edits

Author: paigecalvert

docs/reference/embedded-cluster-install.mdx

@@ -81,7 +81,7 @@ sudo ./APP_SLUG install --license LICENSE_FILE [flags]
   <tr>
      <td>`--network-interface`</td>
      <td>
-        <p>The network interface to bind to for the Kubernetes API. If a network interface is not provided, the first valid, non-local network interface is used. Use `--network-interface` for multi-node clusters where node communication should happen on a particular network.</p>
+        <p>The name of the network interface to bind to for the Kubernetes API. A common use case of `--network-interface` is for multi-node clusters where node communication should happen on a particular network. **Default**: If a network interface is not provided, the first valid, non-local network interface is used.</p>
      </td>
   </tr>
   <tr>
@@ -102,8 +102,8 @@ sudo ./APP_SLUG install --license LICENSE_FILE [flags]
   <tr>
      <td>`--private-ca`</td>
      <td>
-        <p>The name of a ConfigMap that contains the trusted certificate authority (CA) certificates used by a Man-In-The-Middle (MITM) proxy that intercepts traffic and issues its own certificates. Providing the CA certificates with `--private-ca` ensures that the private CA is trusted by the installation.</p>
-        <p><strong>Note:</strong> The KOTS [PrivateCACert](/reference/template-functions-static-context#privatecacert) template function returns the ConfigMap containing the private CA certificates supplied with the `--private-ca` flag. You can use this template function to mount the specified ConfigMap so your containers can access the internet through proxies that issue their own TLS certificates in order to inspect traffic.</p>
+        <p>The path to the trusted certificate authority (CA) certificates used by a Man-In-The-Middle (MITM) proxy that intercepts traffic and issues its own certificates. Using the `--private-ca` flag ensures that the CA is trusted by the installation. KOTS writes the CA bundle provided with the `--private-ca` flag to a ConfigMap in the cluster.</p>
+        <p><strong>Note:</strong> The KOTS [PrivateCACert](/reference/template-functions-static-context#privatecacert) template function returns the ConfigMap containing the private CA certificates supplied with the `--private-ca` flag. You can use this template function to mount the ConfigMap so your containers can access the internet through proxies that issue their own TLS certificates in order to inspect traffic.</p>
      </td>
   </tr>
 </table>
@@ -145,12 +145,23 @@ Where:
 
 ```bash
 sudo ./APP_SLUG install --license license.yaml \
-  --private-ca PRIVATE_CA_CONFIGMAP
+  --private-ca /path/to/private-ca-bundle
 ```
-Where `PRIVATE_CA_CONFIGMAP` is 
 
 ### Set IP Address Range for Pods and Services
 
 ```bash
 sudo ./my-app install --license license.yaml --cidr 172.16.136.0/16
 ```
+
+### Set Admin Console Password
+
+```bash
+sudo ./my-app install --license license.yaml --admin-console-password password
+```
+
+### Use a Specific Network Interface
+
+```bash
+sudo ./my-app install --license license.yaml --network-interface eno167777
+```