Move /deploy node content to /datacenter 3.0 (#318)

* Move /deploy node content to /datacenter 3.0

* Move scale you cluster topics

* Fix up links in join-nodes topics

_data/toc.yaml

@@ -310,33 +310,6 @@ guides:
         title: Use the ZFS storage driver
       - path: /storage/storagedriver/vfs-driver/
         title: Use the VFS storage driver
-- sectiontitle: Deploy your app in production
-  section:
-    - path: /deploy/
-      title: Docker Enterprise Edition
-    - sectiontitle: Architecture
-      section:
-      - path: /deploy/architecture/docker-ee-architecture/
-        title: Docker EE architecture
-      - path: /deploy/architecture/-architecture/
-        title:  architecture
-      - path: /deploy/architecture/ucp-architecture/
-        title: UCP architecture
-    - sectiontitle: Deploy workloads
-      section:
-      - path: /deploy/deploy-workloads/deploy-kubernetes-workload/
-        title: Deploy a workload to a Kubernetes cluster
-      - path: /deploy/deploy-workloads/manage-and-deploy-private-images/
-        title: Manage and deploy private images
-    - sectiontitle: Install and configure
-      section:
-      - path: /deploy/install-and-configure/join-nodes-to-cluster/
-        title: Join nodes to your cluster
-      - path: /deploy/install-and-configure/join-windows-nodes-to-cluster/
-        title: Join Windows worker nodes to your cluster
-      - path: /deploy/install-and-configure/set-orchestrator-type/
-        title: Set the orchestrator type for a node
-
 - sectiontitle: Run your app in production
   section:
   - sectiontitle: Configure all objects
@@ -1521,7 +1494,9 @@ manuals:
   section:
   - path: /enterprise/
     title: About Docker EE
-  - path: /install/
+  - path: /enterprise/supported-platforms/
+    title: Supported platforms
+  - path: /engine/installation/
     title: Install Docker EE
     nosync: true
   - title: Try Docker EE (no install)
@@ -1540,12 +1515,16 @@ manuals:
     title: Backup Docker EE
   - path: /enterprise/upgrade/
     title: Upgrade Docker EE
+  - path: /enterprise/docker-ee-architecture/
+    title: Docker EE Architecture
+  - path: /enterprise/ucp-architecture/
+    title: UCP Architecture
+  - path: /enterprise/dtr-architecture/
+    title: DTR Architecture
   - sectiontitle: Universal Control Plane
     section:
     - path: /datacenter/ucp/3.0/guides/
       title: Universal Control Plane overview
-    - path: /datacenter/ucp/3.0/guides/architecture/
-      title: Architecture
     - sectiontitle: Administration
       section:
       - sectiontitle: Install
@@ -1572,8 +1551,6 @@ manuals:
           title: Add labels to cluster nodes
         - path: /datacenter/ucp/3.0/guides/admin/configure/add-sans-to-cluster/
           title: Add SANs to cluster certificates
-        - path: /datacenter/ucp/3.0/guides/admin/configure/join-windows-worker-nodes/
-          title: Join Windows worker nodes to a swarm
         - path: /datacenter/ucp/3.0/guides/admin/configure/integrate-with-dtr/
           title: Integrate with Docker Trusted Registry
         - path: /datacenter/ucp/3.0/guides/admin/configure/external-auth/
@@ -1586,24 +1563,32 @@ manuals:
           title: Restrict services to worker nodes
         - path: /datacenter/ucp/3.0/guides/admin/configure/run-only-the-images-you-trust/
           title: Run only the images you trust
-        - path: /datacenter/ucp/3.0/guides/admin/configure/scale-your-cluster/
-          title: Scale your cluster
         - path: /datacenter/ucp/3.0/guides/admin/configure/set-session-timeout/
           title: Set the user's session timeout
-        - path: /datacenter/ucp/3.0/guides/admin/configure/set-up-high-availability/
-          title: Set up high availability
         - path: /datacenter/ucp/3.0/guides/admin/configure/store-logs-in-an-external-system/
           title: Store logs in an external system
         - path: /datacenter/ucp/3.0/guides/admin/configure/ucp-configuration-file/
           title: UCP configuration file
-        - path: /datacenter/ucp/3.0/guides/admin/configure/use-a-load-balancer/
-          title: Use a load balancer
         - path: /datacenter/ucp/3.0/guides/admin/configure/use-node-local-network-in-swarm/
           title: Use a local node network in a swarm
         - path: /datacenter/ucp/3.0/guides/admin/configure/use-domain-names-to-access-services/
           title: Use domain names to access services
         - path: /datacenter/ucp/3.0/guides/admin/configure/use-your-own-tls-certificates/
           title: Use your own TLS certificates
+        - path: /datacenter/ucp/3.0/guides/admin/configure/manage-and-deploy-private-images/
+          title: Manage and deploy private images
+        - path: /datacenter/ucp/3.0/guides/admin/configure/set-orchestrator-type/
+          title: Set the orchestrator type for a node
+        - sectiontitle: Join nodes to your cluster
+          section:
+          - path: /datacenter/ucp/3.0/guides/admin/configure/join-nodes/
+            title: Set up high availability
+          - path: /datacenter/ucp/3.0/guides/admin/configure/join-nodes/join-linux-nodes-to-cluster/
+            title: Join nodes to your cluster
+          - path: /datacenter/ucp/3.0/guides/admin/configure/join-nodes/join-windows-nodes-to-cluster/
+            title: Join Windows worker nodes to your cluster
+          - path: /datacenter/ucp/3.0/guides/admin/configure/join-nodes/use-a-load-balancer/
+            title: Use a load balancer
       - sectiontitle: Monitor and troubleshoot
         section:
         - path: /datacenter/ucp/3.0/guides/admin/monitor-and-troubleshoot/
@@ -1700,6 +1685,8 @@ manuals:
           title: Deploy an app from the CLI
         - path: /datacenter/ucp/3.0/guides/user/services/deploy-stack-to-collection/
           title: Deploy application resources to a collection
+        - path: /datacenter/ucp/3.0/guides/user/services/deploy-kubernetes-workload/
+          title: Deploy a workload to a Kubernetes cluster
       - sectiontitle: Secrets
         section:
         - path: /datacenter/ucp/3.0/guides/user/secrets/

datacenter/ucp/3.0/guides/admin/configure/join-nodes/index.md

@@ -37,5 +37,5 @@ For production-grade deployments, follow these rules of thumb:
 
 ## Where to go next
 
-* [Scale your cluster](scale-your-cluster.md)
+* [Join nodes to your cluster](join-linux-nodes-to-cluster.md)
 * [Use a load balancer](use-a-load-balancer.md)

datacenter/ucp/3.0/guides/admin/configure/join-nodes/join-linux-nodes-to-cluster.md

@@ -1,23 +1,8 @@
 ---
-title: Join nodes to your cluster
-description: |
-  Learn how to scale a Docker Enterprise Edition cluster by adding manager and worker nodes.
+title: Join Linux nodes to your cluster
+description: Learn how to scale a Docker Enterprise Edition cluster by adding manager and worker nodes.
 keywords: Docker EE, UCP, cluster, scale, worker, manager
-ui_tabs:
-- version: ucp-3.0
-  orhigher: true
-- version: ucp-2.2
-  orlower: true  
-cli_tabs:
-- version: docker-cli-linux
-next_steps:
-- path: /deploy/install-and-configure/join-windows-nodes-to-cluster
-  title: Join Windows worker nodes to a cluster
-- path: /deploy/install-and-configure/set-orchestrator-type
-  title: Change the orchestrator for a node
 ---
-{% if include.ui %}
-{% if include.version=="ucp-3.0" %}
 
 Docker EE is designed for scaling horizontally as your applications grow in
 size and usage. You can add or remove nodes from the cluster to scale it
@@ -41,7 +26,7 @@ When you join a node to a cluster, you specify its role: manager or worker.
   Manager nodes also run all Docker EE components in a replicated way, so
   by adding additional manager nodes, you're also making the cluster highly
   available.
-  [Learn more about the Docker EE architecture.](../architecture/how-docker-ee-delivers-ha.md)
+  [Learn more about the Docker EE architecture.](/enterprise/docker-ee-architecture.md)
 
 - **Worker**: Worker nodes receive and execute your services and applications.
   Having multiple worker nodes allows you to scale the computing capacity of
@@ -66,7 +51,7 @@ To join nodes to the cluster, go to the Docker EE web UI and navigate to the
 4.  Check the **Use a custom listen address** option to specify the
     IP address that's advertised to all members of the cluster for API access.
 
-![](../images/join-nodes-to-cluster-2.png){: .with-border}
+![](../../../images/join-nodes-to-cluster-2.png){: .with-border}
 
 Copy the displayed command, use SSH to log in to the host that you want to
 join to the cluster, and run the `docker swarm join` command on the host.
@@ -77,7 +62,7 @@ To add a Windows node, click **Windows** and follow the instructions in
 After you run the join command in the node, the node is displayed on the
 **Nodes** page in the Docker EE web UI. From there, you can change the node's
 cluster configuration, including its assigned orchestrator type.
-[Learn how to change the orchestrator for a node](set-orchestrator-type.md).    
+[Learn how to change the orchestrator for a node](../set-orchestrator-type.md).    
 
 ## Pause or drain a node
 
@@ -98,7 +83,7 @@ Pause or drain a node from the **Edit Node** page:
 3.  In the **Availability** section, click **Active**, **Pause**, or **Drain**.  
 4.  Click **Save** to change the availability of the node.
 
-![](../images/join-nodes-to-cluster-3.png){: .with-border}
+![](../../../images/join-nodes-to-cluster-3.png){: .with-border}
 
 ## Promote or demote a node
 
@@ -155,20 +140,11 @@ the node to leave the cluster manually. To do this, connect to the target node
 through SSH and run `docker swarm leave --force` directly against the local
 Docker EE Engine.
 
-{% elsif include.version=="ucp-2.2" %}
-
-[Learn how to scale your cluster](/datacenter/ucp/2.2/guides/admin/configure/scale-your-cluster.md).
-
-{% endif %}
-{% endif %}
-
-{% if include.cli %}
+## Join nodes by using the CLI
 
 You can use the command line to join a node to a Docker EE cluster.
 To get the join token, run the following command on a manager node:
 
-{% if include.version=="docker-cli-linux" %}
-
 ```bash
 docker swarm join-token worker
 ```
@@ -216,6 +192,4 @@ the cluster.
 docker node rm <nodeID or hostname>
 ```
 
-{% endif %}
-{% endif %}
 

datacenter/ucp/3.0/guides/admin/configure/join-nodes/join-windows-nodes-to-cluster.md

@@ -2,9 +2,6 @@
 title: Join Windows worker nodes to your cluster
 description: Join worker nodes that are running on Windows Server 2016 to a Docker EE cluster.
 keywords: Docker EE, UCP, cluster, scale, worker, Windows
-next_steps:
-- path: /deploy/install-and-configure/set-orchestrator-type
-  title: Change the orchestrator for a node
 ---
 
 Docker Enterprise Edition supports worker nodes that run on Windows Server 2016.
@@ -108,7 +105,7 @@ provided by the Docker EE web UI and CLI.
 7.  Check the **Use a custom listen address** option to specify the
     IP address that's advertised to all members of the cluster for API access.
 
-    ![](../images/join-windows-nodes-to-cluster-1.png){: .with-border}
+    ![](../../../images/join-windows-nodes-to-cluster-1.png){: .with-border}
 
 Copy the displayed command. It looks similar to the following:
 

datacenter/ucp/3.0/guides/admin/configure/join-nodes/use-a-load-balancer.md

@@ -8,7 +8,7 @@ Once you've joined multiple manager nodes for high-availability, you can
 configure your own load balancer to balance user requests across all
 manager nodes.
 
-![](../../images/use-a-load-balancer-1.svg)
+![](../../../images/use-a-load-balancer-1.svg)
 
 This allows users to access UCP using a centralized domain name. If
 a manager node goes down, the load balancer can detect that and stop forwarding
@@ -212,4 +212,4 @@ docker run --detach \
 
 ## Where to go next
 
-* [Add labels to cluster nodes](add-labels-to-cluster-nodes.md)
+* [Add labels to cluster nodes](../add-labels-to-cluster-nodes.md)

datacenter/ucp/3.0/guides/admin/configure/join-windows-worker-nodes.md

@@ -1,220 +0,0 @@
----
-title: Join Windows worker nodes to a swarm
-description: Join worker nodes that are running on Windows Server 2016 to a swarm managed by UCP.
-keywords: UCP, swarm, Windows, cluster
----
-
-UCP supports worker nodes that run on Windows Server 2016. Only worker nodes
-are supported on Windows, and all manager nodes in the swarm must run on Linux.
-
-Follow these steps to enable a worker node on Windows.
-
-1.  Install UCP on a Linux distribution.
-2.  Install Docker Enterprise Edition (*Docker EE*) on Windows Server 2016.
-3.  Configure the Windows node.
-4.  Join the Windows node to the swarm.
-
-## Install UCP
-
-Install UCP on a Linux distribution.
-[Learn how to install UCP on production](../install/index.md).
-UCP requires Docker EE version 17.06 or later.
-
-## Install Docker EE on Windows Server 2016
-
-[Install Docker EE](/docker-ee-for-windows/install/#using-a-script-to-install-docker-ee)
-on a Windows Server 2016 instance to enable joining a swarm that's managed by
-UCP.
-
-## Configure the Windows node
-
-Follow these steps to configure the docker daemon and the Windows environment.
-
-1.  Pull the Windows-specific image of `ucp-agent`, which is named `ucp-agent-win`.
-2.  Run the Windows worker setup script provided with `ucp-agent-win`.
-3.  Join the swarm with the token provided by the UCP web UI.
-
-### Pull the Windows-specific images
-
-On a manager node, run the following command to list the images that are required
-on Windows nodes.
-
-```bash
-docker container run --rm {{ page.ucp_org }}/{{ page.ucp_repo }}:{{ page.ucp_version }} images --list --enable-windows
-{{ page.ucp_org }}/ucp-agent-win:{{ page.ucp_version }}
-{{ page.ucp_org }}/ucp-dsinfo-win:{{ page.ucp_version }}
-```
-
-On Windows Server 2016, in a PowerShell terminal running as Administrator,
-log in to Docker Hub with the `docker login` command and pull the listed images.
-
-```powershell
-docker image pull {{ page.ucp_org }}/ucp-agent-win:{{ page.ucp_version }}
-docker image pull {{ page.ucp_org }}/ucp-dsinfo-win:{{ page.ucp_version }}
-```
-
-### Run the Windows node setup script
-
-You need to open ports 2376 and 12376, and create certificates
-for the Docker daemon to communicate securely. Run this command:
-
-```powershell
-docker container run --rm {{ page.ucp_org }}/ucp-agent-win:{{ page.ucp_version }} windows-script | powershell -noprofile -noninteractive -command 'Invoke-Expression -Command $input'
-```
-
-> Docker daemon restart
->
-> When you run `windows-script`, the Docker service is unavailable temporarily.
-
-The Windows node is ready to join the swarm. Run the setup script on each
-instance of Windows Server that will be a worker node.
-
-### Compatibility with daemon.json
-
-The script may be incompatible with installations that use a config file at
-`C:\ProgramData\docker\config\daemon.json`. If you use such a file, make sure
-that the daemon runs on port 2376 and that it uses certificates located in
-`C:\ProgramData\docker\daemoncerts`. If certificates don't exist in this
-directory, run `ucp-agent-win generate-certs`, as shown in Step 2 of the
-[Set up certs for the dockerd service](#set-up-certs-for-the-dockerd-service)
-procedure.
-
-In the daemon.json file, set the `tlscacert`, `tlscert`, and `tlskey` options
-to the corresponding files in `C:\ProgramData\docker\daemoncerts`:
-
-```json
-{
-...
-		"debug":     true,
-		"tls":       true,
-		"tlscacert": "C:\ProgramData\docker\daemoncerts\ca.pem",
-		"tlscert":   "C:\ProgramData\docker\daemoncerts\cert.pem",
-		"tlskey":    "C:\ProgramData\docker\daemoncerts\key.pem",
-		"tlsverify": true,
-...
-}
-```
-
-## Join the Windows node to the swarm
-
-Now you can join the UCP cluster by using the `docker swarm join` command that's
-provided by the UCP web UI. [Learn to add nodes to your swarm](scale-your-cluster.md).
-The command looks similar to the following.
-
-```powershell
-docker swarm join --token <token> <ucp-manager-ip>
-```
-
-Run the `docker swarm join` command on each instance of Windows Server that
-will be a worker node.
-
-## Configure a Windows worker node manually
-
-The following sections describe how to run the commands in the setup script
-manually to configure the `dockerd` service and the Windows environment.
-The script opens ports in the firewall and sets up certificates for `dockerd`.
-
-To see the script, you can run the `windows-script` command without piping
-to the `Invoke-Expression` cmdlet.
-
-```powershell
-docker container run --rm {{ page.ucp_org }}/ucp-agent-win:{{ page.ucp_version }} windows-script
-```
-
-
-### Open ports in the Windows firewall
-
-UCP and Docker EE require that ports 2376 and 12376 are open for inbound
-TCP traffic.
-
-In a PowerShell terminal running as Administrator, run these commands
-to add rules to the Windows firewall.
-
-```powershell
-netsh advfirewall firewall add rule name="docker_local" dir=in action=allow protocol=TCP localport=2376
-netsh advfirewall firewall add rule name="docker_proxy" dir=in action=allow protocol=TCP localport=12376
-```
-
-### Set up certs for the dockerd service
-
-1.  Create the directory `C:\ProgramData\docker\daemoncerts`.
-2.  In a PowerShell terminal running as Administrator, run the following command
-    to generate certificates.
-
-    ```powershell
-    docker container run --rm -v C:\ProgramData\docker\daemoncerts:C:\certs {{ page.ucp_org }}/ucp-agent-win:{{ page.ucp_version }} generate-certs
-    ```
-
-3.  To set up certificates, run the following commands to stop and unregister the
-    `dockerd` service, register the service with the certificates, and restart the service.
-
-    ```powershell
-    Stop-Service docker
-    dockerd --unregister-service
-    dockerd -H npipe:// -H 0.0.0.0:2376 --tlsverify --tlscacert=C:\ProgramData\docker\daemoncerts\ca.pem --tlscert=C:\ProgramData\docker\daemoncerts\cert.pem --tlskey=C:\ProgramData\docker\daemoncerts\key.pem --register-service
-    Start-Service docker
-    ```
-
-The `dockerd` service and the Windows environment are now configured to join a UCP swarm.
-
-> **Tip:** If the TLS certificates aren't set up correctly, the UCP web UI shows the
-> following warning.
-
-```
-Node WIN-NOOQV2PJGTE is a Windows node that cannot connect to its local Docker daemon.
-```
-
-## Uninstall UCP from Windows Server
-
-The following steps return the Docker Engine to its original configuration:
-
-1. Unregister the docker service and register it again without the TLS
-   certificates:
-
-   ```powershell
-   Stop-Service docker
-   dockerd --unregister-service
-   dockerd -H npipe:// --register-service
-   Start-Service docker
-   ```
-
-2. Remove the `certs` directory for the docker service:
-
-   ```powershell
-   Remove-Item -Recurse C:\ProgramData\docker\daemoncerts
-   ```
-
-3. Remove the firewall rules:
-
-   ```powershell
-   netsh advfirewall firewall delete rule name="docker_2376_in"
-   netsh advfirewall firewall delete rule name="docker_12376_in"
-   netsh advfirewall firewall delete rule name="docker_2377_in"
-   netsh advfirewall firewall delete rule name="docker_4789_in"
-   netsh advfirewall firewall delete rule name="docker_4789_out"
-   netsh advfirewall firewall delete rule name="docker_7946_in"
-   netsh advfirewall firewall delete rule name="docker_7946_out"
-   ```
-
-## Windows nodes limitations
-
-Some features are not yet supported on Windows nodes:
-
-* Networking
-  * The swarm mode routing mesh can't be used on Windows nodes. You can expose
-  a port for your service in the host where it is running, and use the HTTP
-  routing mesh to make your service accessible using a domain name.
-  * Encrypted networks are not supported. If you've upgraded from a previous
-  version, you'll also need to recreate the `ucp-hrm` network to make it
-  unencrypted.
-* Secrets
-  * When using secrets with Windows services, Windows stores temporary secret
-  files on disk. You can use BitLocker on the volume containing the Docker
-  root directory to encrypt the secret data at rest.
-  * When creating a service which uses Windows containers, the options to
-  specify UID, GID, and mode are not supported for secrets. Secrets are
-  currently only accessible by administrators and users with system access
-  within the container.
-* Mounts
-  * On Windows, Docker can't listen on a Unix socket. Use TCP or a named pipe
-  instead.

datacenter/ucp/3.0/guides/admin/configure/manage-and-deploy-private-images.md

@@ -1,11 +1,7 @@
 ---
 title: Manage and deploy private images
-description: |
-  Learn how to push an image to Docker Trusted Registry and deploy it to a Kubernetes cluster managed by Docker Enterprise Edition.
+description: Learn how to push an image to Docker Trusted Registry and deploy it to a Kubernetes cluster managed by Docker Enterprise Edition.
 keywords: Docker EE, DTR, UCP, image, Kubernetes, orchestration, cluster
-next_steps:
-- path: /deploy/allow-creation-on-push
-  title: Allow users to create repositories when pushing
 ---
 
 Docker Enterprise Edition (EE) has its own image registry (DTR) so that
@@ -20,7 +16,7 @@ using the Kubernetes orchestrator.
 3.  In the **Installed DTRs** section, note the URL of your cluster's DTR
     instance.
 
-    ![](../images/manage-and-deploy-private-images-1.png){: .with-border}
+    ![](../../images/manage-and-deploy-private-images-1.png){: .with-border}
 
 4.  In a new browser tab, enter the URL to open the DTR web UI.
 
@@ -31,7 +27,7 @@ using the Kubernetes orchestrator.
     "wordpress".
 3.  Click **Save** to create the repository. 
 
-    ![](../images/manage-and-deploy-private-images-2.png){: .with-border}
+    ![](../../images/manage-and-deploy-private-images-2.png){: .with-border}
 
 ## Push an image to DTR
 
@@ -76,7 +72,7 @@ DTR instance.
 3.  Click **Images** to view the stored images.
 4.  Confirm that the `latest` tag is present.
 
-    ![](../images/manage-and-deploy-private-images-3.png){: .with-border}
+    ![](../../images/manage-and-deploy-private-images-3.png){: .with-border}
 
 You're ready to deploy the `wordpress:latest` image into production.
 
@@ -136,4 +132,4 @@ from outside the cluster.
     section. 
 7.  Click the URL to open the default WordPress home page.  
 
-    ![](../images/manage-and-deploy-private-images-4.png){: .with-border}
+    ![](../../images/manage-and-deploy-private-images-4.png){: .with-border}

datacenter/ucp/3.0/guides/admin/configure/set-orchestrator-type.md

@@ -1,22 +1,8 @@
 ---
 title: Set the orchestrator type for a node
-description: |
-  Learn how to specify the orchestrator for nodes in a Docker Enterprise Edition cluster.
+description: Learn how to specify the orchestrator for nodes in a Docker Enterprise Edition cluster.
 keywords: Docker EE, UCP, cluster, orchestrator
-ui_tabs:
-- version: ucp-3.0
-  orhigher: true
-cli_tabs:
-- version: docker-cli-linux
-next_steps:
-- path: /deploy/install-and-configure/join-nodes-to-cluster
-  title: Join nodes to your cluster
-- path: /deploy/install-and-configure/set-orchestrator-type
-  title: Change the orchestrator for a node
 ---
-{% if include.ui %}
-
-{% if include.version=="ucp-3.0" %}
 
 When you add a node to the cluster, the node's workloads are managed by a
 default orchestrator, either Docker Swarm or Kubernetes. When you install
@@ -48,7 +34,7 @@ Change a node's orchestrator type on the **Edit node** page:
     for the node.
 5.  Click **Save** to assign the node to the selected orchestrator.
 
-    ![](../images/change-orchestrator-for-node-1.png){: .with-border}
+    ![](../../images/change-orchestrator-for-node-1.png){: .with-border}
 
 ## What happens when you change a node's orchestrator
 
@@ -103,7 +89,7 @@ To set the orchestrator for new nodes:
     or **Kubernetes**.
 4.  Click **Save**.
     
-    ![](../images/join-nodes-to-cluster-1.png){: .with-border}
+    ![](../../images/join-nodes-to-cluster-1.png){: .with-border}
 
 From now on, when you join a node to the cluster, new workloads on the node
 are scheduled by the specified orchestrator type. Existing nodes in the cluster
@@ -127,17 +113,12 @@ avoid changing the orchestrator setting. If you do change the orchestrator for a
 node, your workloads are evicted, and you must deploy them again through the
 new orchestrator.
 
-{% endif %}
-{% endif %}
-
-{% if include.cli %}
+## Set the orchestrator by using the CLI
 
 Set the orchestrator on a node by assigning the orchestrator labels,
 `com.docker.ucp.orchestrator.swarm` or `com.docker.ucp.orchestrator.kubernetes`,
 to `true`.
 
-{% if include.version=="docker-cli-linux" %}
-
 To schedule Swarm workloads on a node:
 
 ```bash
@@ -195,6 +176,4 @@ The value can be `swarm` or `kubernetes`.
 
 [Learn to set up Docker EE by using a config file](UCP configuration file.md).
 
-{% endif %}
-{% endif %}
 

datacenter/ucp/3.0/guides/admin/install/index.md

@@ -144,4 +144,4 @@ same steps as before, but don't check the **Add node as a manager** option.
 ## Where to go next
 
 * [Use your own TLS certificates](../configure/use-your-own-tls-certificates.md)
-* [Scale your cluster](../configure/scale-your-cluster.md)
+* [Join nodes to your cluster](../configure/join-nodes/index.md)

datacenter/ucp/3.0/guides/admin/install/uninstall.md

@@ -51,4 +51,4 @@ UCP before the certificates expire or disable swarm mode by running
 
 ## Where to go next
 
-* [Scale your cluster](../configure/scale-your-cluster.md)
+* [Join nodes to your cluster](../configure/join-nodes/index.md)

datacenter/ucp/3.0/guides/architecture.md

@@ -1,152 +0,0 @@
----
-title: UCP architecture
-description: Learn about the architecture of Docker Universal Control Plane.
-keywords: ucp, architecture
----
-
-Universal Control Plane is a containerized application that runs on
-[Docker Enterprise Edition](/enterprise/index.md) and extends its functionality
-to make it easier to deploy, configure, and monitor your applications at scale.
-
-UCP also secures Docker with role-based access control so that only authorized
-users can make changes and deploy applications to your Docker cluster.
-
-![](images/architecture-1.svg)
-
-Once Universal Control Plane (UCP) instance is deployed, developers and IT
-operations no longer interact with Docker Engine directly, but interact with
-UCP instead. Since UCP exposes the standard Docker API, this is all done
-transparently, so that you can use the tools you already know and love, like
-the Docker CLI client and Docker Compose.
-
-
-## Under the hood
-
-Docker UCP leverages the clustering and orchestration functionality provided
-by Docker.
-
-![](images/architecture-2.svg)
-
-A swarm is a collection of nodes that are in the same Docker cluster.
-[Nodes](/engine/swarm/key-concepts.md) in a Docker swarm operate in one of two
-modes: Manager or Worker. If nodes are not already running in a swarm when
-installing UCP, nodes will be configured to run in swarm mode.
-
-When you deploy UCP, it starts running a globally scheduled service called
-`ucp-agent`. This service monitors the node where it's running and starts
-and stops UCP services, based on whether the node is a
-[manager or a worker node](/engine/swarm/key-concepts.md).
-
-If the node is a:
-
-* **Manager**: the `ucp-agent` service automatically starts serving all UCP
-  components, including the UCP web UI and data stores used by UCP. The
-  `ucp-agent` accomplishes this by
-  [deploying several containers](#ucp-components-in-manager-nodes)
-  on the node. By promoting a node to manager, UCP automatically becomes
-  highly available and fault tolerant.
-* **Worker**: on worker nodes, the `ucp-agent` service starts serving a proxy
-  service that ensures only authorized users and other UCP services can run
-  Docker commands in that node. The `ucp-agent` deploys a
-  [subset of containers](#ucp-components-in-worker-nodes) on worker nodes.
-
-## UCP internal components
-
-The core component of UCP is a globally-scheduled service called `ucp-agent`.
-When you install UCP on a node, or join a node to a swarm that's being managed
-by UCP, the `ucp-agent` service starts running on that node.
-
-Once this service is running, it deploys containers with other UCP components,
-and it ensures they keep running. The UCP components that are deployed
-on a node depend on whether the node is a manager or a worker.
-
-> OS-specific component names
->
-> Some UCP component names depend on the node's operating system. For example,
-> on Windows, the `ucp-agent` component is named `ucp-agent-win`.
-> [Learn about architecture-specific images](admin/install/architecture-specific-images.md).
-
-### UCP components in manager nodes
-
-Manager nodes run all UCP services, including the web UI and data stores that
-persist the state of UCP. These are the UCP services running on manager nodes:
-
-|    UCP component    |                                                                                                                             Description                                                                                                                              |
-| :------------------ | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| ucp-agent           | Monitors the node and ensures the right UCP services are running                                                                                                                                                                                                     |
-| ucp-reconcile       | When ucp-agent detects that the node is not running the right UCP components, it starts the ucp-reconcile container to converge the node to its desired state. It is expected for the ucp-reconcile container to remain in an exited state when the node is healthy. |
-| ucp-auth-api        | The centralized service for identity and authentication used by UCP and DTR                                                                                                                                                                                          |
-| ucp-auth-store      | Stores authentication configurations and data for users, organizations, and teams                                                                                                                                                                                    |
-| ucp-auth-worker     | Performs scheduled LDAP synchronizations and cleans authentication and authorization data                                                                                                                                                                            |
-| ucp-client-root-ca  | A certificate authority to sign client bundles                                                                                                                                                                                                                       |
-| ucp-cluster-root-ca | A certificate authority used for TLS communication between UCP components                                                                                                                                                                                            |
-| ucp-controller      | The UCP web server                                                                                                                                                                                                                                                   |
-| ucp-dsinfo          | Docker system information collection script to assist with troubleshooting                                                                                                                                                                                           |
-| ucp-kv              | Used to store the UCP configurations. Don't use it in your applications, since it's for internal use only                                                                                                                                                            |
-| ucp-metrics         | Used to collect and process metrics for a node, like the disk space available                                                                                                                                                                                        |
-| ucp-proxy           | A TLS proxy. It allows secure access to the local Docker Engine to UCP components                                                                                                                                                                                    |
-| ucp-swarm-manager   | Used to provide backwards-compatibility with Docker Swarm                                                                                                                                                                                                            |
-
-### UCP components in worker nodes
-
-Worker nodes are the ones where you run your applications. These are the UCP
-services running on worker nodes:
-
-| UCP component |                                                                                                                             Description                                                                                                                              |
-| :------------ | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| ucp-agent     | Monitors the node and ensures the right UCP services are running                                                                                                                                                                                                     |
-| ucp-dsinfo    | Docker system information collection script to assist with troubleshooting                                                                                                                                                                                           |
-| ucp-reconcile | When ucp-agent detects that the node is not running the right UCP components, it starts the ucp-reconcile container to converge the node to its desired state. It is expected for the ucp-reconcile container to remain in an exited state when the node is healthy. |
-| ucp-proxy     | A TLS proxy. It allows secure access to the local Docker Engine to UCP components                                                                                                                                                                                    |
-
-## Volumes used by UCP
-
-Docker UCP uses these named volumes to persist data in all nodes where it runs:
-
-| Volume name                 | Description                                                                              |
-|:----------------------------|:-----------------------------------------------------------------------------------------|
-| ucp-auth-api-certs          | Certificate and keys for the authentication and authorization service                    |
-| ucp-auth-store-certs        | Certificate and keys for the authentication and authorization store                      |
-| ucp-auth-store-data         | Data of the authentication and authorization store, replicated across managers           |
-| ucp-auth-worker-certs       | Certificate and keys for authentication worker                                           |
-| ucp-auth-worker-data        | Data of the authentication worker                                                        |
-| ucp-client-root-ca          | Root key material for the UCP root CA that issues client certificates                    |
-| ucp-cluster-root-ca         | Root key material for the UCP root CA that issues certificates for swarm members         |
-| ucp-controller-client-certs | Certificate and keys used by the UCP web server to communicate with other UCP components |
-| ucp-controller-server-certs | Certificate and keys for the UCP web server running in the node                          |
-| ucp-kv                      | UCP configuration data, replicated across managers                                      |
-| ucp-kv-certs                | Certificates and keys for the key-value store                                            |
-| ucp-metrics-data            | Monitoring data gathered by UCP                                                          |
-| ucp-metrics-inventory       | Configuration file used by the ucp-metrics service                                       |
-| ucp-node-certs              | Certificate and keys for node communication                                              |
-
-
-You can customize the volume driver used for these volumes, by creating
-the volumes before installing UCP. During the installation, UCP checks which
-volumes don't exist in the node, and creates them using the default volume
-driver.
-
-By default, the data for these volumes can be found at
-`/var/lib/docker/volumes/<volume-name>/_data`.
-
-## How you interact with UCP
-
-There are two ways to interact with UCP: the web UI or the CLI.
-
-You can use the UCP web UI to manage your swarm, grant and revoke user
-permissions, deploy, configure, manage, and monitor your applications.
-
-![](images/architecture-3.svg)
-
-UCP also exposes the standard Docker API, so you can continue using existing
-tools like the Docker CLI client. Since UCP secures your cluster with role-based
-access control, you need to configure your Docker CLI client and other client
-tools to authenticate your requests using
-[client certificates](user/access-ucp/index.md) that you can download
-from your UCP profile page.
-
-
-## Where to go next
-
-* [System requirements](admin/install/system-requirements.md)
-* [Plan your installation](admin/install/system-requirements.md)

datacenter/ucp/3.0/guides/user/services/deploy-kubernetes-workload.md

@@ -1,23 +1,9 @@
 ---
 title: Deploy a workload to a Kubernetes cluster
-description: |
-  Use Docker Enterprise Edition to deploy Kubernetes workloads from yaml files. 
+description: Use Docker Enterprise Edition to deploy Kubernetes workloads from yaml files. 
 keywords: UCP, Docker EE, orchestration, Kubernetes, cluster
-redirect_from:
-- /ucp/
-ui_tabs:
-- version: ucp-3.0
-  orhigher: true
-cli_tabs:
-- version: kubectl
-next_steps:
-- path: /engine/install
-  title: Install Docker
-- path: /get-started/
-  title: Get Started with Docker
 ---
 
-{% if include.ui %}
 The Docker EE web UI enables deploying your Kubernetes YAML files. In most
 cases, no modifications are necessary to deploy on a cluster that's managed by
 Docker EE.
@@ -58,7 +44,7 @@ later section.
 4. In the **Object YAML** editor, paste the previous YAML.
 5. Click **Create**.
 
-![](../images/deploy-kubernetes-workload-1.png){: .with-border}
+![](../../images/deploy-kubernetes-workload-1.png){: .with-border}
 
 ## Inspect the deployment
 
@@ -75,7 +61,7 @@ links in the **Kubernetes** section of the left pane.
     the **Status** section to see that pod's phase, IP address, and other 
     properties.
 
-![](../images/deploy-kubernetes-workload-2.png){: .with-border}
+![](../../images/deploy-kubernetes-workload-2.png){: .with-border}
 
 ## Expose the server
 
@@ -109,7 +95,7 @@ The service connects the cluster's internal port 80 to the external port
     section.
 3.  Click the link that's labeled **URL** to 
 
-![](../images/deploy-kubernetes-workload-3.png){: .with-border}
+![](../../images/deploy-kubernetes-workload-3.png){: .with-border}
 
 The YAML definition connects the service to the NGINX server by using the
 app label `nginx` and a corresponding label selector.
@@ -154,9 +140,8 @@ spec:
 4.  Find the **image: nginx:1.7.9** entry and change it to **image: nginx:1.8**.
 5.  Click **Edit** to update the deployment with the new YAML.
 
-{% endif %}
+## Deploy by using the CLI
 
-{% if include.cli %}
 With Docker EE, you deploy your Kubernetes objects on the command line by using
 `kubectl`. [Install and set up kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/).
 
@@ -263,7 +248,5 @@ You should see the currently running image:
     Image:        nginx:1.8
 ```
 
-{% endif %}
-
 
 

deploy/index.md

@@ -1,188 +0,0 @@
----
-title: Docker Enterprise Edition
-description: |
-  Learn about Docker Enterprise Edition, the enterprise-grade cluster
-  management solution from Docker.
-keywords:  Docker EE, UCP, DTR, orchestration, cluster
-redirect_from:
-- /ucp/
-ui_tabs:
-- version: ucp-3.0
-  orhigher: true
-cli_tabs:
-- version: docker-cli-linux
-- version: docker-cli-win
-- version: kubectl
-next_steps:
-- path: /engine/install
-  title: Install Docker
-- path: /get-started/
-  title: Get Started with Docker
----
-
-{% if include.ui %}
-
-Docker Enterprise Edition (*Docker EE*) is a Containers-as-a-Service (CaaS)
-platform that enables a secure software supply chain and deploys diverse
-applications for high availability across disparate infrastructure, both
-on-premises and in the cloud.
-
-{% if include.version=="ucp-3.0" %}
-
-Docker Enterprise Edition is a secure, scalable, and supported container
-platform for building and orchestrating applications across multi-tenant Linux,
-Windows Server 2016, and IBM z Systems environments.
-
-Docker EE enables deploying your workloads for high availability (HA) onto the
-orchestrator of your choice. Docker EE automates many of the tasks that
-orchestration requires, like provisioning pods, containers, and cluster
-resources. Self-healing components ensure that Docker EE clusters remain highly
-available.
-
-Role-based access control applies to Kubernetes and Swarm orchestrators, and
-communication within the cluster is secured with TLS.
-[Docker Content Trust](/engine/security/trust/content_trust/) is enforced
-for images on all of the orchestrators. 
- 
-Docker Universal Control Plane (UCP) is the enterprise-grade cluster management
-solution from Docker. You install it on-premises or in your virtual private
-cloud, and it helps you manage your Docker swarm and applications through a 
-single interface.
-
-![](images/docker-ee-overview-1.png){: .with-border}
-
-## Docker Enterprise Edition features
-
-Docker EE 18.01 provides multi-architecture orchestration for Kubernetes and
-Swarm workloads. Docker EE enables a secure software supply chain, with image
-promotion, mirroring between registries, and signing/scanning enforcement for
-Kubernetes images.
-
-### Kubernetes support
-
-Kubernetes in Docker EE fully supports all Docker EE features, including
-role-based access control, LDAP/AD integration, scanning, signing enforcement,
-and security policies.
-
-- Kubernetes orchestration full feature set
-- CNCF Certified Kubernetes conformance
-- Deploy Kubernetes apps via web UI or CLI
-- Compose Stack deploy for both Swarm and Kubernetes apps
-- Role-based access control for Kubernetes workloads
-- Docker EE install includes both Swarm and Kubernetes components across the
-  cluster, so every newly joined worker node is ready to schedule Kubernetes
-  and Swarm workloads
-- Pod-based autoscaling, to increase and decrease pod count based on CPU usage
-- Blue-Green deployments, for load balancing to different app versions
-- Ingress Controllers with Kubernetes L7 routing
-- Interoperability between Swarm and Kubernetes workloads for networking and
-  storage
-
-### Orchestration platform
-
-![](images/docker-ee-overview-4.svg){: .with-border}
-
-- Docker EE Manager Nodes are both Swarm managers and Kubernetes masters to enable
-  high availability
-- Allocate nodes for Swarm and Kubernetes workloads
-- Single pane of glass for monitoring apps
-- Enhanced Swarm hostname routing mesh with Interlock 2.0
-- One platform-wide management plane: secure software supply chain, secure
-  multi-tenancy, and secure and highly available node management
-
-### Secure supply chain
-
-![](images/docker-ee-overview-3.svg){: .with-border}
-
-- Image signing and scanning of Kubernetes apps for validating and verifying content
-- Image promotion with mirroring between registries (not in Beta1) 
-- Define policies for automating image promotions across the app development
-  lifecycle of Kubernetes apps (not in Beta1)
-
-## Centralized cluster management
-
-With Docker, you can join up to thousands of physical or virtual machines
-together to create a container cluster, allowing you to deploy your
-applications at scale. Docker EE extends the functionality provided by Docker
-Engine to make it easier to manage your cluster from a centralized place.
-
-You can manage and monitor your container cluster using a graphical web UI.
-
-## Deploy, manage, and monitor
-
-With Docker EE, you can manage from a centralized place all of the computing
-resources you have available, like nodes, volumes, and networks.
-
-You can also deploy and monitor your applications and services.
-
-## Built-in security and access control
-
-Docker EE has its own built-in authentication mechanism with role-based access
-control (RBAC), so that you can control who can access and make changes to your
-swarm and applications. Also, Docker EE authentication integrates with LDAP
-services.
-[Learn about role-based access control](access-control/index.md).
-
-![](images/docker-ee-overview-2.png){: .with-border}
-
-Docker EE integrates with Docker Trusted Registry so that you can keep the
-Docker images you use for your applications behind your firewall, where they
-are safe and can't be tampered with.
-
-You can also enforce security policies and only allow running applications
-that use Docker images you know and trust.
-
-{% endif %}
-
-{% endif %}
-
-{% if include.cli %}
-
- Docker EE exposes the standard Docker API, so you can continue using the tools
-that you already know, including the Docker CLI client, to deploy and manage your
-applications.
-
-For example, you can use the `docker info` command to check the
-status of a Swarm managed by Docker EE:
-
-{% if include.version=="docker-cli-linux" %}
-
-```bash
-docker info
-
-Containers: 38
-Running: 23
-Paused: 0
-Stopped: 15
-Images: 17
-Server Version: 17.06
-...
-Swarm: active
-NodeID: ocpv7el0uz8g9q7dmw8ay4yps
-Is Manager: true
-ClusterID: tylpv1kxjtgoik2jnrg8pvkg6
-Managers: 1
-…
-```
-
-{% elsif include.version=="docker-cli-win" %}
-
-```powershell
-docker info
-```
-
-{% elsif include.version=="kubectl" %}
-
-Docker EE exposes the standard Kubernetes API, and it installs the command-line
-tool, `kubectl`, by default, so you can use the usual Kubernetes commands, like
-`kubectl cluster-info`:
-
-```bash
-$ kubectl cluster-info
-```
-
-
-
-{% endif %}
-
-{% endif %}

deploy/test.md

@@ -1,52 +0,0 @@
----
-title: Manage logs
-description: |
-  The reason you would do this is X, Y, and Z.
-
-  This can be a multiline description but should probably `be brief`.
-ui_tabs:
-- version: ucp-3.0
-  orhigher: true
-- version: ucp-2.2
-  orlower: true
-cli_tabs:
-- version: docker-cli-linux
-- version: docker-cli-win
-- version: kubectl
-next_steps:
-- path: /engine/install
-  title: Install Docker
-- path: /get-started/
-  title: Get Started with Docker
----
-{% if include.ui %}
-To do this foobar task, flip the switch under **Tasks > Foobar**,
-enter your Lorem Ipsum value for {{ site.tablabels[tab.version] }}, then
-click **Save**.
-
-{% if include.version=="ucp-3.0" %}
-![Image number 1](/datacenter/ucp/2.2/guides/images/monitor-ucp-0.png)
-{% elsif include.version=="ucp-2.2" %}
-![Image number 2](/datacenter/ucp/2.2/guides/images/monitor-ucp-1.png)
-{% endif %}
-{% endif %}
-
-{% if include.cli %}
-The command line workflow is essentially the same across the various CLIs.
-First you enumerate the services on the node of choice, then you run the
-`foobar` command.
-
-{% if include.version=="docker-cli-linux" %}
-```bash
-$ docker stack deploy -c test.yml smokestack
-```
-{% elsif include.version=="docker-cli-win" %}
-```powershell
-docker stack deploy -c test.yml smokestack
-```
-{% elsif include.version=="kubectl" %}
-```bash
-$ kubectl get pod -f ./pod.yaml
-```
-{% endif %}
-{% endif %}

enterprise/docker-ee-architecture.md

@@ -24,7 +24,7 @@ Docker EE provides access to the full API sets of three popular orchestrators:
 - SwarmKit: Service-centric, Compose file version 3
 - "Classic" Swarm: Container-centric, Compose file version 2
 
-![](../images/docker-ee-architecture-1.svg){: .with-border}
+![](images/docker-ee-architecture-1.svg){: .with-border}
 
 Docker EE proxies the underlying API of each orchestrator, giving you access
 to all of the capabilities of each orchestrator, along with the benefits of
@@ -59,7 +59,7 @@ deployment.
   Changes to the configuration of one UCP manager node are propagated
   automatically to other nodes.
 
-![](../images/docker-ee-architecture.svg){: .with-border}
+![](images/docker-ee-architecture.svg){: .with-border}
 
 ### Universal Control Plane (UCP)
 
@@ -74,7 +74,7 @@ containers and pods across your Docker cluster.
 UCP also secures Docker with role-based access control so that only authorized
 users can make changes and deploy applications to your cluster.
 
-![](../images/ucp-architecture-1.svg){: .with-border}
+![](images/ucp-architecture-1.svg){: .with-border}
 
 Once a UCP instance is deployed, you don't interact with Docker EE Engine
 directly. Instead, you interact with UCP. Since UCP exposes the standard
@@ -83,14 +83,14 @@ you already know and love, like `kubectl`, the Docker CLI client, and Docker
 Compose.
 [Learn about UCP architecture](ucp-architecture.md).
 
-![](../images/ucp-architecture-2.svg){: .with-border}
+![](images/ucp-architecture-2.svg){: .with-border}
 
 ### Docker Trusted Registry (DTR)
 
 Docker Trusted Registry (DTR) is a containerized application that runs on a
 Docker UCP cluster.
 
-![](../images/dtr-architecture-1.svg){: .with-border}
+![](images/dtr-architecture-1.svg){: .with-border}
 
 Once you have DTR deployed, you use your Docker CLI client to login, push, and
 pull images.
@@ -98,7 +98,7 @@ pull images.
 For high-availability, you can deploy multiple DTR replicas, one on each UCP
 worker node.
 
-![](../images/dtr-architecture-2.svg){: .with-border}
+![](images/dtr-architecture-2.svg){: .with-border}
 
 All DTR replicas run the same set of services, and changes to their configuration
 are automatically propagated to other replicas.

enterprise/dtr-architecture.md

@@ -12,7 +12,7 @@ next_steps:
 Docker Trusted Registry (DTR) is a containerized application that runs on a
 Docker Universal Control Plane cluster.
 
-![](../images/dtr-architecture-1.svg){: .with-border}
+![](images/dtr-architecture-1.svg){: .with-border}
 
 Once you have DTR deployed, you use your Docker CLI client to login, push, and
 pull images.
@@ -22,7 +22,7 @@ pull images.
 For high-availability you can deploy multiple DTR replicas, one on each UCP
 worker node.
 
-![](../images/dtr-architecture-2.svg){: .with-border}
+![](images/dtr-architecture-2.svg){: .with-border}
 
 All DTR replicas run the same set of services and changes to their configuration
 are automatically propagated to other replicas.
@@ -81,7 +81,7 @@ By default, Docker Trusted Registry stores images on the filesystem of the node
 where it is running, but you should configure it to use a centralized storage
 backend.
 
-![](../images/dtr-architecture-3.svg){: .with-border}
+![](images/dtr-architecture-3.svg){: .with-border}
 
 DTR supports these storage backends:
 
@@ -96,7 +96,7 @@ DTR supports these storage backends:
 
 DTR has a web UI where you can manage settings and user permissions.
 
-![](../images/dtr-architecture-4.svg){: .with-border}
+![](images/dtr-architecture-4.svg){: .with-border}
 
 You can push and pull images using the standard Docker CLI client or other tools
 that can interact with a Docker registry.

enterprise/index.md

@@ -1,69 +1,149 @@
 ---
-title: About Docker EE
-description: Information about Docker Enterprise Edition
-keywords: enterprise, enterprise edition, ee, docker ee, docker enterprise edition, lts, commercial, cs engine
+title: Docker Enterprise Edition
+description: Learn about Docker Enterprise Edition, the enterprise-grade cluster
+  management solution from Docker.
+keywords: Docker EE, UCP, DTR, orchestration, cluster
 ---
 
-Docker Enterprise Edition (*Docker EE*) is designed for enterprise
-development and IT teams who build, ship, and run business-critical
-applications in production and at scale. Docker EE is integrated, certified,
-and supported to provide enterprises with the most secure container platform
-in the industry. For more info about Docker EE, including purchasing
-options, see [Docker Enterprise Edition](https://www.docker.com/enterprise-edition/).
+Docker Enterprise Edition (*Docker EE*) is a Containers-as-a-Service (CaaS)
+platform that enables a secure software supply chain and deploys diverse
+applications for high availability across disparate infrastructure, both
+on-premises and in the cloud.
 
-<!-- This is populated by logic in js/archive.js -->
-<p id="ee-version-div"></p>
+Docker Enterprise Edition is a secure, scalable, and supported container
+platform for building and orchestrating applications across multi-tenant Linux,
+Windows Server 2016, and IBM z Systems environments.
 
-The free Docker products continue to be available as the Docker Community
-Edition (*Docker CE*).
+Docker EE enables deploying your workloads for high availability (HA) onto the
+orchestrator of your choice. Docker EE automates many of the tasks that
+orchestration requires, like provisioning pods, containers, and cluster
+resources. Self-healing components ensure that Docker EE clusters remain highly
+available.
 
-## Supported platforms
+Role-based access control applies to Kubernetes and Swarm orchestrators, and
+communication within the cluster is secured with TLS.
+[Docker Content Trust](/engine/security/trust/content_trust/) is enforced
+for images on all of the orchestrators.
 
-The following table shows all of the platforms that are available for Docker EE.
-Each link in the first column takes you to the installation
-instructions for the corresponding platform. Docker EE is an integrated,
-supported, and certified container platform for the listed cloud providers and
-operating systems.
+Docker Universal Control Plane (UCP) is the enterprise-grade cluster management
+solution from Docker. You install it on-premises or in your virtual private
+cloud, and it helps you manage your Docker swarm and applications through a
+single interface.
 
-{% include docker_platform_matrix.md %}
+![](images/docker-ee-overview-1.png){: .with-border}
 
-## Docker EE feature tiers
+## Docker Enterprise Edition features
 
-Docker EE is available in three tiers:
+Docker EE 18.01 provides multi-architecture orchestration for Kubernetes and
+Swarm workloads. Docker EE enables a secure software supply chain, with image
+promotion, mirroring between registries, and signing/scanning enforcement for
+Kubernetes images.
 
--  **Basic:** The Docker platform for certified infrastructure, with support
-   from Docker Inc. and certified containers and plugins from Docker Store.
--  **Standard:** Adds advanced image and container management, LDAP/AD user
-   integration, and role-based access control. Together, these features
-   comprise Docker Enterprise Edition.
--  **Advanced:** Adds
-   [Docker Security Scanning](https://blog.docker.com/2016/05/docker-security-scanning/)
-   and continuous vulnerability monitoring.
+### Kubernetes support
 
-## Docker Enterprise Edition release cycles
+Kubernetes in Docker EE fully supports all Docker EE features, including
+role-based access control, LDAP/AD integration, scanning, signing enforcement,
+and security policies.
 
-Docker EE is released quarterly. Releases use a time-based versioning
-scheme, so for example, Docker EE version 17.03 was released
-in March 2017. For schedule details, see
-[Time-based release schedule](/install/index.md#time-based-release-schedule).
+- Kubernetes orchestration full feature set
+- CNCF Certified Kubernetes conformance
+- Deploy Kubernetes apps via web UI or CLI
+- Compose Stack deploy for both Swarm and Kubernetes apps
+- Role-based access control for Kubernetes workloads
+- Docker EE install includes both Swarm and Kubernetes components across the
+  cluster, so every newly joined worker node is ready to schedule Kubernetes
+  and Swarm workloads
+- Pod-based autoscaling, to increase and decrease pod count based on CPU usage
+- Blue-Green deployments, for load balancing to different app versions
+- Ingress Controllers with Kubernetes L7 routing
+- Interoperability between Swarm and Kubernetes workloads for networking and
+  storage
 
-Each Docker EE release is supported and maintained for one year and
-receives security and critical bug fixes during this period.
+### Orchestration platform
 
-The Docker API version is independent of the Docker platform version. The API
-version doesn't change from Docker 1.13.1 to Docker 17.03. We maintain
-careful API backward compatibility and deprecate APIs and features slowly and
-conservatively. We remove features after deprecating them for a period of
-three stable releases. Docker 1.13 introduced improved interoperability
-between clients and servers using different API versions, including dynamic
-feature negotiation.
+![](images/docker-ee-overview-4.svg){: .with-border}
 
-## Upgrades and support
+- Docker EE Manager Nodes are both Swarm managers and Kubernetes masters to enable
+  high availability
+- Allocate nodes for Swarm and Kubernetes workloads
+- Single pane of glass for monitoring apps
+- Enhanced Swarm hostname routing mesh with Interlock 2.0
+- One platform-wide management plane: secure software supply chain, secure
+  multi-tenancy, and secure and highly available node management
 
-If you're a Docker DDC or CS Engine customer, you don't need to upgrade to
-Docker EE to continue to get support. We will continue to support customers
-with valid subscriptions whether the subscription covers Docker EE or
-Commercially Supported Docker. You can choose to stay with your current
-deployed version, or you can upgrade to the latest Docker EE version. For
-more info, see [Scope of Coverage and Maintenance
-Lifecycle](https://success.docker.com/Policies/Scope_of_Support).
+### Secure supply chain
+
+![](images/docker-ee-overview-3.svg){: .with-border}
+
+- Image signing and scanning of Kubernetes apps for validating and verifying content
+- Image promotion with mirroring between registries (not in Beta1)
+- Define policies for automating image promotions across the app development
+  lifecycle of Kubernetes apps (not in Beta1)
+
+## Centralized cluster management
+
+With Docker, you can join up to thousands of physical or virtual machines
+together to create a container cluster, allowing you to deploy your
+applications at scale. Docker EE extends the functionality provided by Docker
+Engine to make it easier to manage your cluster from a centralized place.
+
+You can manage and monitor your container cluster using a graphical web UI.
+
+## Deploy, manage, and monitor
+
+With Docker EE, you can manage from a centralized place all of the computing
+resources you have available, like nodes, volumes, and networks.
+
+You can also deploy and monitor your applications and services.
+
+## Built-in security and access control
+
+Docker EE has its own built-in authentication mechanism with role-based access
+control (RBAC), so that you can control who can access and make changes to your
+swarm and applications. Also, Docker EE authentication integrates with LDAP
+services.
+[Learn about role-based access control](access-control/index.md).
+
+![](images/docker-ee-overview-2.png){: .with-border}
+
+Docker EE integrates with Docker Trusted Registry so that you can keep the
+Docker images you use for your applications behind your firewall, where they
+are safe and can't be tampered with.
+
+You can also enforce security policies and only allow running applications
+that use Docker images you know and trust.
+
+## Docker EE and the CLI
+
+Docker EE exposes the standard Docker API, so you can continue using the tools
+that you already know, including the Docker CLI client, to deploy and manage your
+applications.
+
+For example, you can use the `docker info` command to check the
+status of a Swarm managed by Docker EE:
+
+```bash
+docker info
+
+Containers: 38
+Running: 23
+Paused: 0
+Stopped: 15
+Images: 17
+Server Version: 17.06
+...
+Swarm: active
+NodeID: ocpv7el0uz8g9q7dmw8ay4yps
+Is Manager: true
+ClusterID: tylpv1kxjtgoik2jnrg8pvkg6
+Managers: 1
+…
+```
+
+Docker EE exposes the standard Kubernetes API, and it installs the command-line
+tool, `kubectl`, by default, so you can use the usual Kubernetes commands, like
+`kubectl cluster-info`:
+
+```bash
+$ kubectl cluster-info
+```

enterprise/supported-platforms.md

@@ -0,0 +1,69 @@
+---
+title: About Docker EE
+description: Information about Docker Enterprise Edition
+keywords: enterprise, enterprise edition, ee, docker ee, docker enterprise edition, lts, commercial, cs engine
+---
+
+Docker Enterprise Edition (*Docker EE*) is designed for enterprise
+development and IT teams who build, ship, and run business-critical
+applications in production and at scale. Docker EE is integrated, certified,
+and supported to provide enterprises with the most secure container platform
+in the industry. For more info about Docker EE, including purchasing
+options, see [Docker Enterprise Edition](https://www.docker.com/enterprise-edition/).
+
+<!-- This is populated by logic in js/archive.js -->
+<p id="ee-version-div"></p>
+
+The free Docker products continue to be available as the Docker Community
+Edition (*Docker CE*).
+
+## Supported platforms
+
+The following table shows all of the platforms that are available for Docker EE.
+Each link in the first column takes you to the installation
+instructions for the corresponding platform. Docker EE is an integrated,
+supported, and certified container platform for the listed cloud providers and
+operating systems.
+
+{% include docker_platform_matrix.md %}
+
+## Docker EE feature tiers
+
+Docker EE is available in three tiers:
+
+-  **Basic:** The Docker platform for certified infrastructure, with support
+   from Docker Inc. and certified containers and plugins from Docker Store.
+-  **Standard:** Adds advanced image and container management, LDAP/AD user
+   integration, and role-based access control. Together, these features
+   comprise Docker Enterprise Edition.
+-  **Advanced:** Adds
+   [Docker Security Scanning](https://blog.docker.com/2016/05/docker-security-scanning/)
+   and continuous vulnerability monitoring.
+
+## Docker Enterprise Edition release cycles
+
+Docker EE is released quarterly. Releases use a time-based versioning
+scheme, so for example, Docker EE version 17.03 was released
+in March 2017. For schedule details, see
+[Time-based release schedule](/engine/installation/#time-based-release-schedule).
+
+Each Docker EE release is supported and maintained for one year and
+receives security and critical bug fixes during this period.
+
+The Docker API version is independent of the Docker platform version. The API
+version doesn't change from Docker 1.13.1 to Docker 17.03. We maintain
+careful API backward compatibility and deprecate APIs and features slowly and
+conservatively. We remove features after deprecating them for a period of
+three stable releases. Docker 1.13 introduced improved interoperability
+between clients and servers using different API versions, including dynamic
+feature negotiation.
+
+## Upgrades and support
+
+If you're a Docker DDC or CS Engine customer, you don't need to upgrade to
+Docker EE to continue to get support. We will continue to support customers
+with valid subscriptions whether the subscription covers Docker EE or
+Commercially Supported Docker. You can choose to stay with your current
+deployed version, or you can upgrade to the latest Docker EE version. For
+more info, see [Scope of Coverage and Maintenance
+Lifecycle](https://success.docker.com/Policies/Scope_of_Support).

enterprise/ucp-architecture.md

@@ -16,7 +16,7 @@ to make it easier to deploy, configure, and monitor your applications at scale.
 UCP also secures Docker with role-based access control so that only authorized
 users can make changes and deploy applications to your Docker cluster.
 
-![](../images/ucp-architecture-1.svg){: .with-border}
+![](images/ucp-architecture-1.svg){: .with-border}
 
 Once Universal Control Plane (UCP) instance is deployed, developers and IT
 operations no longer interact with Docker Engine directly, but interact with
@@ -30,7 +30,7 @@ the Docker CLI client and Docker Compose.
 Docker UCP leverages the clustering and orchestration functionality provided
 by Docker.
 
-![](../images/ucp-architecture-2.svg){: .with-border}
+![](images/ucp-architecture-2.svg){: .with-border}
 
 A swarm is a collection of nodes that are in the same Docker cluster.
 [Nodes](/engine/swarm/key-concepts.md) in a Docker swarm operate in one of two
@@ -156,7 +156,7 @@ There are two ways to interact with UCP: the web UI or the CLI.
 You can use the UCP web UI to manage your swarm, grant and revoke user
 permissions, deploy, configure, manage, and monitor your applications.
 
-![](../images/ucp-architecture-3.svg){: .with-border}
+![](images/ucp-architecture-3.svg){: .with-border}
 
 UCP also exposes the standard Docker API, so you can continue using existing
 tools like the Docker CLI client. Since UCP secures your cluster with role-based