Merge remote-tracking branch 'refs/remotes/Microsoft/master'

articles/active-directory-domain-services/index.md

@@ -77,8 +77,7 @@ Azure AD Domain Services (DS) provides managed domain services such as domain jo
             </div>
         </div>
         </a>
-    </li>
-    <li>
+    </li>    
     <li>
         <a href="/azure/active-directory-domain-services/active-directory-ds-getting-started-enableaadds">
         <div class="cardSize">
@@ -97,6 +96,7 @@ Azure AD Domain Services (DS) provides managed domain services such as domain jo
         </div>
         </a>
     </li>
+    <li>
         <a href="/azure/active-directory-domain-services/active-directory-ds-getting-started-dns">
         <div class="cardSize">
             <div class="cardPadding">

articles/advisor/advisor-get-started.md

@@ -29,7 +29,7 @@ Learn how to access Advisor using the Azure portal, get recommendations, impleme
   ![Access Azure Advisor using the Azure portal](./media/advisor-overview/advisor-azure-portal-menu.png) 
 
 3. On the Advisor dashboard, select the subscription for which you’d like to receive recommendations. The Advisor dashboard displays personalized recommendations for a selected subscription. 
-4. To get recommendations for a particular category, click on one of the categories.
+4. To get recommendations for a particular category, click on one of the tabs - **High Availability**, **Security**, **Performance**, or **Cost**.
 
 > [!NOTE]
 > Azure Advisor generates recommendations for subscriptions where you are assigned the role of **Owner**, **Contributor**, or **Reader**.

articles/advisor/advisor-overview.md

@@ -31,13 +31,13 @@ With Azure Advisor, you can:
 
 You can access Advisor through the [Azure portal](https://aka.ms/azureadvisordashboard). Sign into the [portal](https://portal.azure.com), select **Browse**, and then scroll to **Azure Advisor**. The Advisor dashboard displays personalized recommendations for a selected subscription. The recommendations are divided into four categories. 
 
--   **High Availability** – to ensure and improve the continuity of your business-critical applications
+-   **High Availability** – to ensure and improve the continuity of your business-critical applications. For more information, see [Advisor High Availability recommendations](advisor-high-availability-recommendations.md).
 
--   **Security** – to detect threats and vulnerabilities that could lead to potential security breaches
+-   **Security** – to detect threats and vulnerabilities that could lead to potential security breaches. For more information, see [Advisor Security recommendations](advisor-security-recommendations.md).
 
--   **Performance** – to enhance the speed of your applications
+-   **Performance** – to enhance the speed of your applications. For more information, see [Advisor Performance recommendations](advisor-performance-recommendations.md).
 
--   **Cost** – to optimize and reduce your overall Azure spend
+-   **Cost** – to optimize and reduce your overall Azure spend. For more information, see [Advisor Cost recommendations](advisor-cost-recommendations.md).
 
   ![Advisor recommendation types](./media/advisor-overview/advisor-all-tab-examples.png)
 

articles/app-service-web/TOC.md

@@ -153,6 +153,7 @@
 ### [On-premises connections](web-sites-hybrid-connection-get-started.md)
 ### [Azure Virtual Network](web-sites-integrate-with-vnet.md)
 ### [Advanced configuration](web-sites-transform-extend.md)
+### [Configure container for App Service on Linux](app-service-linux-using-custom-docker-image.md)
 ### [Resource groups](app-service-move-resources.md)
 ### [Convert WordPress to Multisite](web-sites-php-convert-wordpress-multisite.md) 
 

articles/application-gateway/application-gateway-backend-ssl.md

@@ -18,7 +18,9 @@ ms.author: amsriva
 
 ---
 # Enabling SSL Policy and end to end SSL on Application Gateway
+
 ## Overview
+
 Application gateway supports SSL termination at the gateway, after which traffic typically flows unencrypted to the backend servers. This allows web servers to be unburdened from costly encryption/decryption overhead. However for some customers unencrypted communication to the backend servers is not an acceptable option. This could be due to security/compliance requirements or the application may only accept secure connection. For such applications, application gateway now supports end to end SSL encryption.
 
 End to end SSL allows you to securely transmit sensitive data to the backend encrypted still taking advantage of the benefits of Layer 7 load balancing features which application gateway provides, such as cookie affinity, URL-based routing, support for routing based on sites or ability to inject X-Forwarded-* headers.
@@ -30,16 +32,19 @@ When configured with end to end SSL communication mode, application gateway term
 In this example, requests using TLS1.2 are routed to backend servers in Pool1 using end to end SSL.
 
 ## End to end SSL and whitelisting of certificates
+
 Application gateway only communicates with known backend instances that have whitelisted their certificate with the application gateway. To enable whitelisting of certificates, you must upload the public key of backend server certificates to the application gateway (not the root certificate). Only connections to known and whitelisted backends are then allowed. The remaining backends results in a gateway error. Self-signed certificates are for test purposes only and not recommended for production workloads. Such certificates must also be whitelisted with the application gateway as described in the preceding steps before they can be used.
 
 ## Application Gateway SSL Policy
+
 Application gateway supports user configurable SSL negotiation policies, which allow customers more control over SSL connections at the application gateway.
 
 1. SSL 2.0 and 3.0 disabled by default for all Application Gateways. They are not configurable at all.
-2. SSL policy definition gives you option to disable any of the following 3 protocols - TLSv1\_0, TLSv1\_1, TLSv1\_2.
+2. SSL policy definition gives you option to disable any of the following 3 protocols - **TLSv1\_0**, **TLSv1\_1**, **TLSv1\_2**.
 3. If no SSL policy is defined all three (TLSv1\_0, TLSv1\_1, TLSv1_2) are enabled.
 
 ## Next steps
+
 After learning about end to end SSL and SSL policy, go to [enable end to end SSL on application gateway](application-gateway-end-to-end-ssl-powershell.md) to create an application gateway with ability to send traffic to backends in encrypted form.
 
 <!--Image references-->

articles/application-gateway/application-gateway-create-gateway-arm-template.md

@@ -14,11 +14,12 @@ ms.devlang: na
 ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: infrastructure-services
-ms.date: 11/10/2016
+ms.date: 11/16/2016
 ms.author: gwallace
 
 ---
 # Create an application gateway by using the Azure Resource Manager template
+
 > [!div class="op_single_selector"]
 > * [Azure portal](application-gateway-create-gateway-portal.md)
 > * [Azure Resource Manager PowerShell](application-gateway-create-gateway-arm.md)
@@ -37,6 +38,7 @@ You learn how to download and modify an existing Azure Resource Manager template
 If you are simply deploying the Azure Resource Manager template directly from GitHub without any changes, skip to deploy a template from GitHub.
 
 ## Scenario
+
 In this scenario you will:
 
 * Create an application gateway with two instances.
@@ -52,6 +54,7 @@ In this scenario you will:
 ![Scenario](./media/application-gateway-create-gateway-arm-template/scenario.png)
 
 ## Download and understand the Azure Resource Manager template
+
 You can download the existing Azure Resource Manager template to create a virtual network and two subnets from GitHub, make any changes you might want, and reuse it. To do so, use the following steps:
 
 1. Navigate to [Create Application Gateway](https://github.com/Azure/azure-quickstart-templates/tree/master/101-application-gateway-create).
@@ -118,6 +121,7 @@ You can download the existing Azure Resource Manager template to create a virtua
 6. Save the file. You can test the JSON template and parameter template by using online JSON validation tools like [JSlint.com](http://www.jslint.com/).
 
 ## Deploy the Azure Resource Manager template by using PowerShell
+
 If you have never used Azure PowerShell, see [How to install and configure Azure PowerShell](../powershell-install-configure.md) and follow the instructions to sign into Azure and select your subscription.
 
 ### Step 1
@@ -127,6 +131,7 @@ Login-AzureRmAccount
 ```
 
 ### Step 2
+
 Check the subscriptions for the account.
 
 ```powershell
@@ -136,13 +141,15 @@ Get-AzureRmSubscription
 You are prompted to authenticate with your credentials.
 
 ### Step 3
+
 Choose which of your Azure subscriptions to use.
 
 ```powershell
 Select-AzureRmSubscription -Subscriptionid "GUID of subscription"
 ```
 
 ### Step 4
+
 If needed, create a resource group by using the **New-AzureResourceGroup** cmdlet. In the following example, you create a resource group called AppgatewayRG in East US location.
 
 ```powershell
@@ -157,12 +164,15 @@ New-AzureRmResourceGroupDeployment -Name TestAppgatewayDeployment -ResourceGroup
 ```
 
 ## Deploy the Azure Resource Manager template by using the Azure CLI
+
 To deploy the Azure Resource Manager template you downloaded by using Azure CLI, follow the steps below:
 
 ### Step 1
+
 If you have never used Azure CLI, see [Install and configure the Azure CLI](../xplat-cli-install.md) and follow the instructions up to the point where you select your Azure account and subscription.
 
 ### Step 2
+
 Run the **azure config mode** command to switch to Resource Manager mode, as shown below.
 
 ```azurecli
@@ -176,6 +186,7 @@ info:    New mode is arm
 ```
 
 ### Step 3
+
 If necessary, run the **azure group create** command to create a new resource group, as shown below. Notice the output of the command. The list shown after the output explains the parameters used. For more information about resource groups, visit [Azure Resource Manager overview](../azure-resource-manager/resource-group-overview.md).
 
 ```azurecli
@@ -187,35 +198,43 @@ azure group create -n appgatewayRG -l eastus
 **-l (or --location)**. Azure region where the new resource group is created. For our scenario, it's *eastus*.
 
 ### Step 4
+
 Run the **azure group deployment create** cmdlet to deploy the new virtual network by using the template and parameter files you downloaded and modified above. The list shown after the output explains the parameters used.
 
 ```azurecli
 azure group deployment create -g appgatewayRG -n TestAppgatewayDeployment -f C:\ARM\azuredeploy.json -e C:\ARM\azuredeploy-parameters.json
 ```
 
 ## Deploy the Azure Resource Manager template by using click-to-deploy
+
 Click-to-deploy is another way to use Azure Resource Manager templates. It's an easy way to use templates with the Azure portal.
 
 ### Step 1
+
 Go to [Create an application gateway with public IP](https://azure.microsoft.com/documentation/templates/101-application-gateway-public-ip/).
 
 ### Step 2
+
 Click **Deploy to Azure**.
 
 ![Deploy to Azure](./media/application-gateway-create-gateway-arm-template/deploytoazure.png)
 
 ### Step 3
+
 Fill out the parameters for the deployment template on the portal and click **OK**.
 
 ![Parameters](./media/application-gateway-create-gateway-arm-template/ibiza1.png)
 
 ### Step 4
+
 Select **Legal terms** and click **Buy**.
 
 ### Step 5
+
 On the Custom deployment blade, click **Create**.
 
 ## Next steps
+
 If you want to configure SSL offload, see [Configure an application gateway for SSL offload](application-gateway-ssl.md).
 
 If you want to configure an application gateway to use with an internal load balancer, see [Create an application gateway with an internal load balancer (ILB)](application-gateway-ilb.md).