diff --git a/Jenkinsfile b/Jenkinsfile
index 34916fbce7..3b54bd3e61 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,6 +1,3 @@
-def dtrVpnAddress = "vpn.corp-us-east-1.aws.dckr.io"
-def ucpBundle = [file(credentialsId: "ucp-bundle", variable: 'UCP')]
-def slackString = [string(credentialsId: 'slack-docs-webhook', variable: 'slack')]
 def reg = [credentialsId: 'csebuildbot', url: 'https://index.docker.io/v1/']
 
 pipeline {
@@ -13,6 +10,15 @@ pipeline {
       agent {
         label 'ubuntu-1604-aufs-stable'
       }
+      environment {
+        DTR_VPN_ADDRESS       = credentials('dtr-vpn-address')
+        DOCKER_HOST_STRING    = credentials('docker-host')
+        UCP_BUNDLE            = credentials('ucp-bundle')
+        SLACK                 = credentials('slack-docs-webhook')
+      }
+      when {
+        expression { env.GIT_URL == 'https://github.com/Docker/docker.github.io.git' }
+      }
       stages {
         stage( 'build and push stage image' ) {
           when {
@@ -40,48 +46,121 @@ pipeline {
             }
           }
         }
-        stage( 'update docs-stage' ) {
+        stage( 'update docs stage' ) {
           when {
             branch 'master'
           }
           steps {
-            withVpn(dtrVpnAddress) {
-              withCredentials(ucpBundle) {
-                sh 'unzip -o $UCP' 
-              }
+            withVpn("$DTR_VPN_ADDRESS") {
+              sh "unzip -o $UCP_BUNDLE"
               withDockerRegistry(reg) {
                 sh """
                   export DOCKER_TLS_VERIFY=1
                   export COMPOSE_TLS_VERSION=TLSv1_2
                   export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot
-                  export DOCKER_HOST=tcp://ucp.corp-us-east-1.aws.dckr.io:443
+                  export DOCKER_HOST=$DOCKER_HOST_STRING
                   docker service update --detach=false --force --image docs/docker.github.io:stage-${env.BUILD_NUMBER} docs-stage-docker-com_docs --with-registry-auth
                 """
               }
             }
           }
         }
-        stage( 'update docs-prod' ) {
+        stage( 'update docs prod' ) {
           when {
             branch 'published'
           }
           steps {
-            withVpn(dtrVpnAddress) {
-              withCredentials(ucpBundle) {
-                sh 'unzip -o $UCP' 
+            withVpn("$DTR_VPN_ADDRESS") {
+              sh "unzip -o $UCP_BUNDLE"
+              withDockerRegistry(reg) {
+                sh """
+                  cd ucp-bundle-success_bot
+                  export DOCKER_TLS_VERIFY=1
+                  export COMPOSE_TLS_VERSION=TLSv1_2
+                  export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot
+                  export DOCKER_HOST=$DOCKER_HOST_STRING
+                  docker service update --detach=false --force --image docs/docker.github.io:prod-${env.BUILD_NUMBER} docs-docker-com_docs --with-registry-auth
+                  curl -X POST -H 'Content-type: application/json' --data '{"text":"Successfully published docs. https://docs.docker.com/"}' $SLACK
+                """
               }
-              withCredentials(slackString) {
-                withDockerRegistry(reg) {
-                  sh """
-                    cd ucp-bundle-success_bot
-                    export DOCKER_TLS_VERIFY=1
-                    export COMPOSE_TLS_VERSION=TLSv1_2
-                    export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot
-                    export DOCKER_HOST=tcp://ucp.corp-us-east-1.aws.dckr.io:443
-                    docker service update --detach=false --force --image docs/docker.github.io:prod-${env.BUILD_NUMBER} docs-docker-com_docs --with-registry-auth
-                    curl -X POST -H 'Content-type: application/json' --data '{"text":"Successfully published docs. https://docs.docker.com/"}' $slack
-                  """
-                }
+            }
+          }
+        }
+      }
+    }
+    stage( 'docs-private' ) {
+      agent {
+        label 'ubuntu-1604-aufs-stable'
+      }
+      environment {
+        DTR_VPN_ADDRESS       = credentials('dtr-vpn-address')
+        DOCKER_HOST_STRING    = credentials('docker-host')
+        UCP_BUNDLE            = credentials('ucp-bundle')
+      }
+      when {
+        expression { env.GIT_URL == "https://github.com/docker/docs-private.git" }
+      } 
+      stages {
+        stage( 'build and push new beta stage image' ) {
+          when {
+            branch 'amberjack'
+          }
+          steps {
+            withDockerRegistry(reg) {
+              sh """
+                docker image build --tag docs/docs-private:beta-stage-${env.BUILD_NUMBER} . && \
+                docker image push docs/docs-private:beta-stage-${env.BUILD_NUMBER}
+              """
+            }
+          }
+        }
+        stage( 'build and push new beta image' ) {
+          when {
+            branch 'published'
+          }
+          steps {
+            withDockerRegistry(reg) {
+              sh """
+                docker image build --tag docs/docs-private:beta-${env.BUILD_NUMBER} . && \
+                docker image push docs/docs-private:beta-${env.BUILD_NUMBER}
+              """
+            }
+          }
+        }
+        stage( 'update beta stage service' ) {
+          when {
+            branch 'amberjack'
+          }
+          steps {
+            withVpn("$DTR_VPN_ADDRESS") {
+              sh "unzip -o $UCP_BUNDLE"
+              withDockerRegistry(reg) {
+                sh """
+                  export DOCKER_TLS_VERIFY=1
+                  export COMPOSE_TLS_VERSION=TLSv1_2
+                  export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot
+                  export DOCKER_HOST=$DOCKER_HOST_STRING
+                  docker service update --detach=false --force --image docs/docs-private:beta-stage-${env.BUILD_NUMBER} docs-beta-stage-docker-com_docs --with-registry-auth
+                """
+              }
+            }
+          }
+        }
+        stage( 'update beta service' ) {
+          when {
+            branch 'published'
+          }
+          steps {
+            withVpn("$DTR_VPN_ADDRESS") {
+              sh "unzip -o $UCP_BUNDLE"
+              withDockerRegistry(reg) {
+                sh """
+                  export DOCKER_TLS_VERIFY=1
+                  export COMPOSE_TLS_VERSION=TLSv1_2
+                  export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot
+                  export DOCKER_HOST=$DOCKER_HOST_STRING
+                  docker service update --detach=false --force --image docs/docs-private:beta-${env.BUILD_NUMBER} docs-beta-docker-com_docs --with-registry-auth
+                """
               }
             }
           }
diff --git a/develop/develop-images/dockerfile_best-practices.md b/develop/develop-images/dockerfile_best-practices.md
index c020cdcaa0..6beacdc26b 100644
--- a/develop/develop-images/dockerfile_best-practices.md
+++ b/develop/develop-images/dockerfile_best-practices.md
@@ -202,7 +202,7 @@ cd example
 # create an example file
 touch somefile.txt
 
-# build and image using the current directory as context, and a Dockerfile passed through stdin
+# build an image using the current directory as context, and a Dockerfile passed through stdin
 docker build -t myimage:latest -f- . <<EOF
 FROM busybox
 COPY somefile.txt .
diff --git a/ee/ucp/release-notes.md b/ee/ucp/release-notes.md
index 7161890fd2..f10e995f0b 100644
--- a/ee/ucp/release-notes.md
+++ b/ee/ucp/release-notes.md
@@ -42,6 +42,9 @@ upgrade your installation to the latest release.
 * Fixed an issue with continuous interlock reconciliation if `ucp-interlock` service image does not match expected version. (ENGORC-2081)
 
 ### Known Issues
+
+* Upgrading from UCP 3.1.4 to 3.1.5 causes missing Swarm placement constraints banner for some Swarm services (ENGORC-2191)https://docker.atlassian.net/browse/ENGORC-2191. This can cause Swarm services to run unexpectedly on Kubernetes nodes. See https://www.docker.com/ddc-41 for more information.
+    - Workaround: Delete any `ucp-*-s390x` Swarm services. For example, `ucp-auth-api-s390x`.
 * There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during uprades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade)
 * To deploy Pods with containers using Restricted Parameters, the user must be an admin and a service account must explicitly have a **ClusterRoleBinding** with `cluster-admin` as the  **ClusterRole**. Restricted Parameters on Containers include:
     * Host Bind Mounts
diff --git a/engine/swarm/configs.md b/engine/swarm/configs.md
index 99e99eadd4..a739122e39 100644
--- a/engine/swarm/configs.md
+++ b/engine/swarm/configs.md
@@ -122,8 +122,8 @@ Docker configs.
 
 ### Defining and using configs in compose files
 
-Both the `docker compose` and `docker stack` commands support defining configs
-in a compose file. See
+The `docker stack` command supports defining configs in a Compose file.
+However, the `configs` key is not supported for `docker compose`. See
 [the Compose file reference](/compose/compose-file/#configs) for details.
 
 ### Simple example: Get started with configs
diff --git a/get-started/part2.md b/get-started/part2.md
index 162290edde..89968c1e96 100644
--- a/get-started/part2.md
+++ b/get-started/part2.md
@@ -418,7 +418,7 @@ ones if you'd like to explore a bit before moving on.
 
 ```shell
 docker build -t friendlyhello .  # Create image using this directory's Dockerfile
-docker run -p 4000:80 friendlyhello  # Run "friendlyname" mapping port 4000 to 80
+docker run -p 4000:80 friendlyhello  # Run "friendlyhello" mapping port 4000 to 80
 docker run -d -p 4000:80 friendlyhello         # Same thing, but in detached mode
 docker container ls                                # List all running containers
 docker container ls -a             # List all containers, even those not running