From ae371726de083fe65288ecc54f58f6f0007414a5 Mon Sep 17 00:00:00 2001
From: Karl Cardenas <karl@spectrocloud.com>
Date: Thu, 26 Oct 2023 07:51:30 -0700
Subject: [PATCH] docs: updated tabs order

---
 .../architecture/networking-ports.md          | 153 +++++++++++-------
 1 file changed, 91 insertions(+), 62 deletions(-)

diff --git a/docs/docs-content/architecture/networking-ports.md b/docs/docs-content/architecture/networking-ports.md
index 25c3e7d8cd..f39d35a828 100644
--- a/docs/docs-content/architecture/networking-ports.md
+++ b/docs/docs-content/architecture/networking-ports.md
@@ -4,6 +4,8 @@ title: "Network Communication and Ports"
 description: "Port-Direction-Purpose Management Platform and Workload Clusters"
 icon: ""
 hide_table_of_contents: false
+# toc_min_heading_level: 2
+toc_max_heading_level: 2
 sidebar_position: 20
 ---
 
@@ -12,11 +14,10 @@ Depending on what version of Palette you are using, the internal architecture an
 
 
 
-<Tabs queryString="networking-ports">
-<TabItem label="gRPC" value="gRPC" que>
-
 ## SaaS Network Communications and Ports
 
+<Tabs groupId="architecture">
+<TabItem label="gRPC" value="gRPC">
 
 
 
@@ -25,8 +26,25 @@ The following ports must be reachable from a network perspective for Palette Saa
 ![SaaS Network Diagram with ports](/architecture_networking-ports_saas-network-diagram-grpc.png "title=SaaS Network Diagram with ports")
 
 
+</TabItem>
+
+<TabItem label="NATS" value="nats">
+
+The following ports must be reachable from a network perspective for Palette SaaS to function correctly.
+
+![SaaS Network Diagram with ports](/architecture_networking-ports_saas-network-diagram-nats.png "title=SaaS Network Diagram with ports")
+
+
+</TabItem>
+
+</Tabs>
+
+
+### SaaS Managed With Edge
+
+<Tabs groupId="architecture">
+<TabItem label="gRPC" value="gRPC">
 
-#### SaaS Managed
 
 
 ![SaaS network diagram displaying the network paths for edge](/architecture_networking-ports_saas-network-diagram-edge-grpc.png)
@@ -34,16 +52,29 @@ The following ports must be reachable from a network perspective for Palette Saa
 
 
 
-:::caution
 
-NATS is deprecated and will be removed in a future release. Starting with Palette 4.0.0, gRPC is used for all communication between the management platform and the workload cluster.
+</TabItem>
 
-:::
+<TabItem label="NATS" value="nats">
+
+
+
+![SaaS network diagram displaying the network paths for edge](/architecture_networking-ports_saas-network-diagram-edge-nats.png)
+
+</TabItem>
+</Tabs>
 
 
+
+## Network Ports
+
 The following ports must be reachable from a network perspective for Palette to operate properly.
 
-## Management Platform
+<Tabs groupId="architecture">
+<TabItem label="gRPC" value="gRPC">
+
+
+### Management Platform
 
 |Port            |Direction|Purpose                   |    
 |:---------------|:---------|:-----------------------|
@@ -52,7 +83,7 @@ The following ports must be reachable from a network perspective for Palette to
 |NATS (tcp/4222) |INBOUND        |Agent running inside connecting to management platform [Deprecated]|
 
 
-## Workload Cluster
+### Workload Cluster
 
 
 |Port            |Direction | Purpose|
@@ -61,47 +92,34 @@ The following ports must be reachable from a network perspective for Palette to
 |HTTPS (tcp/443) |OUTBOUND | gRPC, Registry (packs, integrations), Pack containers, Application Updates|
 |NATS (tcp/4222) |OUTBOUND |Registry (packs, integrations), Pack containers, Application Updates [Deprecated]|
 
-:::info
-
-You can expose inbound port 22 for SSH if you would like to access your cluster nodes for troubleshooting remotely. This is entirely optional and not required for Palette to operate appropriately.
-
-:::
-
-
-## Self-Hosted Network Communications and Ports
-
-The following ports must be reachable from a network perspective for Palette self-hosted to function correctly.
-
-
-![On-prem network diagram](/architecture_networking-ports_on_prem_network-diagram-grpc.png "#title="network diagram")
-
 
 
 
-:::caution
+</TabItem>
 
-NATS is deprecated and will be removed in a future release. Starting with Palette 4.0.0, gRPC is used for all communication between the management platform and the workload cluster.
+<TabItem label="NATS" value="nats">
 
-:::
 
-## Management Platform
+### Management Platform
 
 |Port            |Direction|Purpose                   |    
 |:---------------|:---------|:-----------------------|
-|HTTPS (tcp/443) |INBOUND        |Browser/API access to management platform, gRPC|
-|NATS (tcp/4222) |INBOUND        |Message Bus for workload clusters [Deprecated]|
-|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API,  Registry (packs, integrations), Pack containers, app updates, gRPC|
-|HTTPS (tcp/6443)|OUTBOUND       |Workload K8s cluster API Server|
+|HTTPS (tcp/443) |INBOUND        |Browser/API access to management platform|
+|NATS (tcp/4222) |INBOUND        |Agent running inside connecting to management platform|
 
 
-## Workload Cluster
+### Workload Cluster
 
 
-|Port |Direction | Purpose|
+|Port            |Direction | Purpose|
 |:---------------|:---------|:--------------|
 |HTTPS (tcp/443) |OUTBOUND | API access to management platform|
-|NATS (tcp/4222) |OUTBOUND       |Agent communication via message bus. [Deprecated] |
-|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API, gRPC, Registry (packs, integrations), Pack containers, Application updates|
+|NATS (tcp/4222) |OUTBOUND       |Registry (packs, integrations), Pack containers, Application Updates|
+|NATS (tcp/4222) |OUTBOUND       |Registry (packs, integrations), Pack containers, Application Updates|
+
+
+</TabItem>
+</Tabs>
 
 :::info
 
@@ -110,59 +128,60 @@ You can expose inbound port 22 for SSH if you would like to access your cluster
 :::
 
 
+## Self-Hosted Network Communications and Ports
 
-</TabItem>
 
-<TabItem label="NATS" value="nats">
+<Tabs groupId="architecture">
+<TabItem label="gRPC" value="gRPC">
 
-## SaaS Network Communications and Ports
 
-The following ports must be reachable from a network perspective for Palette SaaS to function correctly.
+![On-prem network diagram](/architecture_networking-ports_on_prem_network-diagram-grpc.png "#title="network diagram")
 
-![SaaS Network Diagram with ports](/architecture_networking-ports_saas-network-diagram-nats.png "title=SaaS Network Diagram with ports")
+</TabItem>
 
+<TabItem label="NATS" value="nats">
 
+![On-prem network diagram](/architecture_networking-ports_on_prem_network-diagram-nats.png "#title="network diagram")
 
-#### SaaS Managed
 
+</TabItem>
+</Tabs>
 
-![SaaS network diagram displaying the network paths for edge](/architecture_networking-ports_saas-network-diagram-edge-nats.png)
+The following ports must be reachable from a network perspective for Palette self-hosted to function correctly.
 
 
-The following ports must be reachable from a network perspective for Palette to operate properly.
+<Tabs groupId="architecture">
+<TabItem label="gRPC" value="gRPC">
+
 
-## Management Platform
+### Management Platform
 
 |Port            |Direction|Purpose                   |    
 |:---------------|:---------|:-----------------------|
-|HTTPS (tcp/443) |INBOUND        |Browser/API access to management platform|
-|NATS (tcp/4222) |INBOUND        |Agent running inside connecting to management platform|
+|HTTPS (tcp/443) |INBOUND        |Browser/API access to management platform, gRPC|
+|NATS (tcp/4222) |INBOUND        |Message Bus for workload clusters [Deprecated]|
+|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API,  Registry (packs, integrations), Pack containers, app updates, gRPC|
+|HTTPS (tcp/6443)|OUTBOUND       |Workload K8s cluster API Server|
 
 
-## Workload Cluster
+### Workload Cluster
 
 
-|Port            |Direction | Purpose|
+|Port |Direction | Purpose|
 |:---------------|:---------|:--------------|
 |HTTPS (tcp/443) |OUTBOUND | API access to management platform|
-|NATS (tcp/4222) |OUTBOUND       |Registry (packs, integrations), Pack containers, Application Updates|
-|NATS (tcp/4222) |OUTBOUND       |Registry (packs, integrations), Pack containers, Application Updates|
-
-:::info
-
-You can expose inbound port 22 for SSH if you would like to access your cluster nodes for troubleshooting remotely. This is entirely optional and not required for Palette to operate appropriately.
+|NATS (tcp/4222) |OUTBOUND       |Agent communication via message bus. [Deprecated] |
+|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API, gRPC, Registry (packs, integrations), Pack containers, Application updates|
 
-:::
 
 
-## Self-Hosted Network Communications and Ports
+</TabItem>
 
-The following ports must be reachable from a network perspective for Palette self-hosted to function correctly.
+<TabItem label="NATS" value="nats">
 
 
-![On-prem network diagram](/architecture_networking-ports_on_prem_network-diagram-nats.png "#title="network diagram")
 
-## Management Platform
+### Management Platform
 
 |Port            |Direction|Purpose                   |    
 |:---------------|:---------|:-----------------------|
@@ -172,7 +191,7 @@ The following ports must be reachable from a network perspective for Palette sel
 |HTTPS (tcp/6443)|OUTBOUND       |Workload K8s cluster API Server|
 
 
-## Workload Cluster
+### Workload Cluster
 
 
 |Port |Direction | Purpose|
@@ -181,12 +200,22 @@ The following ports must be reachable from a network perspective for Palette sel
 |NATS (tcp/4222) |OUTBOUND       |Agent communication via message bus |
 |HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API, Registry (packs, integrations), Pack containers, Application updates.
 
+
+</TabItem>
+</Tabs>
+
+
 :::info
 
 You can expose inbound port 22 for SSH if you would like to access your cluster nodes for troubleshooting remotely. This is entirely optional and not required for Palette to operate appropriately.
 
 :::
 
-</TabItem>
-</Tabs>
+
+
+
+
+
+
+