Merge pull request #109277 from bhardesty/osd-cqa-fixes

CQA fixes for OSD architecture models

Author: EricPonvelle

architecture/osd-architecture-models-gcp.adoc

@@ -7,7 +7,7 @@ include::_attributes/attributes-openshift-dedicated.adoc[]
 toc::[]
 
 [role="_abstract"]
-With {product-title} on {GCP}, you can create clusters that are accessible over public or private networks.
+Understand the different cluster architecture models available for {product-title} on {GCP} to choose the deployment option that best fits your organization's networking and security requirements.
 
 include::modules/osd-gcp-architecture.adoc[leveloffset=+1]
 include::modules/osd-understanding-private-service-connect.adoc[leveloffset=+1]

modules/osd-gcp-architecture.adoc

@@ -7,14 +7,10 @@
 = Private {product-title} on {GCP} architecture on public and private networks
 
 [role="_abstract"]
-You can customize the access patterns for your API server endpoint and Red Hat SRE management by choosing one of the following network configuration types:
-
-* Private cluster with Private Service Connect (PSC).
-* Private cluster without PSC
-* Public cluster
+You can customize the access patterns for your API server endpoint and Red Hat Site Reliability Engineering (SRE) management by configuring a private cluster with Private Service Connect (PSC), a private cluster without PSC, or a public cluster.
 
 [IMPORTANT]
 ====
-Red Hat recommends using PSC when deploying a private {product-title} cluster on {GCP}. PSC ensures there is a secured, private connectivity between Red Hat infrastructure, Site Reliability Engineering (SRE), and private OpenShift clusters.
+Red Hat recommends using PSC when deploying a private {product-title} cluster on {GCP}. PSC ensures there is a secured, private connectivity between Red Hat infrastructure, SRE, and private OpenShift clusters.
 ====
 

modules/osd-private-architecture-model-gcp.adoc

@@ -4,7 +4,7 @@
 
 :_mod-docs-content-type: CONCEPT
 [id="osd-private-architecture-model_{context}"]
-= Private {product-title} on {GCP} without Private Service Connect (PSC) architecture model
+= Private {product-title} on {GCP} without Private Service Connect architecture model
 
 [role="_abstract"]
 With a private network configuration, your cluster API server endpoint and application routes are private. Private {product-title} on {gcp-short} clusters use some public subnets, but no control plane or worker nodes are deployed in public subnets.
@@ -17,5 +17,4 @@ Red Hat recommends using Private Service Connect (PSC) when deploying a private
 Red Hat SRE management access the cluster through a public load balancer endpoint that are restricted to Red Hat IPs. The API server endpoint is private. A separate Red Hat API server endpoint is public (but restricted to Red Hat trusted IP addresses). The default ingress controller can be public or private. The following image shows network connectivity of a private cluster without Private Service Connect (PSC).
 
 .{product-title} on {GCP} deployed on a private network without PSC
-image::484_b_Openshift_osd_gcp_private_no_psc_arch_0525.png[Private without PSC architecture model]
-
+image::484_b_Openshift_osd_gcp_private_no_psc_arch_0525.png[Architecture diagram of a private OpenShift Dedicated cluster on Google Cloud without Private Service Connect. The diagram shows a customer Google Cloud project divided into public and private networks. In the public network: developers and Red Hat management access the cluster via the Internet, a Red Hat API LB restricted to Red Hat IPs, and a Default Ingress LB. In the private network: an Internal API LB connects to three node types deployed across availability zones - Control plane nodes (x3) running apiserver, etcd, and controller; Worker nodes (xN) running compute and persistent storage; and Infra nodes (x2 or x3) running registry, router, and monitoring.]

modules/osd-private-psc-architecture-model-gcp.adoc

@@ -11,4 +11,4 @@ With a private {gcp-short} Private Service Connect (PSC) network configuration,
 Red Hat SRE management access the cluster over the {gcp-short} PSC-enabled private connectivity. The default ingress controller are private. Additional ingress controllers can be public or private. The following diagram shows network connectivity of a private cluster with PSC.
 
 .{product-title} on {GCP} deployed on a private network with PSC
-image::484_a_OpenShift_osd_gcp_private_psc_arch_0525.png[Private with PSC architecture model]
+image::484_a_OpenShift_osd_gcp_private_psc_arch_0525.png[Architecture diagram showing Developer and Red Hat Management connecting through Google Cloud Private Service Connect to a customer Google Cloud project private network. The network contains an Internal API load balancer and Default Ingress load balancer routing traffic to three node groups distributed across availability zones: Control plane nodes (x3) running apiserver, etcd, and controller; Worker nodes (xN) running compute and persistent storage; and Infra nodes (x2, x3) running registry, router, and monitoring.]

modules/osd-public-architecture-model-gcp.adoc

@@ -10,5 +10,4 @@
 With a public network configuration, your cluster API server endpoint and application routes are internet-facing. The default ingress controller can be public or private. The following image shows the network connectivity of a public cluster.
 
 .{product-title} on {GCP} deployed on a public network
-image::484_c_Openshift_osd_gcp_public_arch_0525.png[Public architecture model]
-
+image::484_c_Openshift_osd_gcp_public_arch_0525.png[Architecture diagram showing a customer Google Cloud project with public and private network layers. The public network contains an External API load balancer and Default Ingress load balancer, both accessible from the internet. The private network contains an Internal API load balancer connecting to three node types: Control plane nodes (x3) with apiserver, etcd, and controller components; Worker nodes (xN) with compute and persistent storage; and Infra nodes (x2, x3) with registry, router, and monitoring. All node groups are distributed across availability zones.]

modules/private-service-connect-psc-architecture.adoc

@@ -12,17 +12,17 @@ The Private Service Connect (PSC) architecture includes producer services and co
 
 The following image depicts how Red HAT SREs and other internal resources access and support clusters created using PSC.
 
-* A unique PSC service attachment is created for each OSD cluster in the customer {gcp-short} project. The PSC service attachment points to the cluster API server load balancer created in the customer {gcp-short} project.
+* A unique PSC service attachment is created for each {product-title} cluster in the customer {gcp-short} project. The PSC service attachment points to the cluster API server load balancer created in the customer {gcp-short} project.
 
-* Similar to service attachments, a unique PSC endpoint is created in the Red Hat Management {gcp-short} project for each OSD cluster.
+* Similar to service attachments, a unique PSC endpoint is created in the Red Hat Management {gcp-short} project for each {product-title} cluster.
 
 * A dedicated subnet for {gcp-short} Private Service Connect is created in the cluster’s network within the customer {gcp-short} project. This is a special subnet type where the producer services are published via PSC service attachments. This subnet is used to Source NAT (SNAT) incoming requests to the cluster API server. Additionally, the PSC subnet must be within the Machine CIDR range and cannot be used in more than one service attachment.
 
-* Red Hat internal resources and SREs access private OSD clusters using the connectivity between a PSC endpoint and service attachment. Even though the traffic transits multiple VPC networks, it remains entirely within {gcp-full}.
+* Red Hat internal resources and SREs access private {product-title} clusters using the connectivity between a PSC endpoint and service attachment. Even though the traffic transits multiple VPC networks, it remains entirely within {gcp-full}.
 
 * Access to PSC service attachments is possible only via the Red Hat Management project.
 
 .PSC architecture overview
-image::psc_arch_2.png[PSC architecture overview]
+image::psc_arch_2.png[Diagram showing a customer Google Cloud project with a PSC service attachment connected to a cluster API server load balancer, a dedicated PSC subnet, and a PSC endpoint in the Red Hat Management GCP project. Traffic flows from Red Hat internal resources through the PSC endpoint to the service attachment and cluster API server.]