From 7cf79d3c0322b73ed7c33dc52118aea983aae965 Mon Sep 17 00:00:00 2001
From: Eric Paulsen <ericpaulsen@coder.com>
Date: Thu, 25 Mar 2021 11:30:54 -0500
Subject: [PATCH 1/5] clarify network policy implementations

---
 setup/kubernetes/azure.md  | 3 +++
 setup/kubernetes/google.md | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/setup/kubernetes/azure.md b/setup/kubernetes/azure.md
index 48d4f2ef1..771d6dd8b 100644
--- a/setup/kubernetes/azure.md
+++ b/setup/kubernetes/azure.md
@@ -56,6 +56,9 @@ CLUSTER_NAME="<MY_CLUSTER_NAME>" SUBSCRIPTION="<MY_SUBSCRIPTION_SHA>"
 
 Create the Azure Kubernetes Service Cluster:
 
+**Note:** AKS has built-in support for the [Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke) network policy engine. It can only be enabled when the cluster is created. You can't
+enable Calico on an existing AKS cluster.
+
 ```console
 # You may have to run `az extension add --name aks-preview`
 #
diff --git a/setup/kubernetes/google.md b/setup/kubernetes/google.md
index 9d88907e6..f7b3d0ac7 100644
--- a/setup/kubernetes/google.md
+++ b/setup/kubernetes/google.md
@@ -18,6 +18,8 @@ The following will spin up a Kubernetes cluster using the `gcloud` command (be
 sure to replace the parameters (specifically `PROJECT_ID`,
 `NEW_CLUSTER_NAME`, and `ZONE`) as needed to reflect the needs of your environment).
 
+**Note:** By including `enable-network-policy` below, GKE will deploy [Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke) by default.
+
 ```console
 gcloud beta container --project "$PROJECT_ID" \
 clusters create "$NEW_CLUSTER_NAME" \

From 0ea0ef60b7525bdd00db17f3c6910f2c995e974f Mon Sep 17 00:00:00 2001
From: Eric Paulsen <ericpaulsen@coder.com>
Date: Thu, 25 Mar 2021 11:38:30 -0500
Subject: [PATCH 2/5] fix: lint

---
 setup/kubernetes/azure.md  | 4 ++--
 setup/kubernetes/google.md | 4 +++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/setup/kubernetes/azure.md b/setup/kubernetes/azure.md
index 771d6dd8b..4b3708115 100644
--- a/setup/kubernetes/azure.md
+++ b/setup/kubernetes/azure.md
@@ -56,8 +56,8 @@ CLUSTER_NAME="<MY_CLUSTER_NAME>" SUBSCRIPTION="<MY_SUBSCRIPTION_SHA>"
 
 Create the Azure Kubernetes Service Cluster:
 
-**Note:** AKS has built-in support for the [Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke) network policy engine. It can only be enabled when the cluster is created. You can't
-enable Calico on an existing AKS cluster.
+**Note:** AKS has built-in support for the [Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke) network policy engine. It can only be enabled when the
+cluster is created. You can't enable Calico on an existing AKS cluster.
 
 ```console
 # You may have to run `az extension add --name aks-preview`
diff --git a/setup/kubernetes/google.md b/setup/kubernetes/google.md
index f7b3d0ac7..86458158f 100644
--- a/setup/kubernetes/google.md
+++ b/setup/kubernetes/google.md
@@ -18,7 +18,9 @@ The following will spin up a Kubernetes cluster using the `gcloud` command (be
 sure to replace the parameters (specifically `PROJECT_ID`,
 `NEW_CLUSTER_NAME`, and `ZONE`) as needed to reflect the needs of your environment).
 
-**Note:** By including `enable-network-policy` below, GKE will deploy [Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke) by default.
+**Note:** By including `enable-network-policy` below, GKE will deploy
+[Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke)
+by default.
 
 ```console
 gcloud beta container --project "$PROJECT_ID" \

From ef6b8a7ebcd31b19cd95791bbc9b1da8b56c2766 Mon Sep 17 00:00:00 2001
From: Eric Paulsen <ericpaulsen@coder.com>
Date: Thu, 25 Mar 2021 11:53:48 -0500
Subject: [PATCH 3/5] let's try that again

---
 setup/kubernetes/azure.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/setup/kubernetes/azure.md b/setup/kubernetes/azure.md
index 4b3708115..0298e7f0a 100644
--- a/setup/kubernetes/azure.md
+++ b/setup/kubernetes/azure.md
@@ -56,8 +56,10 @@ CLUSTER_NAME="<MY_CLUSTER_NAME>" SUBSCRIPTION="<MY_SUBSCRIPTION_SHA>"
 
 Create the Azure Kubernetes Service Cluster:
 
-**Note:** AKS has built-in support for the [Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke) network policy engine. It can only be enabled when the
-cluster is created. You can't enable Calico on an existing AKS cluster.
+**Note:** AKS has built-in support for the
+[Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke)
+network policy engine. It can only be enabled when the cluster is created.
+You can't enable Calico on an existing AKS cluster.
 
 ```console
 # You may have to run `az extension add --name aks-preview`

From c58805b28572e671ecaeaa60419d94381a060a73 Mon Sep 17 00:00:00 2001
From: Katie Horne <katie@coder.com>
Date: Thu, 25 Mar 2021 14:14:47 -0500
Subject: [PATCH 4/5] Minor clarifications

---
 setup/kubernetes/azure.md  | 13 ++++++++-----
 setup/kubernetes/google.md |  8 ++++----
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/setup/kubernetes/azure.md b/setup/kubernetes/azure.md
index 0298e7f0a..b9847fadf 100644
--- a/setup/kubernetes/azure.md
+++ b/setup/kubernetes/azure.md
@@ -56,11 +56,6 @@ CLUSTER_NAME="<MY_CLUSTER_NAME>" SUBSCRIPTION="<MY_SUBSCRIPTION_SHA>"
 
 Create the Azure Kubernetes Service Cluster:
 
-**Note:** AKS has built-in support for the
-[Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke)
-network policy engine. It can only be enabled when the cluster is created.
-You can't enable Calico on an existing AKS cluster.
-
 ```console
 # You may have to run `az extension add --name aks-preview`
 #
@@ -83,6 +78,14 @@ az aks create \
   --network-policy "calico"
 ```
 
+> [AKS offers built-in
+support](https://docs.microsoft.com/en-us/azure/aks/use-network-policies#create-an-aks-cluster-and-enable-network-policy)
+for the
+[Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke)
+network policy engine. However, you can only choose Calico as your network
+policy option when you create the cluster; you cannot enable Calico on an
+existing cluster.
+
 This process might take some time (~5-20 minutes), but if you're successful,
 Azure returns a JSON object with your cluster information.
 
diff --git a/setup/kubernetes/google.md b/setup/kubernetes/google.md
index 86458158f..95b11d45c 100644
--- a/setup/kubernetes/google.md
+++ b/setup/kubernetes/google.md
@@ -18,10 +18,6 @@ The following will spin up a Kubernetes cluster using the `gcloud` command (be
 sure to replace the parameters (specifically `PROJECT_ID`,
 `NEW_CLUSTER_NAME`, and `ZONE`) as needed to reflect the needs of your environment).
 
-**Note:** By including `enable-network-policy` below, GKE will deploy
-[Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke)
-by default.
-
 ```console
 gcloud beta container --project "$PROJECT_ID" \
 clusters create "$NEW_CLUSTER_NAME" \
@@ -50,6 +46,10 @@ clusters create "$NEW_CLUSTER_NAME" \
    --max-nodes "8"
 ```
 
+> The example above includes the use of the `enable-network-policy` flag, which will
+result in the [creation of a Calico
+cluster](https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/calico-network-policy/).
+
 To create clusters capable of supporting use of the
 [CVMs](../../admin/environment-management/cvms.md) deployment option:
 

From 6cdde3dbe9317bd4af5c86fb5f87a1ddbf96ec0c Mon Sep 17 00:00:00 2001
From: Katie Horne <katie@coder.com>
Date: Thu, 25 Mar 2021 14:16:42 -0500
Subject: [PATCH 5/5] More clarifications

---
 setup/kubernetes/azure.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/setup/kubernetes/azure.md b/setup/kubernetes/azure.md
index b9847fadf..34daa41b8 100644
--- a/setup/kubernetes/azure.md
+++ b/setup/kubernetes/azure.md
@@ -82,9 +82,11 @@ az aks create \
 support](https://docs.microsoft.com/en-us/azure/aks/use-network-policies#create-an-aks-cluster-and-enable-network-policy)
 for the
 [Calico](https://docs.projectcalico.org/getting-started/kubernetes/managed-public-cloud/gke)
-network policy engine. However, you can only choose Calico as your network
-policy option when you create the cluster; you cannot enable Calico on an
-existing cluster.
+network policy engine, and you can opt-in by including the `--network-policy
+"calico"` flag.
+>
+> However, you can only choose Calico as your network policy option when you
+create the cluster; you cannot enable Calico on an existing cluster.
 
 This process might take some time (~5-20 minutes), but if you're successful,
 Azure returns a JSON object with your cluster information.