Change tab indentations to space indentations

2026-05-20 20:05:21 +00:00 · 2022-09-13 17:23:20 +08:00
parent 76b33211be
commit efb87b2abd
65 changed files with 422 additions and 415 deletions
@@ -32,8 +32,8 @@ The Rancher API server is built on top of an embedded Kubernetes API server and

 ### Authorization and Role-Based Access Control

-  **User management:** The Rancher API server [manages user identities](../../pages-for-subheaders/about-authentication.md) that correspond to external authentication providers like Active Directory or GitHub, in addition to local users.
-	**Authorization:** The Rancher API server manages [access control](../../pages-for-subheaders/manage-role-based-access-control-rbac.md) and [security](../../how-to-guides/advanced-user-guides/authentication-permissions-and-global-configuration/create-pod-security-policies.md) policies.
+- **User management:** The Rancher API server [manages user identities](../../pages-for-subheaders/about-authentication.md) that correspond to external authentication providers like Active Directory or GitHub, in addition to local users.
+- **Authorization:** The Rancher API server manages [access control](../../pages-for-subheaders/manage-role-based-access-control-rbac.md) and [security](../../how-to-guides/advanced-user-guides/authentication-permissions-and-global-configuration/create-pod-security-policies.md) policies.

 ### Working with Kubernetes

@@ -15,35 +15,35 @@ You're ready to create your first Kubernetes [workload](https://kubernetes.io/do

 For this workload, you'll be deploying the application Rancher Hello-World.

-1.  From the **Clusters** page, open the cluster that you just created.
+1. From the **Clusters** page, open the cluster that you just created.

-2.  From the main menu of the **Dashboard**, select **Projects/Namespaces**.
+2. From the main menu of the **Dashboard**, select **Projects/Namespaces**.

-3.  Open the **Project: Default** project.
+3. Open the **Project: Default** project.

-4.  Click **Resources > Workloads.**
+4. Click **Resources > Workloads.**

-5.  Click **Deploy**.
+5. Click **Deploy**.

-	**Step Result:** The **Deploy Workload** page opens.
+    **Step Result:** The **Deploy Workload** page opens.

-6.  Enter a **Name** for your workload.
+6. Enter a **Name** for your workload.

-7.  From the **Docker Image** field, enter `rancher/hello-world`. This field is case-sensitive.
+7. From the **Docker Image** field, enter `rancher/hello-world`. This field is case-sensitive.

-8.  From **Port Mapping**, click **Add Port**.
+8. From **Port Mapping**, click **Add Port**.

-9.  From the **As a** drop-down, make sure that **NodePort (On every node)** is selected.
+9. From the **As a** drop-down, make sure that **NodePort (On every node)** is selected.

-	![As a dropdown, NodePort (On every node selected)](/img/nodeport-dropdown.png)
+    ![As a dropdown, NodePort (On every node selected)](/img/nodeport-dropdown.png)

 10.  From the **On Listening Port** field, leave the **Random** value in place.

-	![On Listening Port, Random selected](/img/listening-port-field.png)
+    ![On Listening Port, Random selected](/img/listening-port-field.png)

 11. From the **Publish the container port** field, enter port `80`.

-	![Publish the container port, 80 entered](/img/container-port-field.png)
+    ![Publish the container port, 80 entered](/img/container-port-field.png)

 12. Leave the remaining options on their default setting. We'll tell you about them later.

@@ -25,7 +25,7 @@ For this workload, you'll be deploying the application Rancher Hello-World.

 5.  Click **Deploy**.

-	**Step Result:** The **Deploy Workload** page opens.
+    **Step Result:** The **Deploy Workload** page opens.

 6.  Enter a **Name** for your workload.

@@ -14,40 +14,40 @@ If your organization uses FreeIPA for user authentication, you can configure Ran
 >- Create a service account in FreeIPA with `read-only` access. Rancher uses this account to verify group membership when a user makes a request using an API key.
 >- Read [External Authentication Configuration and Principal Users](../../../../../pages-for-subheaders/about-authentication.md#external-authentication-configuration-and-principal-users).

-1.  Sign into Rancher using a local user assigned the `administrator` role (i.e., the _local principal_).
+1. Sign into Rancher using a local user assigned the `administrator` role (i.e., the _local principal_).

-2.	From the **Global** view, select **Security > Authentication** from the main menu.
+2. From the **Global** view, select **Security > Authentication** from the main menu.

-3.	Select **FreeIPA**.
+3. Select **FreeIPA**.

-4.	Complete the **Configure an FreeIPA server** form.
+4. Complete the **Configure an FreeIPA server** form.

-	You may need to log in to your domain controller to find the information requested in the form.
+    You may need to log in to your domain controller to find the information requested in the form.

-	>**Using TLS?**
- 	>If the certificate is self-signed or not from a recognized certificate authority, make sure you provide the complete chain. That chain is needed to verify the server's certificate.
-	<br/>
-	<br/>
-	>**User Search Base vs. Group Search Base**
-	>
-	>Search base allows Rancher to search for users and groups that are in your FreeIPA.  These fields are only for search bases and not for search filters.
-	>
-	>* If your users and groups are in the same search base, complete only the User Search Base.
-	>* If your groups are in a different search base, you can optionally complete the Group Search Base. This field is dedicated to searching groups, but is not required.
+    >**Using TLS?**
+    >If the certificate is self-signed or not from a recognized certificate authority, make sure you provide the complete chain. That chain is needed to verify the server's certificate.
+    <br/>
+    <br/>
+    >**User Search Base vs. Group Search Base**
+    >
+    >Search base allows Rancher to search for users and groups that are in your FreeIPA.  These fields are only for search bases and not for search filters.
+    >
+    >* If your users and groups are in the same search base, complete only the User Search Base.
+    >* If your groups are in a different search base, you can optionally complete the Group Search Base. This field is dedicated to searching groups, but is not required.

-5.	If your FreeIPA deviates from the standard AD schema, complete the **Customize Schema** form to match it. Otherwise, skip this step.
+5. If your FreeIPA deviates from the standard AD schema, complete the **Customize Schema** form to match it. Otherwise, skip this step.

-	>**Search Attribute** The Search Attribute field defaults with three specific values: `uid|sn|givenName`. After FreeIPA is configured, when a user enters text to add users or groups, Rancher automatically queries the FreeIPA server and attempts to match fields by user id, last name, or first name. Rancher specifically searches for users/groups that begin with the text entered in the search field.
-	>
-	>The default field value `uid|sn|givenName`, but you can configure this field to a subset of these fields. The pipe (`|`) between the fields separates these fields.
-	>
-	> * `uid`: User ID
-	> * `sn`: Last Name
-	> * `givenName`: First Name
-	>
-	> With this search attribute, Rancher creates search filters for users and groups, but you *cannot* add your own search filters in this field.
+    >**Search Attribute** The Search Attribute field defaults with three specific values: `uid|sn|givenName`. After FreeIPA is configured, when a user enters text to add users or groups, Rancher automatically queries the FreeIPA server and attempts to match fields by user id, last name, or first name. Rancher specifically searches for users/groups that begin with the text entered in the search field.
+    >
+    >The default field value `uid|sn|givenName`, but you can configure this field to a subset of these fields. The pipe (`|`) between the fields separates these fields.
+    >
+    > * `uid`: User ID
+    > * `sn`: Last Name
+    > * `givenName`: First Name
+    >
+    > With this search attribute, Rancher creates search filters for users and groups, but you *cannot* add your own search filters in this field.

-6.	Enter your FreeIPA username and password in **Authenticate with FreeIPA** to confirm that Rancher is configured to use FreeIPA authentication.
+6. Enter your FreeIPA username and password in **Authenticate with FreeIPA** to confirm that Rancher is configured to use FreeIPA authentication.

 **Result:**

@@ -18,34 +18,34 @@ In environments using GitHub, you can configure Rancher to allow sign on using G

 4.	Follow the directions displayed to **Setup a GitHub Application**. Rancher redirects you to GitHub to complete registration.

-	>**What's an Authorization Callback URL?**
-	>
-	>The Authorization Callback URL is the URL where users go to begin using your application (i.e. the splash screen).
+    >**What's an Authorization Callback URL?**
+    >
+    >The Authorization Callback URL is the URL where users go to begin using your application (i.e. the splash screen).

-	>When you use external authentication, authentication does not actually take place in your application. Instead, authentication takes place externally (in this case, GitHub). After this external authentication completes successfully, the Authorization Callback URL is the location where the user re-enters your application.
+    >When you use external authentication, authentication does not actually take place in your application. Instead, authentication takes place externally (in this case, GitHub). After this external authentication completes successfully, the Authorization Callback URL is the location where the user re-enters your application.

 5. From GitHub, copy the **Client ID** and **Client Secret**. Paste them into Rancher.

-	>**Where do I find the Client ID and Client Secret?**
-	>
-	>From GitHub, select Settings > Developer Settings > OAuth Apps. The Client ID and Client Secret are displayed prominently.
+    >**Where do I find the Client ID and Client Secret?**
+    >
+    >From GitHub, select Settings > Developer Settings > OAuth Apps. The Client ID and Client Secret are displayed prominently.

 6.	Click **Authenticate with GitHub**.

 7.	Use the **Site Access** options to configure the scope of user authorization.

-	-	**Allow any valid Users**
+    - **Allow any valid Users**

-		_Any_ GitHub user can access Rancher. We generally discourage use of this setting!
+        _Any_ GitHub user can access Rancher. We generally discourage use of this setting!

-	-	**Allow members of Clusters, Projects, plus Authorized Users and Organizations**
+    - **Allow members of Clusters, Projects, plus Authorized Users and Organizations**

-		Any GitHub user or group added as a **Cluster Member** or **Project Member** can log in to Rancher. Additionally, any GitHub user or group you add to the **Authorized Users and Organizations** list may log in to Rancher.
+        Any GitHub user or group added as a **Cluster Member** or **Project Member** can log in to Rancher. Additionally, any GitHub user or group you add to the **Authorized Users and Organizations** list may log in to Rancher.

-	-	**Restrict access to only Authorized Users and Organizations**
+    - **Restrict access to only Authorized Users and Organizations**

-		Only GitHub users or groups added to the Authorized Users and Organizations can log in to Rancher.
-		<br/>
+        Only GitHub users or groups added to the Authorized Users and Organizations can log in to Rancher.
+        <br/>
 8.	Click **Save**.

 **Result:**
@@ -81,7 +81,7 @@ Using the Unique ID of the service account key, register it as an Oauth Client u

 1. Get the Unique ID of the key you just created. If it's not displayed in the list of keys right next to the one you created, you will have to enable it. To enable it, click **Unique ID** and click **OK.** This will add a **Unique ID** column to the list of service account keys. Save the one listed for the service account you created. NOTE: This is a numeric key, not to be confused with the alphanumeric field **Key ID.**

-	![Service account Unique ID](/img/Google-Select-UniqueID-column.png)
+    ![Service account Unique ID](/img/Google-Select-UniqueID-column.png)
 1. Go to the [**Manage OAuth Client Access** page.](https://admin.google.com/AdminHome?chromeless=1#OGX:ManageOauthClients)
 1. Add the Unique ID obtained in the previous step in the **Client Name** field.
 1. In the **One or More API Scopes** field, add the following scopes:
@@ -60,7 +60,7 @@ We recommend adding PSPs during cluster and project creation instead of adding i

 1.	From the **Global** view, select **Security** > **Pod Security Policies** from the main menu. Then click **Add Policy**.

-	**Step Result:** The **Add Policy** form opens.
+    **Step Result:** The **Add Policy** form opens.

 2. Name the policy.

@@ -33,25 +33,25 @@ Cluster administrators can edit the membership for a cluster, controlling which

 3. Search for the user or group that you want to add to the cluster.

- 	If external authentication is configured:
+    If external authentication is configured:

-	-  Rancher returns users from your [external authentication](../../../../pages-for-subheaders/about-authentication.md) source as you type.
+    - Rancher returns users from your [external authentication](../../../../pages-for-subheaders/about-authentication.md) source as you type.

-		>**Using AD but can't find your users?**
-		>There may be an issue with your search attribute configuration. See [Configuring Active Directory Authentication: Step 5](../../authentication-permissions-and-global-configuration/about-authentication/authentication-config/configure-active-directory.md).
+        >**Using AD but can't find your users?**
+        >There may be an issue with your search attribute configuration. See [Configuring Active Directory Authentication: Step 5](../../authentication-permissions-and-global-configuration/about-authentication/authentication-config/configure-active-directory.md).

-	- A drop-down allows you to add groups instead of individual users. The drop-down only lists groups that you, the logged in user, are part of.
+    - A drop-down allows you to add groups instead of individual users. The drop-down only lists groups that you, the logged in user, are part of.

-		>**Note:** If you are logged in as a local user, external users do not display in your search results. For more information, see [External Authentication Configuration and Principal Users](../../../../pages-for-subheaders/about-authentication.md#external-authentication-configuration-and-principal-users).
+        >**Note:** If you are logged in as a local user, external users do not display in your search results. For more information, see [External Authentication Configuration and Principal Users](../../../../pages-for-subheaders/about-authentication.md#external-authentication-configuration-and-principal-users).

 4. Assign the user or group **Cluster** roles.  

-	[What are Cluster Roles?](../../authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md)
+    [What are Cluster Roles?](../../authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md)

-	>**Tip:** For Custom Roles, you can modify the list of individual roles available for assignment.
-	>
-	> - To add roles to the list, [Add a Custom Role](../../authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/custom-roles.md).
-	> - To remove roles from the list, [Lock/Unlock Roles](../../authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/locked-roles.md).
+    >**Tip:** For Custom Roles, you can modify the list of individual roles available for assignment.
+    >
+    > - To add roles to the list, [Add a Custom Role](../../authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/custom-roles.md).
+    > - To remove roles from the list, [Lock/Unlock Roles](../../authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/locked-roles.md).

 **Result:** The chosen users are added to the cluster.

@@ -21,7 +21,7 @@ You can assign a pod security policy when you provision a cluster. However, if y

 4. From the **Default Pod Security Policy** drop-down, select the policy you want to apply to the cluster.

-	Rancher ships with [policies](../authentication-permissions-and-global-configuration/create-pod-security-policies.md#default-pod-security-policies) of `restricted` and `unrestricted`, although you can [create custom policies](../authentication-permissions-and-global-configuration/create-pod-security-policies.md#default-pod-security-policies) as well.
+    Rancher ships with [policies](../authentication-permissions-and-global-configuration/create-pod-security-policies.md#default-pod-security-policies) of `restricted` and `unrestricted`, although you can [create custom policies](../authentication-permissions-and-global-configuration/create-pod-security-policies.md#default-pod-security-policies) as well.

 5. Click **Save**.

@@ -27,17 +27,17 @@ Following project creation, you can add users as project members so that they ca

 3. Search for the user or group that you want to add to the project.

- 	If external authentication is configured:
+    If external authentication is configured:

-	-  Rancher returns users from your external authentication source as you type.
+    - Rancher returns users from your external authentication source as you type.

-	- A drop-down allows you to add groups instead of individual users. The dropdown only lists groups that you, the logged in user, are included in.
+    - A drop-down allows you to add groups instead of individual users. The dropdown only lists groups that you, the logged in user, are included in.

-	>**Note:** If you are logged in as a local user, external users do not display in your search results.
+    >**Note:** If you are logged in as a local user, external users do not display in your search results.

 1. Assign the user or group **Project** roles.

-	[What are Project Roles?](../authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md)
+    [What are Project Roles?](../authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md)

    >**Notes:**
    >
@@ -24,21 +24,21 @@ A restore is performed by creating a Restore custom resource.

    ```yaml
    apiVersion: resources.cattle.io/v1
-	kind: Restore
-	metadata:
-	  name: restore-migration
-	spec:
-	  backupFilename: backup-b0450532-cee1-4aa1-a881-f5f48a007b1c-2020-09-15T07-27-09Z.tar.gz
-	  encryptionConfigSecretName: encryptionconfig
-	  storageLocation:
-	    s3:
-	      credentialSecretName: s3-creds
-	      credentialSecretNamespace: default
-	      bucketName: rancher-backups
-	      folder: rancher
-	      region: us-west-2
-	      endpoint: s3.us-west-2.amazonaws.com
-      ```
+    kind: Restore
+    metadata:
+      name: restore-migration
+    spec:
+      backupFilename: backup-b0450532-cee1-4aa1-a881-f5f48a007b1c-2020-09-15T07-27-09Z.tar.gz
+      encryptionConfigSecretName: encryptionconfig
+      storageLocation:
+        s3:
+          credentialSecretName: s3-creds
+          credentialSecretNamespace: default
+          bucketName: rancher-backups
+          folder: rancher
+          region: us-west-2
+          endpoint: s3.us-west-2.amazonaws.com
+    ```

      For help configuring the Restore, refer to the [configuration reference](../../../reference-guides/backup-restore-configuration/restore-configuration.md) and to the [examples.](../../../reference-guides/backup-restore-configuration/examples.md)

@@ -112,11 +112,11 @@ The ability to use the same configuration to deploy the same application across

 2. For each override, you can select the following:

-	- **Scope**: Select which target projects you want to override the answer in the configuration option.
+    - **Scope**: Select which target projects you want to override the answer in the configuration option.

-	- **Question**: Select which question you want to override.
+    - **Question**: Select which question you want to override.

-	- **Answer**: Enter the answer that you want to be used instead.
+    - **Answer**: Enter the answer that you want to be used instead.

 ## Upgrading Multi-Cluster App Roles and Projects

@@ -135,7 +135,7 @@ Use Rancher to set up and configure your Kubernetes cluster.

 1. Use **Nodes** to provision each node in your cluster and choose a geographical region.

-	[Microsoft Documentation: How to create and use an SSH public and private key pair](https://docs.microsoft.com/en-us/azure/virtual-machines/linux/mac-create-ssh-keys)
+    [Microsoft Documentation: How to create and use an SSH public and private key pair](https://docs.microsoft.com/en-us/azure/virtual-machines/linux/mac-create-ssh-keys)
 <br/>
 1. Click **Create**.
 <br/>
@@ -139,7 +139,7 @@ Use Rancher to set up and configure your Kubernetes cluster.

 5. Either paste your service account private key in the **Service Account** text box or **Read from a file**. Then click **Next: Configure Nodes**.

-	>**Note:** After submitting your private key, you may have to enable the Google Kubernetes Engine API. If prompted, browse to the URL displayed in the Rancher UI to enable the API.
+    >**Note:** After submitting your private key, you may have to enable the Google Kubernetes Engine API. If prompted, browse to the URL displayed in the Rancher UI to enable the API.

 6. Select your cluster options, node options and security options. For help, refer to the [GKE Cluster Configuration Reference.](#gke-before-v2-5-8)
 9. Review your options to confirm they're correct. Then click **Create**.
@@ -27,10 +27,10 @@ ConfigMaps accept key value pairs in common string formats, like config files or

 1. Click **Save**.

-	>**Note:** Don't use ConfigMaps to store sensitive data [use a secret](secrets.md).
-	>
-	>**Tip:** You can add multiple key value pairs to the ConfigMap by copying and pasting.
-	>
+    >**Note:** Don't use ConfigMaps to store sensitive data [use a secret](secrets.md).
+    >
+    >**Tip:** You can add multiple key value pairs to the ConfigMap by copying and pasting.
+    >
    > ![](/img/bulk-key-values.gif)

 **Result:** Your ConfigMap is added to the namespace. You can view it in the Rancher UI from the **Resources > Config Maps** view.
@@ -84,22 +84,22 @@ Configuration of external authentication affects how principal users are managed

 1. Sign into Rancher as the local principal and complete configuration of external authentication.

-	![Sign In](/img/sign-in.png)
+    ![Sign In](/img/sign-in.png)

 2. Rancher associates the external principal with the local principal. These two users share the local principal's user ID.

-	![Principal ID Sharing](/img/principal-ID.png)
+    ![Principal ID Sharing](/img/principal-ID.png)

 3. After you complete configuration, Rancher automatically signs out the local principal.

-	![Sign Out Local Principal](/img/sign-out-local.png)
+    ![Sign Out Local Principal](/img/sign-out-local.png)

 4. Then, Rancher automatically signs you back in as the external principal.

-	![Sign In External Principal](/img/sign-in-external.png)
+    ![Sign In External Principal](/img/sign-in-external.png)

 5. Because the external principal and the local principal share an ID, no unique object for the external principal displays on the Users page.

-	![Sign In External Principal](/img/users-page.png)
+    ![Sign In External Principal](/img/users-page.png)

 6. The external principal and the local principal share the same access rights.
@@ -12,17 +12,17 @@ import TabItem from '@theme/TabItem';

 # Changes in v2.5.8

-   We now support private GKE clusters. Note: This advanced setup can require more steps during the cluster provisioning process. For details, see [this section.](../reference-guides/cluster-configuration/rancher-server-configuration/gke-cluster-configuration/gke-private-clusters.md)
-   [Shared VPCs](https://cloud.google.com/vpc/docs/shared-vpc) are now supported.
-   We now support more configuration options for Rancher managed GKE clusters:
-    -   Project
-    -   Network policy
-    -   Network policy config
-    -   Node pools and node configuration options:
-        -   More image types are available for the nodes
-        -   The maximum number of pods per node can be configured
-	-   Node pools can be added while configuring the GKE cluster
-   When provisioning a GKE cluster, you can now use reusable cloud credentials instead of using a service account token directly to create the cluster.
+- We now support private GKE clusters. Note: This advanced setup can require more steps during the cluster provisioning process. For details, see [this section.](../reference-guides/cluster-configuration/rancher-server-configuration/gke-cluster-configuration/gke-private-clusters.md)
+- [Shared VPCs](https://cloud.google.com/vpc/docs/shared-vpc) are now supported.
+- We now support more configuration options for Rancher managed GKE clusters:
+    - Project
+    - Network policy
+    - Network policy config
+    - Node pools and node configuration options:
+        - More image types are available for the nodes
+        - The maximum number of pods per node can be configured
+    - Node pools can be added while configuring the GKE cluster
+- When provisioning a GKE cluster, you can now use reusable cloud credentials instead of using a service account token directly to create the cluster.

 # Cluster Location

@@ -56,10 +56,10 @@ Clusters won't begin provisioning until all three node roles (worker, etcd and c

 7.	From **Node Role**, choose the roles that you want filled by a cluster node. You must provision at least one node for each role: `etcd`, `worker`, and `control plane`. All three roles are required for a custom cluster to finish provisioning. For more information on roles, see [this section.](../reference-guides/kubernetes-concepts.md#roles-for-nodes-in-kubernetes-clusters)

-	>**Notes:**
-	>
+    >**Notes:**
+    >
    >- Using Windows nodes as Kubernetes workers? See [this section](use-windows-clusters.md).
-	>- Bare-Metal Server Reminder: If you plan on dedicating bare-metal servers to each role, you must provision a bare-metal server for each role (i.e. provision multiple bare-metal servers).
+    >- Bare-Metal Server Reminder: If you plan on dedicating bare-metal servers to each role, you must provision a bare-metal server for each role (i.e. provision multiple bare-metal servers).

 8.	<a id="step-8"></a>**Optional**: Click **[Show advanced options](admin-settings/agent-options/)** to specify IP address(es) to use when registering the node, override the hostname of the node, or to add [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) or [taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) to the node.

@@ -67,7 +67,7 @@ Clusters won't begin provisioning until all three node roles (worker, etcd and c

 10. Log in to your Linux host using your preferred shell, such as PuTTy or a remote Terminal connection. Run the command copied to your clipboard.

-	>**Note:** Repeat steps 7-10 if you want to dedicate specific hosts to specific node roles. Repeat the steps as many times as needed.
+    >**Note:** Repeat steps 7-10 if you want to dedicate specific hosts to specific node roles. Repeat the steps as many times as needed.

 11. When you finish running the command(s) on your Linux host(s), click **Done**.

@@ -98,7 +98,7 @@ The following resources need to be tagged with a `ClusterID`:
 - **Subnet**: The subnet used for your cluster
 - **Security Group**: The security group used for your cluster.

-	>**Note:** Do not tag multiple security groups. Tagging multiple groups generates an error when creating Elastic Load Balancer.
+    >**Note:** Do not tag multiple security groups. Tagging multiple groups generates an error when creating Elastic Load Balancer.

 The tag that should be used is:

@@ -46,6 +46,6 @@ In order to delete cloud credentials, there must not be any node template associ
 1. From your user settings, select **User Avatar > Cloud Credentials**.
 1. You can either individually delete a cloud credential or bulk delete.

-	- To individually delete one, choose the cloud credential you want to edit and click the **&#8942; > Delete**.
-	- To bulk delete cloud credentials, select one or more cloud credentials from the list. Click **Delete**.
+    - To individually delete one, choose the cloud credential you want to edit and click the **&#8942; > Delete**.
+    - To bulk delete cloud credentials, select one or more cloud credentials from the list. Click **Delete**.
 1. Confirm that you want to delete these cloud credentials.
@@ -25,7 +25,10 @@ When you create a node template, it is bound to your user profile. Node template
 1. From your user settings, select **User Avatar > Node Templates**.
 1. Choose the node template that you want to edit and click the **&#8942; > Edit**.

-	   > **Note:** As of v2.2.0, the default `active` [node drivers](../../how-to-guides/advanced-user-guides/authentication-permissions-and-global-configuration/about-provisioning-drivers/manage-node-drivers.md) and any node driver, that has fields marked as `password`, are required to use [cloud credentials](../../pages-for-subheaders/use-new-nodes-in-an-infra-provider.md#cloud-credentials). If you have upgraded to v2.2.0, existing node templates will continue to work with the previous account access  information, but when you edit the node template, you will be required to create a cloud credential and the node template will start using it.
+    :::note
+    
+    As of v2.2.0, the default `active` [node drivers](../../how-to-guides/advanced-user-guides/authentication-permissions-and-global-configuration/about-provisioning-drivers/manage-node-drivers.md) and any node driver, that has fields marked as `password`, are required to use [cloud credentials](../../pages-for-subheaders/use-new-nodes-in-an-infra-provider.md#cloud-credentials). If you have upgraded to v2.2.0, existing node templates will continue to work with the previous account access  information, but when you edit the node template, you will be required to create a cloud credential and the node template will start using it.
+    :::

 1. Edit the required information and click **Save**.