spectrocloud · karl-cardenas-coding · Jul 6, 2023 · Jul 6, 2023 · Jul 6, 2023 · Jul 6, 2023
@@ -17,7 +17,7 @@ Canonical MAAS is an open-source tool that lets you discover, commission, deploy
 
 <br />
 
-- Palette integrates with MAAS through Spectro Cloud’s open source Cloud Native Computing Foundation (CNCF) [Cluster API provider](https://github.com/spectrocloud/cluster-api-provider-maas).
+- Palette integrates with MAAS through Spectro Cloud’s open-source Cloud Native Computing Foundation (CNCF) [Cluster API provider](https://github.com/spectrocloud/cluster-api-provider-maas).
 Refer to the table below
 
 
@@ -40,7 +40,7 @@ Refer to the table below
 
 # PCG Deployment Options
 
-You can deploy MaaS using the following deployment options.
+Palette can communicate with MAAS using the following deployment options.
 
 <br />
 
@@ -52,45 +52,43 @@ You can deploy MaaS using the following deployment options.
 
 ## Private Cloud Gateway
 
-Palette-deployed host clusters need to communicate with Palette throughout their entire lifecycle. When host clusters are deployed into private networks, accessing the Palette SaaS platform can be a challenge due to network restrictions. To address these network challenges, you can deploy a PCG and allow the PCG cluster to access the internet and receive inbound communication from the Palette SaaS platform. This solution lets you secure your private network by centralizing all Palette inbound communication with a dedicated instance. 
-
-All Palette deployed clusters will use the PCG cluster during the creation and deletion phase. Once a host cluster is available, the internal Palette agent will communicate with Palette directly. The Palette agent is the originator of all communication, so the network requests are outbound towards Palette. The exception is a host cluster creation or deletion request, as those requests are sourced from Palette SaaS and are directed to the PCG.   
+When a user wants to deploy a new cluster on a bare metal cloud using MAAS with Palette, Palette needs connectivity to MAAS. Often, MAAS is behind a firewall or a Network Address Translation (NAT) gateway, and Palette needs help to reach MAAS directly. 
 
- If your self-hosted Palette instance does not have access to your MAAS environment due to firewalls, separate isolated networks, or NAT blocking inbound traffic rules. You can deploy a PCG to address these challenges. The deployed PCG must have network access to the MAAS environment and the self-hosted Palette instances. 
+To address these network challenges, you can deploy a PCG. The PCG will maintain a connection to Palette and directly connect to MAAS. The direct communication channel allows Palette to create clusters using the PCG to facilitate communication with MAAS. The PCG also supports using a proxy server to access the internet if needed.
 
-  <br />
+Once Palette deploys clusters, the clusters require connectivity to Palette. The clusters communicate with Palette directly via an internet gateway, or if a proxy has been configured on the PCG, the clusters will inherit the proxy configuration. Deployed and active clusters maintain their connectivity with Palette. Any actions taken on these clusters using Palette will not require PCG's participation. This means that if the PCG becomes unavailable, any clusters that are currently deployed will remain operational and still be managed by Palette. 
 
+All Palette deployed clusters will use the PCG cluster during the creation and deletion phase. Once a host cluster is available, the internal Palette agent will communicate with Palette directly. The Palette agent inside each cluster is the originator of all communication, so the network requests are outbound toward Palette. The exception is a host cluster creation or deletion request, where the PCG must be involved because it needs to acquire and release machines provided by MAAS.
 
-## System Private Gateway
+Typically, the PCG is used with Palette SaaS. However, a PCG is also required if you have a self-hosted Palette instance and it does not have direct access to the MAAS environment. You can utilize the System Private Gateway if there is direct network connectivity access with the MAAS environment. Refer to the [System Private Gateway](/clusters/data-center/maas/architecture/#systemprivategateway) section to learn more.
 
+<br />
 
- Self-hosted Palette instances can communicate directly with the MAAS environment if both resources can access each other directly over the network. In this scenario, you can use the System Private Gateway. The System Private Gateway communicates directly with the MaaS environment. 
 
-  When registering a MAAS account with Palette, toggle on **Use System Private Gateway** to enable direct communication between Palette and MAAS. Refer to the [Register and Manage MAAS Cloud Account](/clusters/data-center/maas/register-manage-maas-cloud-accounts) guide to learn more.
+## System Private Gateway
 
-The following table explains the different use cases between PCG and System Private Gateway. 
+A System Private Gateway can be used if a self-hosted Palette instance can communicate directly with a MAAS installation. A System Private Gateway is a PCG service that is enabled inside the self-hosted Palette instance. 
 
 <br />
 
-| Scenario | Private Cloud Gateway | System Private Gateway |
-|-----------|----|----------------|
-| Connects to Palette SaaS. | ✅ | ❌ |
-| Connects to self-hosted Palette. | ✅ | ✅ |
-| Supports direct communication with MAAS. |  ❌ | ✅ |
-| Internet access required. |   ✅  | ❌ |
+<WarningBox>
 
+Only self-hosted Palette instances support the option of using the System Private Gateway. Use the default [PCG deployment](/clusters/data-center/maas/architecture/#privatecloudgateway) option if you have NAT gateways or network firewalls between Palette and MAAS.
 
-<br />
-
-- Connects to Palette SaaS: Defines if the PCG or the System PCG requires connectivity to the Palette SaaS environments.  
+</WarningBox>
 
+<br />
 
-- Connects to self-hosted Palette: If a PCG or a System PCG supports an architecture where it can communicate with a self-hosted Palette instance. 
+When registering a MAAS cloud account with Palette, toggle on **Use System Private Gateway** to enable direct communication between Palette and MAAS. Refer to the [Register and Manage MAAS Cloud Account](/clusters/data-center/maas/register-manage-maas-cloud-accounts) guide to learn more.
 
+The following table explains the different use cases for when a PCG and System Private Gateway are eligible.  
 
-- Supports direct communication with MAAS : If direct communication with the MaaS environment is supported without the need for an intermediary. Direct communication happens if both resources can directly access each other over the network. 
+<br />
 
+| Scenario | Use Private Cloud Gateway | Use System Private Gateway |
+|-----------|----|----------------|
+| Firewall or NAT between MAAS and a self-hosted Palette instance | ✅ | ❌ |
+| Direct connectivity between MAAS and a Palette instance | ✅ | ✅ |
 
-- Internet access required: If the component PCG or System PCG requires public internet access. 
 
-<br />
+<br />