which is distinct from the certificate-based **kubeconfig** files and doesn't contain any secrets. However, the certificate-based **kubeconfig** file can be used for backup purposes, such as troubleshooting, if there are issues with connecting using Active Directory credentials.
 
 Another security benefit with AD integration is that the users and groups are stored as [security identifiers (SIDs)](/troubleshoot/windows-server/identity/security-identifiers-in-windows). Unlike group names, SIDs are immutable and unique and therefore present no naming conflicts.
 
@@ -77,7 +77,7 @@ Before you can install AD authentication, the workload cluster must be installed
 
 #### Option 1
 
-For a domain-joined Azure Local or Windows Server cluster, open PowerShell as an administrator and run the following command:
+For a domain-joined Windows Server cluster, open PowerShell as an administrator and run the following command:
 
 ```powershell
 Install-AksHciAdAuth -name mynewcluster1 -keytab .\current.keytab -SPN k8s/[email protected] -adminUser contoso\bob

AKS-Arc/adapt-apps-mixed-os-clusters.md

@@ -1,6 +1,6 @@
 ---
 title: Adapt applications for use in mixed-OS Kubernetes clusters
-description: Learn how to use node selectors or taints and tolerations on Azure Kubernetes Service to ensure applications in mixed OS Kubernetes clusters running on AKS Arc are scheduled on the correct worker node operating system.
+description: Learn how to use node selectors or taints and tolerations on Azure Kubernetes Service to ensure applications in mixed OS Kubernetes clusters running on AKS on Windows Server are scheduled on the correct worker node operating system.
 author: sethmanheim
 ms.topic: how-to
 ms.date: 06/27/2024
@@ -16,9 +16,9 @@ ms.reviewer: abha
 
 [!INCLUDE [applies-to-azure stack-hci-and-windows-server-skus](includes/aks-hci-applies-to-skus/aks-hybrid-applies-to-azure-stack-hci-windows-server-sku.md)]
 
-AKS enabled by Arc enables you to run Kubernetes clusters with both Linux and Windows nodes, but you must make small edits to your apps for use in these mixed-OS clusters. This how-to guide describes how to ensure your application gets scheduled on the right host OS using either node selectors or taints and tolerations.
+AKS on Windows Server enables you to run Kubernetes clusters with both Linux and Windows nodes, but you must make small edits to your apps for use in these mixed-OS clusters. This how-to guide describes how to ensure your application gets scheduled on the right host OS using either node selectors or taints and tolerations.
 
-This article assumes a basic understanding of Kubernetes concepts. For more information, see [Kubernetes core concepts for AKS enabled by Arc](kubernetes-concepts.md).
+This article assumes a basic understanding of Kubernetes concepts. For more information, see [Kubernetes core concepts for AKS on Windows Server](kubernetes-concepts.md).
 
 ## Node selectors
 

AKS-Arc/add-ons.md

@@ -1,6 +1,6 @@
 ---
-title: Add-ons and extensions available for AKS enabled by Arc
-description: Learn about what add-ons and integrations are supported in AKS enabled by Azure Arc.
+title: Add-ons and extensions available for AKS on Windows Server
+description: Learn about what add-ons and integrations are supported in AKS on Windows Server.
 author: sethmanheim
 ms.topic: how-to
 ms.date: 02/15/2024
@@ -9,9 +9,9 @@ ms.lastreviewed: 02/15/2023
 ms.reviewer: baziwane
 ---
 
-# Add-ons, extensions, and other integrations with AKS enabled by Arc
+# Add-ons, extensions, and other integrations with AKS on Windows Server
 
-Azure Kubernetes Service (AKS) enabled by Azure Arc provides augmented functionality for your Kubernetes cluster, mainly through extensions that are supported by Microsoft. There are also many integrations offered by open-source projects and third-party organizations. It's important to note that these integrations, which are not supported by AKS Arc, are not included in the [AKS Arc support policy](support-policies.md).
+Azure Kubernetes Service (AKS) on Windows Server provides augmented functionality for your Kubernetes cluster, mainly through extensions that are supported by Microsoft. There are also many integrations offered by open-source projects and third-party organizations. It's important to note that these integrations, which are not supported by AKS Arc, are not included in the [AKS Arc support policy](support-policies.md).
 
 ## Add-ons
 
@@ -30,15 +30,15 @@ The following rules are used by AKS Arc for applying updates to installed add-on
 | [Install-AksHciCsiNfs](reference/ps/install-akshcicsinfs.md)      | Installs the CSI NFS plug-in to a cluster.                       |
 | [Install-AksHciCsiSmb](reference/ps/install-akshcicsismb.md)      | Installs the CSI SMB plug-in to a cluster.                       |
 | [Install-AksHciGmsaWebhook](reference/ps/install-akshcigmsawebhook.md) | Installs gMSA webhook add-on to the cluster.                     |
-| [Install-AksHciMonitoring](reference/ps/install-akshcimonitoring.md)  | Installs Prometheus for monitoring in the AKS enabled by Arc deployment. |
+| [Install-AksHciMonitoring](reference/ps/install-akshcimonitoring.md)  | Installs Prometheus for monitoring in the AKS on Windows Server deployment. |
 
 ## Azure Arc extensions
 
 Cluster extensions build on top of certain Helm charts and provide an Azure Resource Manager-driven experience for installation and lifecycle management of different Azure capabilities on top of your Kubernetes cluster. You can [deploy these extensions to your clusters](/azure/azure-arc/kubernetes/extensions) to improve cluster management.
 
 ### Available extensions
 
-For more information about the specific cluster extensions for AKS enabled by Arc, see [Currently available extensions](/azure/azure-arc/kubernetes/extensions-release).
+For more information about the specific cluster extensions for AKS on Windows Server, see [Currently available extensions](/azure/azure-arc/kubernetes/extensions-release).
 
 ## Difference between extensions and add-ons
 
@@ -58,4 +58,4 @@ The following table shows examples of open-source and third-party integrations:
 
 ## Next steps
 
-- [AKS enabled by Arc overview](aks-overview.md)
+- [AKS on Windows Server overview](overview.md)

AKS-Arc/aks-arc-use-node-taints.md

@@ -1,8 +1,7 @@
 ---
 title: Manage node taints for an AKS cluster
-description: Learn how to manage node taints in AKS on Azure Local, version 23H2
+description: Learn how to manage node taints in AKS on Azure Local
 ms.topic: how-to
-ms.custom:
 ms.date: 06/03/2024
 author: sethmanheim
 ms.author: sethm 

AKS-Arc/aks-create-clusters-cli.md

@@ -16,7 +16,7 @@ ms.reviewer: guanghu
 
 This article describes how to create Kubernetes clusters in Azure Local using Azure CLI. The workflow is as follows:
 
-1. Create a Kubernetes cluster in Azure Local, version 23H2 using Azure CLI. The cluster is Azure Arc-connected by default.
+1. Create a Kubernetes cluster in Azure Local using Azure CLI. The cluster is Azure Arc-connected by default.
 1. While creating the cluster, you provide a Microsoft Entra group that contains the list of Microsoft Entra users with Kubernetes cluster administrator access.
 1. Access the cluster using kubectl and your Microsoft Entra ID.
 1. Run a sample multi-container application with a web front end and a Redis instance in the cluster.
@@ -44,7 +44,7 @@ az extension add -n connectedk8s --upgrade
 
 ## Create a Kubernetes cluster
 
-Use the [`az aksarc create`](/cli/azure/aksarc#az-aksarc-create) command to create a Kubernetes cluster in AKS Arc. Make sure you sign in to Azure before you run this command. If you have multiple Azure subscriptions, select the appropriate subscription ID using the [`az account set`](/cli/azure/account#az-account-set) command. With the  `az aksarc create` command, we recommend that you use the `--validate` flag, which validates the input parameters that you intend to use. Once the input parameters are validated, you can run the  `az aksarc create` command without the `--validate` flag to create the Kubernetes cluster. 
+Use the [az aksarc create](/cli/azure/aksarc#az-aksarc-create) command to create a Kubernetes cluster in AKS Arc. Make sure you sign in to Azure before you run this command. If you have multiple Azure subscriptions, select the appropriate subscription ID using the [az account set](/cli/azure/account#az-account-set) command. With the `az aksarc create` command, we recommend that you use the `--validate` flag, which validates the input parameters that you intend to use. Once the input parameters are validated, you can run the `az aksarc create` command without the `--validate` flag to create the Kubernetes cluster.
 
 ```azurecli
 az aksarc create -n $aksclustername -g $resource_group --custom-location $customlocationID --vnet-ids $logicnetId --aad-admin-group-object-ids $aadgroupID --generate-ssh-keys 
@@ -62,7 +62,7 @@ Note the following considerations when you create a cluster:
 - By default, the SSH key is stored at **~/.ssh/id_rsa.pub**. During cluster creation, you can specify an alternate location using the `--ssh-key-value` parameter.
 
 > [!IMPORTANT]
-> To use Azure RBAC or workload identity for an AKS cluster, you must pass the required parameters during cluster creation using Azure CLI. Currently, updating an existing AKS cluster to enable workload identity and/or Azure RBAC is not supported. For more information, see [Use Azure RBAC for Kubernetes authorization](/azure/aks/hybrid/azure-rbac-23h2) or [Deploy and configure Workload Identity for your cluster](workload-identity.md).
+> To use Azure RBAC or workload identity for an AKS cluster, you must pass the required parameters during cluster creation using Azure CLI. Currently, updating an existing AKS cluster to enable workload identity and/or Azure RBAC is not supported. For more information, see [Use Azure RBAC for Kubernetes authorization](azure-rbac-local.md) or [Deploy and configure Workload Identity for your cluster](workload-identity.md).
 
 ## Connect to the Kubernetes cluster
 

AKS-Arc/aks-create-clusters-portal.md

@@ -82,5 +82,5 @@ This article describes how to create Kubernetes clusters in Azure Local using th
 
 ## Next steps
 
-- [Review AKS on Azure Local, version 23H2 prerequisites](aks-hci-network-system-requirements.md)
-- [What's new in AKS on Azure Local](aks-whats-new-23h2.md)
+- [Review AKS on Azure Local prerequisites](aks-hci-network-system-requirements.md)
+- [What's new in AKS on Azure Local](aks-whats-new-local.md)