Sync release-hotfixes with main

Sync release-hotfixes with main

Author: sethmanheim

AKS-Hybrid/TOC.yml

@@ -98,6 +98,8 @@
         href: cluster-labels.md
       - name: Taints
         href: aks-arc-use-node-taints.md
+      - name: Use availability sets
+        href: availability-sets.md
     - name: Scale a Kubernetes cluster
       href: auto-scale-aks-arc.md
     - name: Upgrade Kubernetes clusters

AKS-Hybrid/aks-arc-diagnostic-checker.md

@@ -98,7 +98,7 @@ $urlArray = @(
     "https://management.azure.com",
     "https://eastus.dp.kubernetesconfiguration.azure.com",
     "https://login.microsoftonline.com",
-    "https://eastus.log in.microsoft.com",
+    "https://eastus.login.microsoft.com",
     "https://login.windows.net",
     "https://mcr.microsoft.com",
     "https://gbl.his.arc.azure.com",

AKS-Hybrid/aks-edge-howto-multi-node-deployment.md

@@ -27,7 +27,9 @@ You can generate the parameters needed to create a scalable cluster using the fo
 New-AksEdgeConfig -DeploymentType ScalableCluster -outFile .\aksedge-config.json | Out-Null
 ```
 
-This creates a configuration file called **aksedge-config.json** which includes the configuration needed to create a scalable cluster with a Linux node. The file is created in your current working directory. See the following examples for more options for creating the configuration file. A detailed description of the configuration parameters [is available here](aks-edge-deployment-config-json.md).
+This command creates a configuration file named **aksedge-config.json**, which includes the configuration needed to create a scalable cluster with a Linux node. The file is created in your current working directory. See [Deployment JSON configuration](aks-edge-deployment-config-json.md) for detailed descriptions of the configuration parameters (such as proxy settings).
+
+See the following examples for more options for creating the configuration file.
 
 The key parameters to note for a scalable Kubernetes deployment are:
 

AKS-Hybrid/aks-edge-howto-single-node-deployment.md

@@ -26,7 +26,7 @@ New-AksEdgeConfig -DeploymentType SingleMachineCluster -outFile .\aksedge-config
 
 This command creates a configuration file called **aksedge-config.json** that includes the configuration needed to create a single-machine cluster with a Linux node. The file is created in your current working directory. See the following examples for more options for creating the configuration file.
 
-A detailed description of the configuration parameters [is available here](aks-edge-deployment-config-json.md).
+See [Deployment JSON configuration](aks-edge-deployment-config-json.md) for a detailed description of the configuration parameters.
 
 The key parameters for single machine deployment are:
 
@@ -90,6 +90,9 @@ $machine.LinuxNode.MemoryInMB = 4096
 New-AksEdgeDeployment -JsonConfigString ($jsonObj | ConvertTo-Json -Depth 4)
 ```
 
+> [!TIP]
+> See [Deployment JSON configuration](aks-edge-deployment-config-json.md) for all available options, including network settings such as proxy settings.
+
 ### Create a simple cluster with NodePort service
 
 You can create a simple cluster with no service IPs (`ServiceIPRangeSize` set as 0):

AKS-Hybrid/aks-edge-quickstart.md

@@ -12,6 +12,9 @@ ms.custom: template-how-to
 
 This quickstart describes how to set up an Azure Kubernetes Service (AKS) Edge Essentials single-machine K3S Linux-only cluster.
 
+> [!NOTE]
+> The purpose of this quickstart script is to ease the evaluation process. This script requires higher level credentials for a one-time setup of the Azure subscription. This is not intended for production use.
+
 ## Prerequisites
 
 - See the [system requirements](aks-edge-system-requirements.md). For this quickstart, ensure that you have a minimum of 4.5 GB RAM free, 4 vCPUs and 20 GB free disk space.
@@ -53,6 +56,9 @@ This script automates the following steps:
   - Installs the Azure Connected Machine Agent and connects the host machine to Arc for Servers.
   - Connects the deployed cluster to Arc for connected Kubernetes.
 
+> [!TIP]
+> You can modify the `$aksedgeConfig` json content in the `AksEdgeQuickStart` script for any additional options. For available options, see [Deployment JSON configuration](aks-edge-deployment-config-json.md).
+
 ## Step 2: Deploy AKS Edge Essentials
 
 In an elevated PowerShell prompt, run the `AksEdgeQuickStart.ps1` script. This brings up a K3s cluster:

AKS-Hybrid/aks-whats-new-23h2.md

@@ -2,7 +2,7 @@
 title: What's new in AKS on Azure Stack HCI version 23H2
 description: Learn about what's new in AKS on Azure Stack HCI version 23H2.
 ms.topic: overview
-ms.date: 06/25/2024
+ms.date: 09/05/2024
 author: sethmanheim
 ms.author: sethm 
 ms.reviewer: guanghu
@@ -42,21 +42,39 @@ By integrating these components, Azure Arc offers a unified and efficient Kubern
 
 This section lists the new features and improvements in AKS Arc in each release of Azure Stack HCI, version 23H2.
 
+### Release 2408
+
+The following Kubernetes cluster deployment and management capabilities are available:
+
+- **High availability improvements**. You can now deploy nodes with anti-affinity on specific physical hosts on Azure Stack HCI clusters. For more information, see [Availability sets](availability-sets.md).
+- **PowerShell**. You can now use PowerShell cmdlets to manage your AKS Arc clusters on Azure Stack HCI 23H2 with CRUD support. For more information, see the [PowerShell reference documentation](/powershell/module/az.aksarc/?view=azps-12.1.0&preserve-view=true).
+- **Error report improvements**. You can now get improved error case reporting with prechecks; for example, a check for incorrect Kubernetes versions and available GPU capacity.
+- **Support for NVIDIA T4**. You can now create node pools in new VM sizes with GPU NVIDIA T4. For more information, see [Use GPUs](deploy-gpu-node-pool.md).
+- **Arc Gateway**. You can now use the Arc Gateway to configure very few of the outbound URLs to use AKS clusters on Azure Stack HCI.
+- **Support pod CIDR**. You can now create an AKS Arc cluster with a user-specified pod CIDR IP arrange.
+
+#### Supported component versions for 2408
+
+| Component           | Version                                       |
+|---------------------|--------------------------------------------------|
+| AKS Arc             | 1.3.218                                     |
+| Kubernetes versions | 1.27.7, 1.27.9, 1.28.5, 1.28.9, 1.29.2, 1.29.4 |
+
 ### Release 2405
 
 The following Kubernetes cluster deployment and management capabilities are available:
 
 - **Azure RBAC support**. You can now enable Azure RBAC for Kubernetes while creating AKS Arc clusters using Azure CLI and Azure Resource Manager templates.
-- **Taints and labels update**. You can can now update taints and labels during an AKS Arc node pool update operation using Azure CLI and Azure Resource Manager templates.
+- **Taints and labels update**. You can now update taints and labels during an AKS Arc node pool update operation using Azure CLI and Azure Resource Manager templates.
 - **AKS Arc cluster platform metrics and alerts**. You can now view AKS Arc cluster metrics (platform metrics) and create metric-based alerts.
 - **Auto cert repair**. You can now automatically repair certificates, managed by cert-tattoo, that expired when the cluster was shut down.
 - **Download VHDs manually (offline download)**. This feature, now available only in private preview, enables you to download virtual machine images and upload them to the target center using a manual process. This can help in environments in which downloading large files is inconvenient. If you are interested in using it, contact your Microsoft Account representative.
 
-#### Supported component versions
+#### Supported component versions for 2405
 
 The following component versions are supported in release 2405:
 
-| Component           | 2024-06-11                                       |
+| Component           | Version                                       |
 |---------------------|--------------------------------------------------|
 | AKS Arc             | 1.0.23.10605                                     |
 | Kubernetes versions | 1.26.10, 1.26.12, 1.27.7, 1.27.9, 1.28.3, 1.28.5 |

AKS-Hybrid/availability-sets.md

@@ -0,0 +1,74 @@
+---
+title: Availability sets in AKS enabled by Azure Arc
+description: Learn how to enable availability sets in AKS enabled by Arc to improve the availability and distribution of your Kubernetes workloads.
+ms.topic: how-to
+author: sethmanheim
+ms.date: 09/06/2024
+ms.author: sethm 
+ms.reviewer: rbaziwane
+ms.lastreviewed: 08/15/2024
+
+---
+
+# Availability sets in AKS enabled by Azure Arc
+
+*Availability sets* are logical groups of VMs that have weak anti-affinity relationships with each other, to ensure that they are spread evenly across the available fault domains in a physical cluster. A fault domain in this context is a physical host or a group of physical hosts. By using availability sets, AKS Arc can improve the availability and distribution of your Kubernetes workloads. Availability sets can avoid scenarios in which a single node failure can cause multiple VMs to go down or become unbalanced.
+
+## Overview
+
+If you use AKS on Azure Stack HCI and Windows Server to run Kubernetes workloads on-premises, you might encounter some challenges with the current architecture. For example, you might notice that multiple virtual machines (VMs) within the same node pool can exist on the same physical host, which is not ideal for high availability. Or, you might see that VMs do not rebalance across physical hosts when a host recovers from an issue, resulting in uneven distribution of workloads. These issues can affect the performance and reliability of your applications, causing unnecessary disruption in your business operations.
+
+Availability sets offer several benefits for AKS on Azure Stack HCI and Windows Server users, such as:
+
+- Improves the availability and resilience of your applications by avoiding scenarios in which multiple VMs within the same node pool or control plane go down or become unbalanced due to a single node failure.
+- Optimizes the resource usage and performance of your cluster by ensuring that VMs are evenly distributed across the available nodes and not concentrated on a single node or a subset of nodes.
+- Aligns with the best practices and expectations of your customers and partners who are looking for a reliable and consistent on-premises Kubernetes experience.
+
+## Enable availability sets
+
+With AKS on Azure Stack HCI 23H2, the availability sets feature is enabled by default when you create a new node pool.
+
+With AKS on Azure Stack HCI 22H2, the availability sets feature is disabled by default. To enable it, add the `-enableAvailabilitySet` parameter when you create a workload cluster. For example:
+
+```powershell
+New-AksHciCluster -Name <name> -controlPlaneNodeCount 3 -osType Linux -kubernetesVersion $kubernetesVersion -enableAvailabilitySet
+```
+
+## How availability sets work in AKS enabled by Azure Arc
+
+When you create a new AKS Arc cluster, AKS Arc automatically creates availability sets, one for the control plane VMs and another one for each of the node pools in the cluster. Each node pool has its own availability set. With this layout, AKS Arc ensures that VMs of the same role (control plane or node pool) are never located on the same physical host and that they're distributed across the available nodes in a cluster.
+
+Once the availability sets are created and the VMs assigned, the system automatically places them on the appropriate physical nodes. If a node fails, the system also automatically fails over the VMs to other nodes and rebalances them when the node recovers. This way, you can achieve high availability and optimal distribution of your Kubernetes workloads without manual intervention.
+
+Consider an AKS on Azure Stack HCI 23H2 cluster with two physical host machines, **Host A** and **Host B**, three control plane VMs, and two worker node VMs, **Nodepool1VM1** and **Nodepool1VM2**. To ensure high availability of your Kubernetes applications, the node pool VMs must never share the same host, unless one of the hosts is temporarily unavailable for planned maintenance or capacity issue, which can cause the VM (virtual machine) to be temporarily placed on an alternative host.
+
+In the following diagram, each color represents an anti-affinity group:  
+
+:::image type="content" source="media/availability-sets/anti-affinity-1.png" alt-text="Diagram showing hosts in anti-affinity group.":::
+
+If **Host B** goes down due to a reboot, **Control Plane VM2**, **Control Plane VM3**, and **Nodepool1VM2** fail over to **Host A** as shown in the following figure. Assuming your application is running pods in **NodePoolVM1**, this reboot has no impact on your application:
+
+:::image type="content" source="media/availability-sets/anti-affinity-2.png" alt-text="Diagram showing host B down.":::
+
+In the old architecture, if **Host B** came back online after a reboot, there was no guarantee that the VMs would move back from Host A to Host B (rebalancing), thus forcing the workloads to stay on the same host, and create a single point of failure, as shown in the following diagram:
+
+:::image type="content" source="media/availability-sets/anti-affinity-3.png" alt-text="Diagram showing no rebalancing.":::
+
+Availability sets for AKS Arc can help to rebalance VMs once a host recovers from temporary outage. In this example, **ControlPlaneVM2**, **ControlPlaneVM3**, and **Nodepool1VM2** automatically move to **Host B**, as shown here:
+
+:::image type="content" source="media/availability-sets/anti-affinity-1.png" alt-text="Diagram showing hosts in anti-affinity group.":::
+
+> [!IMPORTANT]
+> Availability sets in AKS Arc are a new feature that's still evolving and improving. We do not yet support manual configuration of the fault domains or availability sets. You can't change the fault domains of an availability set after it's created. VMs are assigned to an availability set at cluster creation, and can't be migrated to a different availability set.
+
+## Add or delete machines
+
+In a host deletion scenario, the host is no longer considered a part of the cluster. This deletion typically occurs when you replace a machine due to hardware issues, or scale down the HCI cluster for other reasons. During a node outage, the node remains part of the HCI cluster but appears as **Down**.
+
+If a physical machine (fault domain) is permanently deleted from the cluster, the availability set configuration isn't modified to reduce the number of fault domains. In this scenario, the availability set enters an unhealthy state. We recommend that you redeploy your workload clusters so that the availability set is updated with the proper number of fault domains.
+
+When a new physical machine (fault domain) is added to the cluster, the availability set configuration is automatically expanded to include the new machine. However, the existing VMs don't rebalance to apply this new configuration, since they are already assigned to availability sets. We recommend that you redeploy your workload clusters so that the availability set is updated with the proper number of fault domains.
+
+## Next steps
+
+[AKS overview](aks-overview.md)

AKS-Hybrid/deploy-gpu-node-pool.md

@@ -29,12 +29,20 @@ The following GPU models are supported by AKS on Azure Stack HCI 23H2:
 |--------------|-----------|-------------------|
 | NVidia       | A2        | 2311.2            |
 | NVidia       | A16       | 2402.0            |
+| NVidia       | T4        | 2408.0            |
 
 ## Supported VM sizes
 
 The following VM sizes for each GPU models are supported by AKS on Azure Stack HCI 23H2. 
 
-### The Nvidia A2 is supported by NC2 A2 SKUs
+### Nvidia T4 is supported by NK T4 SKUs
+
+| VM size | GPUs | GPU Memory: GiB | vCPU | Memory: GiB |
+|-----------------|---|----|-----|----|
+| Standard_NK6    | 1 | 8  | 6   | 12 |
+| Standard_NK12   | 2 | 16 | 12  | 24 |
+
+### Nvidia A2 is supported by NC2 A2 SKUs
 
 | VM size | GPUs | GPU Memory: GiB | vCPU | Memory: GiB |
 |-------------------|---|----|----|----|
@@ -43,7 +51,7 @@ The following VM sizes for each GPU models are supported by AKS on Azure Stack H
 | Standard_NC16_A2  | 2 | 48 | 16 | 64 |
 | Standard_NC32_A2  | 2 | 48 | 32 | 28 | 
 
-### The Nvidia A16 is supported by NC2 A16 SKUs
+### Nvidia A16 is supported by NC2 A16 SKUs
 
 | VM size | GPUs | GPU Memory: GiB | vCPU | Memory: GiB |
 |--------------------|---|----|----|----|