Merge pull request #1356 from qdrant/feat/bashofmann/cloud-docs-impro…

…vement-2

Cloud docs improvements

qdrant-landing/content/documentation/cloud/cluster-scaling.md

@@ -33,7 +33,7 @@ After that, you can configure, or change the amount of Qdrant database nodes wit
 
 Important: The number of shards means the maximum amount of nodes you can add to your cluster. In the beginning, all the shards can reside on one node. With the growing amount of data you can add nodes to your cluster and move shards to the dedicated nodes using the [cluster setup API](/documentation/guides/distributed_deployment/#cluster-scaling).
 
-Note, that it is currently not possible to horizontally scale down the cluster in the Qdrant Cloud UI. If you require a horizontal scale down, please open a support ticket.
+When scaling down horizontally, the cloud platform will automatically ensure that any shards that are present on the nodes to be deleted, are moved to the remaining nodes.
 
 We will be glad to consult you on an optimal strategy for scaling.
 

qdrant-landing/content/documentation/cloud/create-cluster.md

@@ -89,6 +89,10 @@ Once provisioned, you can access your cluster on ports 443 and 6333 (REST) and 6
 
 You should now see the new cluster in the **Clusters** menu.
 
+## Deleting a cluster
+
+You can delete a Qdrant database cluster from the cluster's detail page.
+
 ## Next steps
 
 You will need to connect to your new Qdrant Cloud cluster. Follow [**Authentication**](/documentation/cloud/authentication/) to create one or more API keys. 

qdrant-landing/content/documentation/hybrid-cloud/hybrid-cloud-cluster-creation.md

@@ -26,6 +26,8 @@ When creating or editing a cluster, you can configure how the database Pods get
 
 ### Authentication to your Qdrant clusters
 
+<aside role="alert">By default, clusters in Hybrid Cloud are only exposed through a Kubernetes ClusterIP Service inside of the Kubernetes network and not accessible to the outside, and no API key is configured. If you choose to expose the database internally or externally, you must configure an API key.</aside>
+
 In Hybrid Cloud the authentication information is provided by Kubernetes secrets.
 
 You can configure authentication for your Qdrant clusters in the "Configuration" section of the Qdrant Cluster detail page. There you can configure the Kubernetes secret name and key to be used as an API key and/or read-only API key.
@@ -136,6 +138,8 @@ Please refer to the Kubernetes, ingress controller and cloud provider documentat
 
 If you expose the database like this, you will be able to see this also reflected as an endpoint on the cluster detail page. And will see the Qdrant database dashboard link pointing to it.
 
+<aside role="alert">Internal communication channels are <strong>never</strong> protected by an API key nor bearer tokens. Internal gRPC uses port 6335. You must ensure that this port is not publicly reachable and can only be used for node communication. By default, Qdrant Hybrid Cloud deployes a strict NetworkPolicy to only allow communication on port 6335 between Qdrant Cluster nodes.</aside>
+
 ### Configuring TLS
 
 If you want to configure TLS for accessing your Qdrant database in Hybrid Cloud, there are two options:

qdrant-landing/content/documentation/private-cloud/qdrant-cluster-management.md

@@ -77,9 +77,13 @@ Examples:
 * [Azure AKS Public LoadBalancer annotations](https://learn.microsoft.com/en-us/azure/aks/load-balancer-standard)
 * [Azure AKS Internal LoadBalancer annotations](https://learn.microsoft.com/en-us/azure/aks/internal-lb)
 * [GCP GKE LoadBalancer annotations](https://cloud.google.com/kubernetes-engine/docs/concepts/service-load-balancer-parameters)
+* 
+<aside role="alert">Internal communication channels are <strong>never</strong> protected by an API key nor bearer tokens. Internal gRPC uses port 6335. You must ensure that this port is not publicly reachable and can only be used for node communication. By default, Qdrant Private Cloud deployes a strict NetworkPolicy to only allow communication on port 6335 between Qdrant Cluster nodes.</aside>
 
 ## Authentication and Authorization
 
+<aside role="alert">By default, clusters in Hybrid Cloud are only exposed through a Kubernetes ClusterIP Service inside of the Kubernetes network and not accessible to the outside, and no API key is configured. If you choose to expose the database internally or externally, you must configure an API key.</aside>
+
 Authentication information is provided by Kubernetes secrets.
 
 One way to create a secret is with kubectl: