NVIDIA · zvonkok · May 6, 2026 · Apr 30, 2026 · May 1, 2026 · May 1, 2026
diff --git a/confidential-containers/attestation.rst b/confidential-containers/attestation.rst
@@ -92,8 +92,7 @@ To enable attestation for your workloads, point them to the Trustee network endp
 
    io.katacontainers.config.hypervisor.kernel_params: "agent.aa_kbc_params=cc_kbc::http://<kbs-ip>:<kbs-port>"
 
-Replace ``<kbs-ip>`` and ``<kbs-port>`` with the IP address and port of your Trustee instance.
-The default KBS port is ``8080``.
+Replace ``<kbs-ip>`` with the IP address or hostname at which your Trustee instance is reachable from the worker nodes, and ``<kbs-port>`` with the port (default: ``8080``).
 
 Refer to the upstream `Setup Confidential Containers <https://confidentialcontainers.org/docs/attestation/coco-setup/>`_ documentation for more information on configuring workloads for attestation.
 

diff --git a/confidential-containers/confidential-containers-deploy.rst b/confidential-containers/confidential-containers-deploy.rst
diff --git a/confidential-containers/graphics/CoCo-Reference-Architecture-Dark.png b/confidential-containers/graphics/CoCo-Reference-Architecture-Dark.png
diff --git a/confidential-containers/graphics/CoCo-Reference-Architecture.png b/confidential-containers/graphics/CoCo-Reference-Architecture.png
diff --git a/confidential-containers/overview.rst b/confidential-containers/overview.rst
@@ -75,6 +75,10 @@ The key values of this architecture approach are:
 
 .. image:: graphics/CoCo-Reference-Architecture.png
    :alt: High-Level Reference Architecture for Confidential Containers
+   :class: only-light
+
+.. image:: graphics/CoCo-Reference-Architecture-Dark.png
+    :class: only-dark
 
 *High-Level Reference Architecture for Confidential Containers*
 
@@ -84,6 +88,7 @@ The components are described in more detail in the next section.
 
 .. _coco-supported-platforms-components:
 
+
 Software Components for Confidential Containers
 ===============================================
 
@@ -102,20 +107,24 @@ Deployment mechanism (often managed with Helm) that installs the Kata runtime bi
 
 Refer to the `Kata Containers documentation <https://katacontainers.io/docs/>`_ for more information.
 
+.. _coco-gpu-operator-components:
+
 **NVIDIA GPU Operator**
 
 Automates GPU lifecycle management.
 For Confidential Containers, it securely provisions GPU support and handles VFIO-based GPU passthrough directly into the Kata confidential Virtual Machine (VM) without breaking the hardware trust boundary.
 
-The GPU Operator deploys the components needed to run Confidential Containers to simplify managing the software required for confidential computing and deploying confidential container workloads.
-The GPU Operator uses node labels to manage the deployment of components to the nodes in your cluster.
+The GPU Operator deploys the components needed to run Confidential Containers to simplify managing the software required for confidential computing, managing the Confidential Computing mode on GPUs, and deploying confidential container workloads.
+The GPU Operator uses node labels to manage the deployment of components to the nodes in your cluster that should run Confidential Containers.
 These components include:
 
 * NVIDIA Confidential Computing Manager (cc-manager) for Kubernetes: Sets the confidential computing (CC) mode on the NVIDIA GPUs.
+  By default, the Confidential Computing Manager will transition all NVIDIA GPUs to the Confidential Computing mode, if they are not already in that mode.
 * NVIDIA Kata Sandbox Device Plugin: Creates host-side Container Device Interface (CDI) specifications for GPU passthrough and discovers NVIDIA GPUs along with their capabilities, advertises these to Kubernetes, and allocates GPUs during pod deployment.
+  Allocatable GPU resources are advertised as type ``nvidia.com/pgpu`` by default. 
 * NVIDIA VFIO Manager: Binds discovered NVIDIA GPUs and NVSwitches to the vfio-pci driver for VFIO passthrough.
 
-Refer to the :doc:`NVIDIA GPU Operator <gpuop:overview>` page for more information on the NVIDIA GPU Operator.
+Refer to the :doc:`NVIDIA GPU Operator <gpuop:overview>` documentation for more information on the NVIDIA GPU Operator or the :ref:`GPU Operator Cluster Topology Considerations <coco-gpu-operator-components>` section for more information on selecting nodes for Confidential Containers.
 
 **Node Feature Discovery (NFD)**
 
@@ -158,7 +167,6 @@ Depending on how you configure the Operator, different components are deployed o
 When setting up Confidential Containers support, you can configure all the worker nodes in your cluster for running GPU workloads with Confidential Containers, or you can configure some nodes for Confidential Containers and the others for traditional containers.
 This configuration is done through node labelling and configuration flags set during installation or by editing the ClusterPolicy object post installation.
 
-
 Consider the following example where node A is configured to run traditional containers and node B is configured to run confidential containers.
 
 .. list-table::

diff --git a/confidential-containers/release-notes.rst b/confidential-containers/release-notes.rst
@@ -32,7 +32,6 @@ This document describes the new features and known issues for the NVIDIA Confide
 =====
 
 This is the initial general availability (GA) release of the NVIDIA Confidential Containers Reference Architecture, a validated deployment model for running GPU-accelerated AI workloads inside hardware-enforced Trusted Execution Environments (TEEs).
-a validated deployment model for running GPU-accelerated AI workloads inside hardware-enforced Trusted Execution Environments (TEEs).
 It is designed for organizations in regulated industries that require strong isolation and cryptographic verification to protect model intellectual property and sensitive data on untrusted infrastructure.
 
 The architecture combines NVIDIA GPU Confidential Computing, Kata Containers, and the NVIDIA GPU Operator to provide a secure, attestable, Kubernetes-native platform for confidential AI workloads.
@@ -63,7 +62,7 @@ Key Features
   - Kubernetes 1.32+
   - Ubuntu 25.10 (host OS)
 
-* This release supports Red Hat OpenShift Sandboxed Containers 1.12.
+* This release has Technology Preview support for Red Hat OpenShift Sandboxed Containers 1.12.
 
 
 Limitations and Restrictions

diff --git a/confidential-containers/supported-platforms.rst b/confidential-containers/supported-platforms.rst
@@ -119,16 +119,17 @@ Supported Software Components
      - 1.32 \+
    * - `NVIDIA GPU Operator <https://docs.nvidia.com/datacenter/cloud-native/gpu-operator/latest/index.html>`__ and its components.
 
-       Refer to the :ref:`GPU Operator Component Matrix <operator-component-matrix>` for the list of components and versions included in each release.
+       Refer to the :ref:`GPU Operator Component Matrix <gpuop:operator-component-matrix>` for the list of components and versions included in each release.
      - v26.3.1 and higher
    * - `Kata Containers <https://katacontainers.io/>`__
      - 3.29 (installed with ``kata-deploy`` Helm chart)
    * - `Key Broker Service (KBS) protocol <https://confidentialcontainers.org/docs/attestation/>`__
      - 0.4.0
    * - `Kata Lifecycle Manager <https://github.com/kata-containers/lifecycle-manager>`__
      - 0.1.4
-   * - `Red Hat OpenShift Sandboxed Containers <https://docs.redhat.com/en/documentation/openshift_sandboxed_containers/1.12>`__
-     - 1.12
+
+Users may leverage `Red Hat OpenShift Sandboxed Containers <https://docs.redhat.com/en/documentation/openshift_sandboxed_containers/1.12>`__ to deploy Confidential Containers, however, Confidential GPU features are currently classified as Technology Preview by the downstream provider.
+