From 63ae0b03e6a0c927b21d6b48049ca162e429a069 Mon Sep 17 00:00:00 2001
From: Rin Oliver <roliver@macstadium.com>
Date: Mon, 11 May 2026 15:59:52 -0500
Subject: [PATCH] Clean up on-prem and AWS docs after 3.6 simplification

- Remove stale references to ECR image distribution and ARN-for-image-access
- Fix on-prem Ansible runner section: replace AWS/credentials language with GHCR
- Remove duplicate CodeBuild role step in AWS doc
- Fix whitespace and parameter descriptions around docker run commands

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .../orka-on-aws-getting-started.mdx             | 10 ++++------
 .../orka-on-prem-getting-started.mdx            | 17 +++++------------
 2 files changed, 9 insertions(+), 18 deletions(-)

diff --git a/orka/orka-on-aws-and-on-prem/orka-on-aws-getting-started.mdx b/orka/orka-on-aws-and-on-prem/orka-on-aws-getting-started.mdx
index d206545..ce8eaa9 100644
--- a/orka/orka-on-aws-and-on-prem/orka-on-aws-getting-started.mdx
+++ b/orka/orka-on-aws-and-on-prem/orka-on-aws-getting-started.mdx
@@ -100,7 +100,7 @@ We recommend that you deploy the Orka services to a distinct VPC and implement y
      1. Select the same region for the cluster as the one used for deploying the EC2 Mac nodes to avoid costly cross-region traffic.
      2. Deploy the cluster in private subnets only, as none of the Orka services need to be accessed from the Internet directly.
      3. Deploy at least two Linux worker nodes for resiliency and high availability.
-  3. **Note down the ARN of the**[**EKS Node IAM role**](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html)**.** This ARN is required by MacStadium to access the Orka service images.
+  3. **Note down the ARN of the**[**EKS Node IAM role**](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html)**.** MacStadium needs this ARN to configure EKS cluster admin access for the node.
   4. **Optional:**
      1. Set Cluster endpoint access to “Private” to restrict access to your cluster API from the Internet.
         1. This setting depends on your access needs. All Orka clients (CLI, integrations, etc.) must have connectivity to the cluster.
@@ -117,9 +117,9 @@ We recommend that you deploy the Orka services to a distinct VPC and implement y
 
 ### Setup a CodeBuild project to run Orka Installation into the EKS Cluster
 
-MacStadium recommends using CodeBuild to run Ansible and configure the EKS cluster. CodeBuild provides direct visibility to the cluster, alleviating networking concerns. You will need to supply MacStadium with the ARN for the role that has permission to pull the image. To set up a CodeBuild project as an Ansible runner:
+MacStadium recommends using CodeBuild to run Ansible and configure the EKS cluster. CodeBuild provides direct visibility to the cluster, alleviating networking concerns. To set up a CodeBuild project as an Ansible runner:
 
-  1. **Allow AWS to create the CodeBuild role for you. Note down the name and ARN of the role, as you will need to share it with MacStadium and modify it later.**
+  1. **Allow AWS to create the CodeBuild role for you. Note down the name and ARN of the role — you will need to share the ARN with MacStadium and modify the role later.**
   2. Select the following options:
      1. Project type - Default project
      2. Source - no source
@@ -130,9 +130,7 @@ MacStadium recommends using CodeBuild to run Ansible and configure the EKS clust
         4. Environment type - Linux Container
         5. Image registry - Other registry
            1. Under External registry URL, enter `ghcr.io/macstadium/orka-ansible-aws:<version_tag>` where `<version_tag>` is the Orka version.
-  3. Allow AWS to create the CodeBuild role for you.
-     1. Note down the name of the role, as you will need to modify it later.
-  4. (Optional) Set VPC, Subnets and security group to be used by CodeBuild. This is only needed if the EKS access is set to private. To do that:
+  3. (Optional) Set VPC, Subnets and security group to be used by CodeBuild. This is only needed if the EKS access is set to private. To do that:
      1. Click Additional Configuration
      2. Select the VPC where your cluster is deployed
      3. Select the subnets which EKS uses
diff --git a/orka/orka-on-aws-and-on-prem/orka-on-prem-getting-started.mdx b/orka/orka-on-aws-and-on-prem/orka-on-prem-getting-started.mdx
index 795bca1..b8b7adb 100644
--- a/orka/orka-on-aws-and-on-prem/orka-on-prem-getting-started.mdx
+++ b/orka/orka-on-aws-and-on-prem/orka-on-prem-getting-started.mdx
@@ -96,9 +96,7 @@ Orka Engine requires a valid license key to operate. To request a license key:
 
 ### Installing the Orka Cluster Services
 
-MacStadium distributes the Service Images needed to install Orka Cluster On Prem via AWS. As a result, the easiest way to perform an installation is to use some credentials that the MacStadium Support team will provide to gain access to the Ansible image with runners that are used to install.
-
-You will need an environment with outbound internet access to connect to AWS and download the installer (Ansible image). Ideally, this environment can also connect to the Kubernetes API and have admin access to the Kubernetes Cluster. If not, make sure to move the downloaded Ansible image to an environment with the appropriate connectivity and access.
+MacStadium provides the Orka Cluster Services installer as a public container image on GitHub Container Registry (GHCR). You will need an environment with outbound internet access to pull the Ansible image, connectivity to the Kubernetes API, and cluster admin access.
 
 1. Ensure the Ansible runner is set up correctly:
   1. The Ansible runner must have connectivity to the cluster API.
@@ -127,7 +125,7 @@ You will need an environment with outbound internet access to connect to AWS and
 ```
 docker run -it -v <kube_config_location>:/root/.kube/config -v ./cluster.yml:/ansible/group_vars/all/cluster.yml ghcr.io/macstadium/orka-ansible-onprem:<version_tag> bash
 ```
-where `<kube_config_location>` is the location of the kube config file on the host. Typically `~/.kube/config`. `cluster.yml` is the file created in the previous step. And `version_tag` is the Orka version you are installing (i.e 3.6.0).
+where `<kube_config_location>` is the path to your kubeconfig (typically `~/.kube/config`), `cluster.yml` is the file created in the previous step, and `<version_tag>` is the Orka version you are installing (e.g. `3.6.0`).
 
 4. Make sure you are in the `/ansible` directory
 5. You can now run the Ansible playbook:
@@ -200,20 +198,15 @@ To set up the Mac Nodes:
 ```
   4. Run the same Ansible image that was used to configure the Orka services:
 
-
-    
-    
 ```
 docker run -it -v <kube_config_location>:/root/.kube/config -v ./cluster.yml:/ansible/group_vars/all/cluster.yml -v ./nodes.yml:/ansible/group_vars/arm-nodes/nodes.yml -v ./hosts:/ansible/hosts -v <mac_ssh_key_location>:/root/.ssh/id_rsa ghcr.io/macstadium/orka-ansible-onprem:<version_tag> bash
 ```
-where `<mac_ssh_key_location>` is the location of the SSH key used to connect to the Mac nodes. And `version_tag` is the Orka version you are installing (i.e 3.6.0).
 
-  5. Ensure you are in the `/ansible` directory
-  6. Run the configuration playbook:
+where `<kube_config_location>` is the path to your kubeconfig (typically `~/.kube/config`), `<mac_ssh_key_location>` is the SSH key used to connect to the Mac nodes, and `<version_tag>` is the Orka version (e.g. `3.6.0`).
 
+  5. Ensure you are in the `/ansible` directory.
+  6. Run the configuration playbook:
 
-    
-    
 ```
 ansible-playbook configure-arm.yml -i hosts --ask-become-pass
 ```