nerc-project · Milstein · Mar 21, 2026 · Mar 19, 2026 · Mar 21, 2026
diff --git a/docs/openshift-ai/other-projects/serving-tgis-and-FLAN-T5-Model.md b/docs/openshift-ai/other-projects/serving-tgis-and-FLAN-T5-Model.md
@@ -18,7 +18,7 @@
 
 At a high level, we will:
 
--   Download a model from Huggingface
+-   Download a model from Hugging Face
 
 -   Deploy the model by using single-model serving with a serving runtime
 
@@ -338,4 +338,10 @@ in disconnected OpenShift AI environments involves the following steps:
 This process ensures that AI workloads run seamlessly in restricted or disconnected
 environments, allowing you to securely leverage validated and optimized AI models.
 
+!!! tip "Hugging Face Text Generation Inference (TGI) Standalone Setup"
+
+    Alternatively, you can set up Hugging Face Text Generation Inference (TGI)
+    directly in your OpenShift project instead of using RHOAI. For detailed setup
+    instructions and configuration, refer to the guide [here](https://github.com/nerc-project/llm-on-nerc/blob/main/llm-servers/hf-tgi/README.md).
+
 ---
diff --git a/docs/other-tools/mlflow/mlflow-server-setup.md b/docs/other-tools/mlflow/mlflow-server-setup.md
@@ -236,9 +236,20 @@ as shown below:
 
 !!! info "Very Important"
 
-    There are ways we can improve this setup - for example, by adding basic
-    authentication to the MLflow GUI to ensure that only authorized users can
-    access it.
+    There are ways we can improve this setup—for example, by adding basic
+    authentication to the MLflow GUI so that only authorized users can
+    access it. You can use the [`mlflow-with-oauth` branch](https://github.com/nerc-project/llm-on-nerc/tree/mlflow-with-oauth/mlflow) to enable MLflow with the
+    [OpenShift OAuth server](https://github.com/openshift/oauth-proxy).
+
+    Securing the MLflow interface is strongly recommended, especially in
+    multi-user or shared cluster environments. Without authentication,
+    experiment metadata, model artifacts, and potentially sensitive
+    configuration details may be visible to anyone who can reach the service
+    endpoint. By integrating with the OpenShift OAuth, you can rely on your
+    existing institutional identity and access controls, ensuring that only
+    approved users can log in, track experiments, and manage runs. This not
+    only improves security but also makes it easier to audit and attribute
+    changes to specific users.
 
 For more details, refer to this [documentation](https://github.com/nerc-project/llm-on-nerc/blob/main/mlflow/README.md).
 

diff --git a/docs/other-tools/postgres/postgres-cluster-setup.md b/docs/other-tools/postgres/postgres-cluster-setup.md
@@ -253,7 +253,13 @@ PostgreSQL database:
 -   **jdbc-uri**: A [PostgreSQL JDBC connection URI](https://jdbc.postgresql.org/documentation/use/)
     for connecting via a JDBC driver.
 
-### Connect via `psql` in the local Terminal
+### PostgreSQL Connection Methods
+
+These options describe different ways to connect to your PostgreSQL cluster, whether
+directly via the `psql` command-line tool, through a secure port-forwarding setup,
+or using a graphical interface like `pgAdmin` as explained below:
+
+#### Connect via `psql` in the local Terminal
 
 If you are on the same network as your PostgreSQL cluster, you can connect directly
 to it using the following command:
@@ -262,7 +268,7 @@ to it using the following command:
 psql $(oc get secrets hippo-pg-pguser-postgres -o go-template='{{.data.uri | base64decode}}')
 ```
 
-### Connect Using a Port-Forward
+#### Connect Using a Port-Forward
 
 To access PostgreSQL Cluster without public exposure, you can use port forwarding
 to the cluster's primary pod - on port `5432`:
@@ -290,7 +296,7 @@ PGDATABASE=$(oc get secrets "${PG_CLUSTER_USER_SECRET_NAME}" -o go-template='{{.
 psql -h localhost -p 5432
 ```
 
-### Connecting With `pgAdmin`
+#### Connecting With `pgAdmin`
 
 Crunchy Postgres for Kubernetes also provides a `pgAdmin` image for users who
 prefer working with a graphical user interface.
@@ -467,7 +473,12 @@ shown below:
 
 ![Connection Successful](images/pgadmin.png)
 
-### Deleting the `pgAdmin`
+### Cleanup Process
+
+These steps outline how to remove deployed PostgreSQL resources, including deleting
+the `pgAdmin` interface and removing the PostgreSQL cluster, as explained below:
+
+#### Deleting the `pgAdmin`
 
 If `pgAdmin` was created as a *PGAdmin* custom resource, you can delete it by running:
 
@@ -481,7 +492,7 @@ If `pgAdmin` was exposed with a *Route*, you can also delete the route:
 oc delete route route-pgadmin
 ```
 
-### Delete the Postgres Cluster
+#### Delete the Postgres Cluster
 
 There comes a time when it is necessary to delete your Postgres Cluster. If you
 have been following along with the example, you can delete your cluster by simply