Merge pull request #16598 from MicrosoftDocs/main

12/16/2024 PM Publish

Author: Taojunshen

.acrolinx-config.edn

@@ -1,2 +1,2 @@
 {:allowed-branchname-matches ["main" "release-.*"]
-:allowed-filename-matches ["azure-stack" "AKS-Hybrid" "azure-managed-lustre"]}
+:allowed-filename-matches ["azure-stack" "AKS-Hybrid" "azure-managed-lustre" "azure-local"]}

AKS-Hybrid/TOC.yml

@@ -3,14 +3,14 @@
 - name: Overview
   expanded: true
   items:
-  - name: What is AKS enabled by Arc?
+  - name: What is AKS enabled by Azure Arc?
     href: aks-overview.md
-  - name: Compare AKS enabled by Arc deployment options
-    href: https://techcommunity.microsoft.com/t5/azure-arc-blog/comparing-feature-sets-for-aks-enabled-by-azure-arc-deployment/ba-p/4188163
   - name: Supported Kubernetes versions
     href: supported-kubernetes-versions.md  
   - name: Data collection
     href: data-collection.md
+  - name: Blogs and announcements
+    href: blogs-announcements.md
 - name: AKS on Azure Local, version 23H2
   expanded: true
   items:
@@ -425,124 +425,124 @@
           href: update-akshci-host-powershell.md
         - name: Use Windows Admin Center
           href: update-akshci-host-windows-admin-center.md
-        - name: Upgrade Kubernetes version
-          items:
-          - name: Use PowerShell
-            href: upgrade.md
-          - name: Use Windows Admin Center
-            href: upgrade-kubernetes.md
-      - name: Develop applications
+      - name: Upgrade Kubernetes version
         items:
-          - name: Deploy applications with Helm
-            href: helm-deploy.md
-          - name: Deploy Azure Arc-enabled data services
-            href: deploy-arc-data-services.md
-          - name: Deploy configurations using GitOps
-            href: /azure/azure-arc/kubernetes/tutorial-use-gitops-flux2?toc=/azure/aks/hybrid/toc.json&bc=/azure/aks/hybrid/breadcrumb/toc.json
-          - name: Implement CI/CD using GitOps
-            href: /azure/azure-arc/kubernetes/tutorial-gitops-flux2-ci-cd?toc=/azure/aks/hybrid/toc.json&bc=/azure/aks/hybrid/breadcrumb/toc.json
-      - name: Scale
-        items:    
-            - name: Scale an AKS cluster
-              href: scale-cluster.md
-            - name: Use autoscaler
-              items:
-              - name: Use PowerShell
-                href: work-with-horizontal-autoscaler.md
-              - name: Use autoscaler profiles
-                href: work-with-autoscaler-profiles.md
-      - name: Restart, stop, restore
-        items:    
-        - name: Restart, remove, or reinstall AKS
-          href: restart-cluster.md
-        - name: Stop and start an AKS cluster
-          href: stop-start-cluster.md
-        - name: Restore AKS cluster from disaster
-          href: restore-aks-cluster.md
-        - name: Back up or restore workload clusters using Velero
-          href: backup-workload-cluster.md
-      - name: Use Azure Arc Kubernetes
-        items:
-        - name: Connect to Azure Arc for Kubernetes
-          href: connect-to-arc.md
-        - name: Az module CLI commands
-          href: /cli/azure/connectedk8s
-      - name: Networking
-        items:
-        - name: Use proxy settings
-          href: set-proxy-settings.md
-        - name: Update proxy settings and certificates
-          href: proxy-change.md
-        - name: Configure load balancer
-          href: configure-load-balancer.md
-        - name: Use multiple load balancers
-          href: multiple-load-balancers.md
-        - name: Configure a custom load balancer
-          href: configure-custom-load-balancer.md
-        - name: Use an ingress controller
-          href: create-ingress-controller.md
-        - name: Use Microsoft Software Defined Networking (SDN)
-          items:
-          - name: Deploy SDN
-            href: software-defined-networking.md
-          - name: Deploy application clusters on different SDN virtual networks
-            href: deploy-target-clusters-virtual-networks.md
-      - name: Storage
-        items:
-        - name: Use persistent volumes
-          href: persistent-volume.md
-      - name: Security and authentication
-        items:
-        - name: Restrict SSH access
-          href: restrict-ssh-access-22h2.md
-        - name: Use Active Directory single sign-on
-          href: ad-sso.md
-        - name: Use Kubernetes RBAC with Microsoft Entra ID
-          href: kubernetes-rbac-entra-id.md
-        - name: Use Azure RBAC with AKS clusters
-          href: azure-rbac-aks-hybrid.md
-        - name: Update certificate bundle on container hosts
-          href: update-certificate-bundle.md
-        - name: Update certificates
-          href: update-certificates.md
-        - name: Secrets Store CSI Driver configuration
-          href: secrets-store-csi-driver.md
-        - name: Encrypt etcd secrets
-          href: encrypt-secrets.md
-        - name: Configure Defender for Azure Arc-enabled Kubernetes clusters
-          href: /azure/security-center/defender-for-kubernetes-azure-arc?tabs=k8s-deploy-asc%2ck8s-verify-asc%2ck8s-remove-arc
-      - name: Monitoring and logging
-        items:    
-        - name: Use on-premises monitoring
-          href: monitor-logging.md
-      - name: Use Windows Server containers
-        items:
-        - name: Deploy .NET applications
-          href: deploy-windows-application.md
-        - name: Configure group Managed Service Account support
-          href: prepare-windows-nodes-gmsa.md
-        - name: Adapt apps for mixed-OS Kubernetes clusters
-          href: adapt-apps-mixed-os-clusters.md
-      - name: Develop and run applications
+        - name: Use PowerShell
+          href: upgrade.md
+        - name: Use Windows Admin Center
+          href: upgrade-kubernetes.md
+    - name: Develop applications
+      items:
+        - name: Deploy applications with Helm
+          href: helm-deploy.md
+        - name: Deploy Azure Arc-enabled data services
+          href: deploy-arc-data-services.md
+        - name: Deploy configurations using GitOps
+          href: /azure/azure-arc/kubernetes/tutorial-use-gitops-flux2?toc=/azure/aks/hybrid/toc.json&bc=/azure/aks/hybrid/breadcrumb/toc.json
+        - name: Implement CI/CD using GitOps
+          href: /azure/azure-arc/kubernetes/tutorial-gitops-flux2-ci-cd?toc=/azure/aks/hybrid/toc.json&bc=/azure/aks/hybrid/breadcrumb/toc.json
+    - name: Scale
+      items:    
+          - name: Scale an AKS cluster
+            href: scale-cluster.md
+          - name: Use autoscaler
+            items:
+            - name: Use PowerShell
+              href: work-with-horizontal-autoscaler.md
+            - name: Use autoscaler profiles
+              href: work-with-autoscaler-profiles.md
+    - name: Restart, stop, restore
+      items:    
+      - name: Restart, remove, or reinstall AKS
+        href: restart-cluster.md
+      - name: Stop and start an AKS cluster
+        href: stop-start-cluster.md
+      - name: Restore AKS cluster from disaster
+        href: restore-aks-cluster.md
+      - name: Back up or restore workload clusters using Velero
+        href: backup-workload-cluster.md
+    - name: Use Azure Arc Kubernetes
+      items:
+      - name: Connect to Azure Arc for Kubernetes
+        href: connect-to-arc.md
+      - name: Az module CLI commands
+        href: /cli/azure/connectedk8s
+    - name: Networking
+      items:
+      - name: Use proxy settings
+        href: set-proxy-settings.md
+      - name: Update proxy settings and certificates
+        href: proxy-change.md
+      - name: Configure load balancer
+        href: configure-load-balancer.md
+      - name: Use multiple load balancers
+        href: multiple-load-balancers.md
+      - name: Configure a custom load balancer
+        href: configure-custom-load-balancer.md
+      - name: Use an ingress controller
+        href: create-ingress-controller.md
+      - name: Use Microsoft Software Defined Networking (SDN)
         items:
-        - name: Install existing applications with Helm
-          href: kubernetes-helm.md
-        - name: Use OpenFaaS
-          href: openfaas.md
-        - name: Use Bridge to Kubernetes with Visual Studio Code
-          href: https://code.visualstudio.com/docs/containers/bridge-to-kubernetes
-        - name: Use Bridge to Kubernetes with Visual Studio
-          href: /visualstudio/containers/bridge-to-kubernetes
-        - name: Deploy a Java application with Open Liberty or WebSphere Liberty
-          href: deploy-java-liberty-app.md
-        - name: Deploy Linux applications
-          href: deploy-linux-application.md
-      - name: Helper scripts
-        items: 
-        - name: Set up multiple administrators
-          href: set-multiple-administrators.md
-        - name: Remove old PowerShell modules
-          href: https://github.com/Azure/aks-hci/issues/130
+        - name: Deploy SDN
+          href: software-defined-networking.md
+        - name: Deploy application clusters on different SDN virtual networks
+          href: deploy-target-clusters-virtual-networks.md
+    - name: Storage
+      items:
+      - name: Use persistent volumes
+        href: persistent-volume.md
+    - name: Security and authentication
+      items:
+      - name: Restrict SSH access
+        href: restrict-ssh-access-22h2.md
+      - name: Use Active Directory single sign-on
+        href: ad-sso.md
+      - name: Use Kubernetes RBAC with Microsoft Entra ID
+        href: kubernetes-rbac-entra-id.md
+      - name: Use Azure RBAC with AKS clusters
+        href: azure-rbac-aks-hybrid.md
+      - name: Update certificate bundle on container hosts
+        href: update-certificate-bundle.md
+      - name: Update certificates
+        href: update-certificates.md
+      - name: Secrets Store CSI Driver configuration
+        href: secrets-store-csi-driver.md
+      - name: Encrypt etcd secrets
+        href: encrypt-secrets.md
+      - name: Configure Defender for Azure Arc-enabled Kubernetes clusters
+        href: /azure/security-center/defender-for-kubernetes-azure-arc?tabs=k8s-deploy-asc%2ck8s-verify-asc%2ck8s-remove-arc
+    - name: Monitoring and logging
+      items:    
+      - name: Use on-premises monitoring
+        href: monitor-logging.md
+    - name: Use Windows Server containers
+      items:
+      - name: Deploy .NET applications
+        href: deploy-windows-application.md
+      - name: Configure group Managed Service Account support
+        href: prepare-windows-nodes-gmsa.md
+      - name: Adapt apps for mixed-OS Kubernetes clusters
+        href: adapt-apps-mixed-os-clusters.md
+    - name: Develop and run applications
+      items:
+      - name: Install existing applications with Helm
+        href: kubernetes-helm.md
+      - name: Use OpenFaaS
+        href: openfaas.md
+      - name: Use Bridge to Kubernetes with Visual Studio Code
+        href: https://code.visualstudio.com/docs/containers/bridge-to-kubernetes
+      - name: Use Bridge to Kubernetes with Visual Studio
+        href: /visualstudio/containers/bridge-to-kubernetes
+      - name: Deploy a Java application with Open Liberty or WebSphere Liberty
+        href: deploy-java-liberty-app.md
+      - name: Deploy Linux applications
+        href: deploy-linux-application.md
+    - name: Helper scripts
+      items: 
+      - name: Set up multiple administrators
+        href: set-multiple-administrators.md
+      - name: Remove old PowerShell modules
+        href: https://github.com/Azure/aks-hci/issues/130
   - name: Troubleshooting
     items:
     - name: Uninstall AKS cluster provisioning from Azure preview

AKS-Hybrid/blogs-announcements.md

@@ -0,0 +1,42 @@
+---
+title: AKS enabled by Azure Arc blogs and announcements
+description: Learn about the latest blogs and announcements for Azure Kubernetes Service (AKS) enabled by Azure Arc.
+author: sethmanheim
+ms.author: sethm
+ms.date: 12/3/2024
+ms.topic: conceptual
+
+---
+
+# Blogs and announcements
+
+This article provides a list of blogs and announcements for Azure Kubernetes Service (AKS) enabled by Azure Arc.
+
+See the [Microsoft Tech Community - Azure Arc Blogs](https://techcommunity.microsoft.com/tag/azure%20arc?nodeId=board%3AAzureArcBlog) for a complete list of relevant articles.
+
+## 2024
+
+| Month | News |
+|-|-|
+| Nov | *Blog*: [Speed Innovation with Arc-enabled Kubernetes Applications](https://techcommunity.microsoft.com/blog/azurearcblog/speed-innovation-with-arc-enabled-kubernetes-applications/4298658) <br/> *Blog*: [AKS Arc - Optimized for AI Workloads](https://techcommunity.microsoft.com/blog/azurearcblog/aks-arc---optimized-for-ai-workloads/4292435) <br/>*Blog*: [Introducing Azure Local, cloud infrastructure for distributed locations enabled by Azure Arc](https://techcommunity.microsoft.com/blog/azurearcblog/introducing-azure-local-cloud-infrastructure-for-distributed-locations-enabled-b/4296017) <br/>*(Azure Local pricing includes AKS enabled by Arc)*<br/> *Video*: [Azure Local with lost cost hardware](https://youtu.be/yxlAfS9mh2E) <br/> *Video*: [Disconnected operations for Azure Local](https://www.youtube.com/watch?v=8VwhonI_Jq8)|
+| July | *Blog*: [Compare feature sets for AKS enabled by Azure Arc deployment options](https://techcommunity.microsoft.com/t5/azure-arc-blog/comparing-feature-sets-for-aks-enabled-by-azure-arc-deployment/ba-p/4188163)|
+| April  | *Blog*:  [Sneak peek at new Azure edge infrastructure at Hannover Messe 2024](https://techcommunity.microsoft.com/t5/azure-stack-blog/sneak-peek-at-new-azure-edge-infrastructure-at-hannover-messe/ba-p/4120256)|
+
+## 2023
+
+| Month | News |
+|-|-|
+| May | *Blog*: [Achieve distributed high availability: Stack HCI and AKS Hybrid](https://techcommunity.microsoft.com/t5/azure-architecture-blog/achieving-distributed-high-availability-stack-hci-and-aks-hybrid/ba-p/3820279) |
+| March | **GA**: [Bring all your workloads to the edge with AKS Edge Essentials. Now generally available!](https://techcommunity.microsoft.com/t5/internet-of-things-blog/bring-all-your-workloads-to-the-edge-with-aks-edge-essentials/ba-p/3765162) <br/> *Blog*:  [Announcing the 3-year retirement of Windows Server 2019 on Azure Kubernetes Service and AKS hybrid](https://techcommunity.microsoft.com/t5/containers/announcing-the-3-year-retirement-of-windows-server-2019-on-azure/ba-p/3777341) <br/> *Blog*: [How do AKS and AKS on Azure Stack HCI compare?](https://techcommunity.microsoft.com/t5/azure-arc-blog/how-do-aks-and-aks-on-azure-stack-hci-compare/ba-p/3761670)|
+| Feb | **GA**: [AKS enabled by Azure Arc is now available on Azure Stack HCI 23H2](https://techcommunity.microsoft.com/t5/azure-stack-blog/aks-enabled-by-azure-arc-is-now-available-on-azure-stack-hci/ba-p/4045648) |
+
+## 2021
+
+| Month | News |
+|-|-|
+| June | **GA**: [Announcing the GA of Azure IoT Edge for Linux on Windows](https://techcommunity.microsoft.com/t5/internet-of-things-blog/announcing-the-ga-of-azure-iot-edge-for-linux-on-windows/ba-p/2477508) |
+| May | **GA**: [Azure Kubernetes Service on Azure Stack HCI now Generally Available](https://techcommunity.microsoft.com/t5/azure-stack-blog/azure-kubernetes-service-on-azure-stack-hci-now-generally/ba-p/2382390) |
+
+## Next steps
+
+[AKS enabled by Azure Arc overview](overview.md)

azure-local/concepts/media/gateway-overview/layer-3-forwarding-example.png

@@ -102,7 +102,11 @@ Follow these steps to configure the operating system using SConfig:
 
 1. Use the **Network Settings** option in SConfig to configure a default valid gateway and a DNS server. Set **DNS** to the DNS of the domain you're joining.
 
-1. Configure a valid time server on each machine. Validate that your machine is not using the local CMOS clock as a time source, using the following command:
+   > [!IMPORTANT]
+   > It is not supported to change the DNS servers after deployment. Make sure you plan your DNS strategy before doing the deployment. For more information, see [DNS Servers Considerations](../plan/cloud-deployment-network-considerations.md#dns-servers-considerations).
+
+
+2. Configure a valid time server on each machine. Validate that your machine is not using the local CMOS clock as a time source, using the following command:
 
    ```cmd
    w32tm /query /status
@@ -122,18 +126,18 @@ Follow these steps to configure the operating system using SConfig:
 
    Once the machine is domain joined, it synchronizes its time from the PDC emulator.
 
-1. (Optional) At this point, you can enable Remote Desktop Protocol (RDP) and then RDP to each machine rather than use the virtual console. This action should simplify performing the remainder of the configuration.
+3. (Optional) At this point, you can enable Remote Desktop Protocol (RDP) and then RDP to each machine rather than use the virtual console. This action should simplify performing the remainder of the configuration.
 
-1. (Optional) Change the Computer Name as desired. This will be the name shown in the Azure portal as well as your Active Directory environment once joined.
+4. (Optional) Change the Computer Name as desired. This will be the name shown in the Azure portal as well as your Active Directory environment once joined.
 
-1. Clean all the non-OS drives for each machine that you intend to deploy. Remove any virtual media that have been used when installing the OS. Also validate that no other root drives exist.
+5. Clean all the non-OS drives for each machine that you intend to deploy. Remove any virtual media that have been used when installing the OS. Also validate that no other root drives exist.
 
     > [!NOTE]
     > This step doesn't apply to a machine repair operation.
 
-1. Restart the machines.
+6. Restart the machines.
 
-1. Set the local administrator credentials to be identical across all machines.
+7. Set the local administrator credentials to be identical across all machines.
 
     > [!NOTE]
     > - Make sure that the local administrator password follows Azure password length and complexity requirements. Use a password that is at least 12 characters long and contains a lowercase character, an uppercase character, a numeral, and a special character.

azure-local/deploy/deployment-install-os.md

@@ -73,7 +73,7 @@ landingContent:
           - text: Run Azure Virtual Desktop
             url: /azure/virtual-desktop/azure-stack-hci-overview
           - text: Run Azure Arc Virtual Machines
-            url: /manage/create-arc-virtual-machines.md
+            url: /azure/azure-local/manage/create-arc-virtual-machines
 
   # Card
   - title: Manage

azure-local/index.yml

@@ -326,6 +326,19 @@ Here are the summarized considerations for the IP addresses:
 |4     | DHCP addresses are only supported for node IPs and the cluster IP. Infrastructure services use static IPs from the management pool.       |
 |5     | The MAC address from the first physical network adapter is assigned to the management virtual network adapter once the management network intent is created.       |
 
+### DNS Servers Considerations
+
+Azure Local deployments based on Active Directory require a DNS Server that can resolve the On-Prem domain and the Internet public endpoints. As part of the deployment it is required to define the same DNS servers for the infrastructure IP address range that is configured on the nodes. Azure Resource Bridge control plane VM and AKS control plane will use those same DNS servers for name resolution. Once deployment is completed, it is not supported to change the DNS servers IPs and it will not be possible to update the addresses across the Azure Local platform stack.
+
+Here are the summarized considerations for DNS servers addresses
+
+|#  | Considerations  |
+|---------|---------|
+|1     | DNS servers across all the nodes of the cluster must be the same.       |
+|2     | The infrastructure IP address range DNS servers must be the same used for the nodes.       |
+|3     | Azure Resource Bridge VM control plane and AKS control plane will use the DNS Servers configured on the infrastructure IP address range.      |
+|4     | It is not supported to change the DNS servers after deployment. Make sure you plan your DNS strategy before doing the Azure Local deployment.       |
+
 ### Proxy requirements
 
 A proxy is most likely required to access the internet within your on-premises infrastructure. Azure Local supports only non-authenticated proxy configurations. Given that internet access is required to register the nodes in Azure Arc, the proxy configuration must be set as part of the OS configuration before machine nodes are registered. For more information, see [Configure proxy settings](../manage/configure-proxy-settings-23h2.md).