diff --git a/content/rancher/v2.x/en/installation/air-gap-high-availability/install-kube/_index.md b/content/rancher/v2.x/en/installation/air-gap-high-availability/install-kube/_index.md
index 8a54cfc80e3..30695200b6e 100644
--- a/content/rancher/v2.x/en/installation/air-gap-high-availability/install-kube/_index.md
+++ b/content/rancher/v2.x/en/installation/air-gap-high-availability/install-kube/_index.md
@@ -17,28 +17,28 @@ Replace values in the code sample below with help of the _RKE Options_ table. Us
| Option | Required | Description |
| ------------------ | -------- | -------------------------------------------------------------------------------------- |
-| `address` | ✓ | The DNS or IP address for the node within the air gap network (don't use a public address). |
+| `address` | ✓ | The DNS or IP address for the node within the air gap network. |
| `user` | ✓ | A user that can run docker commands. |
| `role` | ✓ | List of Kubernetes roles assigned to the node. |
-| `internal_address` | | The private DNS or IP address used for internal cluster traffic. |
+| `internal_address` | optional1 | The DNS or IP address used for internal cluster traffic. |
| `ssh_key_path` | | Path to SSH private key used to authenticate to the node (defaults to `~/.ssh/id_rsa`). |
-> **Note:** Although this is an air gap configuration, we still recommend setting values for both `address` and `external address`. In this context, `address` refers to the IP address of the node within the air gap network, not a public address. `internal_address` is the IP address that your nodes use for intra-cluster communication. Some services like AWS EC2 require setting the `internal_address` if you want to use self-referencing security groups or firewalls.
+> 1 Some services like AWS EC2 require setting the `internal_address` if you want to use self-referencing security groups or firewalls.
```yaml
nodes:
-- address: 10.10.3.187 # node air gap network IP
+- address: 10.10.3.187 # node air gap network IP
internal_address: 172.31.7.22 # node intra-cluster IP
user: rancher
role: [ "controlplane", "etcd", "worker" ]
ssh_key_file: /home/user/.ssh/id_rsa
-- address: 10.10.3.254 # node air gap network IP
+- address: 10.10.3.254 # node air gap network IP
internal_address: 172.31.13.132 # node intra-cluster IP
user: rancher
role: [ "controlplane", "etcd", "worker" ]
ssh_key_file: /home/user/.ssh/id_rsa
-- address: 10.10.3.89 # node air gap network IP
+- address: 10.10.3.89 # node air gap network IP
internal_address: 172.31.3.216 # node intra-cluster IP
user: rancher
role: [ "controlplane", "etcd", "worker" ]
diff --git a/content/rancher/v2.x/en/installation/air-gap-high-availability/install-rancher/_index.md b/content/rancher/v2.x/en/installation/air-gap-high-availability/install-rancher/_index.md
index c5ec3257902..758758c3e73 100644
--- a/content/rancher/v2.x/en/installation/air-gap-high-availability/install-rancher/_index.md
+++ b/content/rancher/v2.x/en/installation/air-gap-high-availability/install-rancher/_index.md
@@ -4,12 +4,12 @@ weight: 400
aliases:
---
-## A. Add the Helm Chart Repository and Render Templates
+## A. Add the Helm Chart Repository
From a system that has access to the internet, render the installs and copy the resulting manifests to a system that has access to the Rancher server cluster.
-1. Initialize `helm` locally on a system that has internet access.
+1. If you haven't already, initialize `helm` locally on a system that has internet access.
```plain
helm init -c
@@ -28,15 +28,6 @@ From a system that has access to the internet, render the installs and copy the
helm fetch rancher-/rancher
```
-4. Render the template with the options you would use to install the chart. See [Install Rancher]({{< baseurl >}}/rancher/v2.x/en/installation/ha/helm-rancher/) for details on the various options. Remember to set the `rancherImage` option to pull the image from your private registry. This will create a `rancher` directory with the Kubernetes manifest files.
-
- ```plain
- helm template ./rancher-.tgz --output-dir . \
- --name rancher --namespace cattle-system \
- --set hostname= \
- --set rancherImage=/rancher/rancher
- ```
-
>Want additional options? Need help troubleshooting? See [High Availability Install: Advanced Options]({{< baseurl >}}/rancher/v2.x/en/installation/ha/helm-rancher/#advanced-configurations).
@@ -66,8 +57,6 @@ By default, Rancher generates a CA and uses cert manger to issue the certificate
helm fetch stable/cert-manager
```
- ```
-
1. Render the cert manager template with the options you would like to use to install the chart. Remember to set the `image.repository` option to pull the image from your private registry. This will create a `cert-manager` directory with the Kubernetes manifest files.
```plain
@@ -76,7 +65,7 @@ By default, Rancher generates a CA and uses cert manger to issue the certificate
--set image.repository=/quay.io/jetstack/cert-manager-controller
```
-1. Render the Rancher template with the options you would like to use to install the chart. Use the reference table below to replace each placeholder.
+1. Render the Rancher template, declaring your chosen options. Use the reference table below to replace each placeholder.
Placeholder | Description
------------|-------------
@@ -101,7 +90,7 @@ By default, Rancher generates a CA and uses cert manger to issue the certificate
> **Note:** The common name for the cert will need to match the `hostname` option or the ingress controller will fail to provision the site for Rancher.
-1. Render the Rancher template with the options you would like to use to install the chart. Use the reference table below to replace each placeholder.
+1. Render the Rancher template, declaring your chosen options. Use the reference table below to replace each placeholder.
Placeholder | Description
------------|-------------
@@ -121,12 +110,12 @@ By default, Rancher generates a CA and uses cert manger to issue the certificate
--set ingress.tls.source=secret \
```
-1. Now that Rancher is running, see [Adding TLS Secrets]({{< baseurl >}}/rancher/v2.x/en/installation/ha/helm-rancher/tls-secrets/) to publish the certificate files so Rancher and the ingress controller can use them.
+1. See [Adding TLS Secrets]({{< baseurl >}}/rancher/v2.x/en/installation/ha/helm-rancher/tls-secrets/) to publish the certificate files so Rancher and the ingress controller can use them.
{{% /accordion %}}
-## D. Copy and Apply Manifests
+## D. Install Rancher
-Copy the rendered manifest directories to a system that has access to the Rancher server cluster.
+Copy the rendered manifest directories to a system that has access to the Rancher server cluster to complete installation.
Use `kubectl` to create namespaces and apply the rendered manifests.
diff --git a/content/rancher/v2.x/en/installation/air-gap-high-availability/prepare-private-registry/_index.md b/content/rancher/v2.x/en/installation/air-gap-high-availability/prepare-private-registry/_index.md
index ab03a7cfa78..0dccd3b3818 100644
--- a/content/rancher/v2.x/en/installation/air-gap-high-availability/prepare-private-registry/_index.md
+++ b/content/rancher/v2.x/en/installation/air-gap-high-availability/prepare-private-registry/_index.md
@@ -22,28 +22,20 @@ Start by collecting all the images needed to install Rancher in an air gap envir
| `rancher-save-images.sh` | This script pulls all the images in the `rancher-images.txt` from Docker Hub and saves all of the images as `rancher-images.tar.gz`. |
| `rancher-load-images.sh` | This script loads images from the `rancher-images.tar.gz` file and pushes them to your private registry. |
-3. Use the three files above to populate `rancher-images.txt` with the images needed for installation.
- 1. Make `rancher-save-images.sh` an executable.
+1. Make `rancher-save-images.sh` an executable.
- ```
- chmod +x rancher-save-images.sh
- ```
+ ```
+ chmod +x rancher-save-images.sh
+ ```
- 1. Run `rancher-save-images.sh` with the `rancher-images.txt` image list to create a tarball of all the required images.
-
- ```plain
- ./rancher-save-images.sh --image-list ./rancher-images.txt
- ```
-
- **Step Result:** Docker begins pulling the images used for an air gap install. Be patient. This process takes a few minutes. When the process completes, your current directory will output a tarball named `rancher-images.tar.gz`.
-1. From the directory that contains the RKE binary, add RKE's images to `rancher-images.txt`.
+1. From the directory that contains the RKE binary, add RKE's images to `rancher-images.txt`, which is a list of all the files needed to install Rancher.
```
rke config --system-images >> ./rancher-images.txt
```
-1. **Self-Signed Certificate Users Only:** If you elect to use the Rancher default self-signed TLS certificates, you must add the [`cert-manager`](https://github.com/helm/charts/tree/master/stable/cert-manager) image to `rancher-images.txt` as well. You may skip to [B. Publish Images](#b-publish-images ) if you are using you using your own certificates.
+1. **Default Rancher Generated Self-Signed Certificate Users Only:** If you elect to use the Rancher default self-signed TLS certificates, you must add the [`cert-manager`](https://github.com/helm/charts/tree/master/stable/cert-manager) image to `rancher-images.txt` as well. You may skip to [B. Publish Images](#b-publish-images ) if you are using you using your own certificates.
1. Fetch the latest `cert-manager` Helm chart and parse the template for image details.
@@ -58,6 +50,14 @@ Start by collecting all the images needed to install Rancher in an air gap envir
sort -u rancher-images.txt -o rancher-images.txt
```
+1. Run `rancher-save-images.sh` with the `rancher-images.txt` image list to create a tarball of all the required images.
+
+ ```plain
+ ./rancher-save-images.sh --image-list ./rancher-images.txt
+ ```
+
+ **Step Result:** Docker begins pulling the images used for an air gap install. Be patient. This process takes a few minutes. When the process completes, your current directory will output a tarball named `rancher-images.tar.gz`. Check that the output is in the directory.
+
## B. Publish Images
@@ -65,20 +65,16 @@ Using a computer with access to the internet and your private registry, move the
>**Note:** Image publication may require up to 20GB of empty disk space.
+1. Log into your private registry if required.
-1. Push `rancher-load-images.sh`, `rancher-images.txt` and `rancher-images.tar.gz` to your private registry.
+ ```plain
+ docker login
+ ```
+1. Use `rancher-load-images.sh` to extract, tag and push `rancher-images.txt` and `rancher-images.tar.gz` to your private registry.
- 1. Log into your private registry if required.
-
- ```plain
- docker login
- ```
-
- 1. Use `rancher-load-images.sh` to extract, tag and push the images to your private registry.
-
- ```plain
- ./rancher-load-images.sh --image-list ./rancher-images.txt --registry
- ```
+ ```plain
+ ./rancher-load-images.sh --image-list ./rancher-images.txt --registry
+ ```
### [Next: Install Kubernetes with RKE]({{< baseurl >}}/rancher/v2.x/en/installation/air-gap-high-availability/install-kube/)
\ No newline at end of file
diff --git a/content/rancher/v2.x/en/installation/air-gap-high-availability/provision-hosts/_index.md b/content/rancher/v2.x/en/installation/air-gap-high-availability/provision-hosts/_index.md
index 209475a4f24..aa911439019 100644
--- a/content/rancher/v2.x/en/installation/air-gap-high-availability/provision-hosts/_index.md
+++ b/content/rancher/v2.x/en/installation/air-gap-high-availability/provision-hosts/_index.md
@@ -28,4 +28,9 @@ RKE, the installer that provisions your air gapped cluster, will configure an In
Configure a load balancer as a basic Layer 4 TCP forwarder. The exact configuration will vary depending on your environment.
+**Load Balancer Configuration Samples:**
+
+- [NGINX]({{< baseurl >}}/rancher/v2.x/en/installation/ha/create-nodes-lb/nginx)
+- [Amazon NLB]({{< baseurl >}}/rancher/v2.x/en/installation/ha/create-nodes-lb/nlb)
+
### [Next: Collect and Publish Image Sources]({{< baseurl >}}/rancher/v2.x/en/installation/air-gap-high-availability/prepare-private-registry/)
diff --git a/content/rancher/v2.x/en/installation/ha/helm-rancher/_index.md b/content/rancher/v2.x/en/installation/ha/helm-rancher/_index.md
index e5d6f3979cb..6e7646069f4 100644
--- a/content/rancher/v2.x/en/installation/ha/helm-rancher/_index.md
+++ b/content/rancher/v2.x/en/installation/ha/helm-rancher/_index.md
@@ -90,12 +90,6 @@ This option uses `cert-manager` to automatically request and renew [Let's Encryp
- Set `hostname` to the public DNS record, set `ingress.tls.source` to `letsEncrypt` and `letsEncrypt.email` to the email address used for communication about your certificate (for example, expiry notices)
-<<<<<<< HEAD
-
->**Using Air Gap?** [Set the `rancherImage` option]({{< baseurl >}}/rancher/v2.x/en/installation/air-gap-installation/install-rancher/#install-rancher-using-private-registry) in your command, pointing toward your private registry.
-
-=======
->>>>>>> removing air gap notes
```
helm install rancher-/rancher \
--name rancher \