Merge pull request #8258 from docker/master

Sync published with master
2019-02-14 18:41:13 -08:00 · 2019-02-14 18:41:13 -08:00 · 2d6f7549b7
parent c7e3b881de 1f77709e49
commit 2d6f7549b7
9 changed files with 123 additions and 94 deletions
--- a/_data/glossary.yaml
+++ b/_data/glossary.yaml
@ -32,7 +32,7 @@ collection: |
  nodes, services, containers, volumes, networks, and secrets. [Learn how to manage collections](/datacenter/ucp/2.2/guides/access-control/manage-access-with-collections/).
 Compose: |
  [Compose](https://github.com/docker/compose) is a tool for defining and
-  running complex applications with Docker. With compose, you define a
+  running complex applications with Docker. With Compose, you define a
  multi-container application in a single file, then spin your
  application up in a single command which does everything that needs to
  be done to get it running.
--- a/datacenter/ucp/3.0/reference/cli/install.md
+++ b/datacenter/ucp/3.0/reference/cli/install.md
@ -63,9 +63,9 @@ command.
 | `--swarm-port`           | Port for the Docker Swarm manager. Used for backwards compatibility                                                                                                                                                                       |
 | `--swarm-grpc-port`      | Port for communication between nodes                                                                                                                                                                                                      |
 | `--cni-installer-url`    | A URL pointing to a Kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin is not installed. If the URL uses the HTTPS scheme, no certificate verification is performed. |
 | `--pod-cidr`             | Kubernetes cluster IP pool for the pods to allocated IPs from (Default: 192.168.0.0/16)                                                                                                                                                    |
 | `--cloud-provider`       | The cloud provider for the cluster                                                                                                                                                                                                        |
 | `--skip-cloud-provider`  | Disables checks that rely on detecting the cloud provider (if any) on which the cluster is currently running.                                                                                                                                                                                                       |
 | `--dns`                  | Set custom DNS servers for the UCP containers                                                                                                                                                                                             |
 | `--dns-opt`              | Set DNS options for the UCP containers                                                                                                                                                                                                    |
 | `--dns-search`           | Set custom DNS search domains for the UCP containers                                                                                                                                                                                      |
@ -80,7 +80,8 @@ command.
 | `--swarm-experimental`   | Enable Docker Swarm experimental features. Used for backwards compatibility                                                                                                                                                               |
 | `--disable-tracking`     | Disable anonymous tracking and analytics                                                                                                                                                                                                  |
 | `--disable-usage`        | Disable anonymous usage reporting                                                                                                                                                                                                         |
-| `--external-server-cert` | Use the certificates in the `ucp-controller-server-certs` volume instead of generating self-signed certs during installation                                                                                                                                                  |
+| `--external-server-cert` | Use the certificates in the `ucp-controller-server-certs` volume instead of generating self-signed certs during installation  
 |
 | `--preserve-certs`       | Don't generate certificates if they already exist                                                                                                                                                                                         |
 | `--binpack`              | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility                                                                                                                                                          |
 | `--random`               | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility                                                                                                                                                           |
--- a/docker-for-mac/edge-release-notes.md
+++ b/docker-for-mac/edge-release-notes.md
@ -16,7 +16,7 @@ notes](release-notes) are also available. (Following the CE release model,
 releases, and download stable and edge product installers at [Download Docker
 for Mac](install.md#download-docker-for-mac).
-## Edge Releases of 2018
+## Edge Releases of 2019
 ### Docker Community Edition 2.0.2.0 2019-02-06
@ -55,6 +55,8 @@ for Mac](install.md#download-docker-for-mac).
  - Rename Docker for Mac to Docker Desktop
  - Partially open services ports if possible. [docker/for-mac#3438](https://github.com/docker/for-mac/issues/3438)
 ## Edge Releases of 2018
 ### Docker Community Edition 2.0.0.0-mac82 2018-12-07
 [Download](https://download.docker.com/mac/edge/29268/Docker.dmg)
--- a/docker-for-windows/edge-release-notes.md
+++ b/docker-for-windows/edge-release-notes.md
@ -16,7 +16,7 @@ notes](release-notes) are also available. (Following the CE release model,
 releases, and download stable and edge product installers at [Download Docker
 for Windows](install.md#download-docker-for-windows).
-## Edge Releases of 2018
+## Edge Releases of 2019
 ### Docker Community Edition 2.0.2.0 2019-02-06
@ -54,6 +54,8 @@ for Windows](install.md#download-docker-for-windows).
  - Quit will not check if service is running anymore
  - Fix UI lock when changing kubernetes state
 ## Edge Releases of 2018
 ### Docker Community Edition 2.0.0.0-win82 2018-12-07
 [Download](https://download.docker.com/win/edge/29268/Docker%20for%20Windows%20Installer.exe)
--- a/ee/ucp/admin/configure/deploy-route-reflectors.md
+++ b/ee/ucp/admin/configure/deploy-route-reflectors.md
@ -27,7 +27,7 @@ workloads.
 If Route Reflectors are running on a same node as other workloads, swarm ingress
 and NodePorts might not work in these workloads.
-## Choose dedicated notes
+## Choose dedicated nodes
 Start by tainting the nodes, so that no other workload runs there. Configure
 your CLI with a UCP client bundle, and for each dedicated node, run:
--- a/ee/ucp/release-notes.md
+++ b/ee/ucp/release-notes.md
@ -39,6 +39,7 @@ upgrade your installation to the latest release.
 * Added support for the limit arg in `docker ps`. (docker/orca#15812)
 * Fixed an issue with ucp-proxy health check. (docker/orca#15814, docker/orca#15813, docker/orca#16021, docker/orca#15811)
 * Fixed an issue with manual creation of a **ClusterRoleBinding** or **RoleBinding** for `User` or `Group` subjects requiring the ID of the user, organization, or team. (docker/orca#14935)
 * Fixed an issue in which Kube Rolebindings only worked on UCP User ID and not UCP username. (docker/orca#14935)
 ### Known issue
 * By default, Kubelet begins deleting images, starting with the oldest unused images, after exceeding 85% disk space utilization. This causes an issue in an air-gapped environment. (docker/orca#16082)
--- a/engine/release-notes.md
+++ b/engine/release-notes.md
@ -235,14 +235,14 @@ For more information on the list of deprecated flags and APIs, have a look at th
 In this release, Docker has also removed support for TLS < 1.2 [moby/moby#37660](https://github.com/moby/moby/pull/37660),
 Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/docker-ce-packaging/pull/255) / [docker-ce-packaging#254](https://github.com/docker/docker-ce-packaging/pull/254), and Debian 8 "Jessie" [docker-ce-packaging#255](https://github.com/docker/docker-ce-packaging/pull/255) / [docker-ce-packaging#254](https://github.com/docker/docker-ce-packaging/pull/254).
-### 18.03.1-ee-6
+## 18.03.1-ee-6
 2019-02-11
 ### Security fixes for Docker Engine - Enterprise
 * Update `runc` to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. [CVE-2019-5736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736)
 * Ubuntu 14.04 customers using a 3.13 kernel will need to upgrade to a supported Ubuntu 4.x kernel
-### 18.03.1-ee-5
+## 18.03.1-ee-5
 2019-01-09
 ### Security fixes
@ -255,7 +255,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 * Fix resource leak on `docker logs --follow` [moby/moby#37576](https://github.com/moby/moby/pull/37576)
 * Mask proxy credentials from URL when displayed in system info (docker/escalation#879)
-### 17.06.2-ee-19
+## 17.06.2-ee-19
 2019-02-11
@ -263,7 +263,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 * Update `runc` to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. [CVE-2019-5736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736)
 * Ubuntu 14.04 customers using a 3.13 kernel will need to upgrade to a supported Ubuntu 4.x kernel
-### 17.06.2-ee-18
+## 17.06.2-ee-18
 2019-01-09
 ### Security fixes
@ -279,7 +279,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 ## Older Docker Engine EE Release notes
-### 18.03.1-ee-4 
+## 18.03.1-ee-4 
 2018-10-25
@ -306,7 +306,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
  * Fixed the logic used for skipping over running tasks. [docker/swarmkit#2724](https://github.com/docker/swarmkit/pull/2724)
 * Addressed unassigned task leak when a service is removed. [docker/swarmkit#2709](https://github.com/docker/swarmkit/pull/2709)
-  ### 18.03.1-ee-3 
+  ## 18.03.1-ee-3 
 2018-08-30
  #### Builder
@ -358,7 +358,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 * Fixed the logic used for skipping over running tasks. [docker/swarmkit#2724](https://github.com/docker/swarmkit/pull/2724)
 * Addressed unassigned task leak when a service is removed. [docker/swarmkit#2709](https://github.com/docker/swarmkit/pull/2709)
-### 18.03.1-ee-3 
+## 18.03.1-ee-3 
 2018-08-30
 #### Builder
@ -385,7 +385,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 * Clean up tasks in dirty list for which the service has been deleted. [docker/swarmkit#2694](https://github.com/docker/swarmkit/pull/2694)
 * Propagate the provided external CA certificate to the external CA object in swarm. [docker/cli#1178](https://github.com/docker/cli/pull/1178)
-### 18.03.1-ee-2
+## 18.03.1-ee-2
 2018-07-10
 > #### Important notes about this release
@ -398,7 +398,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 + Add /proc/acpi to masked paths [(CVE-2018-10892)](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-10892). [moby/moby#37404](https://github.com/moby/moby/pull/37404)
-### 18.03.1-ee-1
+## 18.03.1-ee-1
 2018-06-27
 > #### Important notes about this release
@ -422,7 +422,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 + Support for `--chown` with `COPY` and `ADD` in `Dockerfile`.
 + Added functionality for the `docker logs` command to include the output of multiple logging drivers.
-### 17.06.2-ee-17 
+## 17.06.2-ee-17 
 2018-10-25
 #### Networking
@ -441,7 +441,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 * Fixed leaking task resources. [docker/swarmkit#2755](https://github.com/docker/swarmkit/pull/2755)
 * Fixed deadlock in dispatcher that could cause node to crash. [docker/swarmkit#2753](https://github.com/docker/swarmkit/pull/2753)
-### 17.06.2-ee-16 
+## 17.06.2-ee-16 
 2018-07-26
 #### Client
@ -467,7 +467,7 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 * RoleManager will remove deleted nodes from the cluster membership. [docker/swarmkit#2607](https://github.com/docker/swarmkit/pull/2607)
 - Fix unassigned task leak when service is removed. [docker/swarmkit#2708](https://github.com/docker/swarmkit/pull/2708)
-### 17.06.2-ee-15 
+## 17.06.2-ee-15 
 2018-07-10
 #### Runtime
@ -493,21 +493,21 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 - Fix `docker stack deploy --prune` with empty name removes all swarm services. [moby/moby#36776](https://github.com/moby/moby/issues/36776)
-### 17.06.2-ee-13 
+## 17.06.2-ee-13 
 2018-06-04
 #### Networking
 - Fix attachable containers that may leave DNS state when exiting. [docker/libnetwork#2175](https://github.com/docker/libnetwork/pull/2175)
-### 17.06.2-ee-12 
+## 17.06.2-ee-12 
 2018-05-29
 #### Networking
 - Fix to allow service update with no connection loss. [docker/libnetwork#2157](https://github.com/docker/libnetwork/pull/2157)
-### 17.06.2-ee-11 
+## 17.06.2-ee-11 
 2018-05-17
 #### Client
@ -532,14 +532,14 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d
 * When all Swarm managers are stopped at the same time, the swarm might end up in a
 split-brain scenario. [Learn more](https://success.docker.com/article/KB000759).
-### 17.06.2-ee-10 
+## 17.06.2-ee-10 
 2018-04-27
 #### Runtime
 * Fix version output to not have `-dev`.
-### 17.06.2-ee-9 
+## 17.06.2-ee-9 
 2018-04-26
 #### Runtime
@ -553,7 +553,7 @@ split-brain scenario. [Learn more](https://success.docker.com/article/KB000759).
 - Increase raft ElectionTick to 10xHeartbeatTick. [docker/swarmkit#2564](https://github.com/docker/swarmkit/pull/2564)
 - Adding logic to restore networks in order. [docker/swarmkit#2584](https://github.com/docker/swarmkit/pull/2584)
-### 17.06.2-ee-8 
+## 17.06.2-ee-8 
 2018-04-17
 #### Runtime
@ -576,7 +576,7 @@ split-brain scenario. [Learn more](https://success.docker.com/article/KB000759).
  workaround, wait for leader election to complete before issuing commands
  to the cluster.
-### 17.06.2-ee-7 
+## 17.06.2-ee-7 
 2018-03-19
 #### Important notes about this release
@ -627,7 +627,7 @@ split-brain scenario. [Learn more](https://success.docker.com/article/KB000759).
 - Synchronize Dispatcher.Stop() with incoming rpcs [docker/swarmkit#2524](https://github.com/docker/swarmkit/pull/2524)
 - Fix IP overlap with empty EndpointSpec [docker/swarmkit#2511](https://github.com/docker/swarmkit/pull/2511)
-### 17.06.2-ee-6 
+## 17.06.2-ee-6 
 2017-11-27
 #### Runtime
@ -644,7 +644,7 @@ split-brain scenario. [Learn more](https://success.docker.com/article/KB000759).
 * Only shut down old tasks on success [docker/swarmkit#2308](https://github.com/docker/swarmkit/pull/2308)
 * Error on cluster spec name change [docker/swarmkit#2436](https://github.com/docker/swarmkit/pull/2436)
-### 17.06.2-ee-5 
+## 17.06.2-ee-5 
 2017-11-02
 #### Important notes about this release
@ -694,7 +694,7 @@ split-brain scenario. [Learn more](https://success.docker.com/article/KB000759).
 * Docker may experience IP exhaustion if many tasks are assigned to a single overlay network, for example if many services are attached to that network or because services on the network are scaled to many replicas. The problem may also manifest when tasks are rescheduled because of node failures. In case of node failure, Docker currently waits 24h to release overlay IP addresses. The problem can be diagnosed by looking for `failed to allocate network IP for task` messages in the Docker logs.
 * SELinux enablement is not supported for containers on IBM Z on RHEL because of missing Red Hat package.
-### 17.06.2-ee-4 
+## 17.06.2-ee-4 
 2017-10-12
 #### Client
@ -713,14 +713,14 @@ split-brain scenario. [Learn more](https://success.docker.com/article/KB000759).
 * Serialize IP allocation [docker/libnetwork#1788](https://github.com/docker/libnetwork/pull/1788)
-### 17.06.2-ee-3 
+## 17.06.2-ee-3 
 2017-09-22
 #### Swarm mode
 - Increase max message size to allow larger snapshots [docker/swarmkit#131](https://github.com/docker/swarmkit/pull/131)
-### 17.06.1-ee-2 
+## 17.06.1-ee-2 
 2017-08-24
 #### Client
@ -740,7 +740,7 @@ split-brain scenario. [Learn more](https://success.docker.com/article/KB000759).
 - Ignore PullOptions for running tasks [#2351](https://github.com/docker/swarmkit/pull/2351)
-### 17.06.1-ee-1 
+## 17.06.1-ee-1 
 2017-08-16
 #### Important notes about this release
@ -1016,7 +1016,7 @@ not reachable until one of these 2 conditions happens:
 As a workaround, send at least a packet out from each container like
 (ping, GARP, etc).
-### Docker EE 17.03.2-ee-8 
+## Docker EE 17.03.2-ee-8 
 2017-12-13
 * Handle cleanup DNS for attachable container to prevent leak in name resolution [docker/libnetwork#1999](https://github.com/docker/libnetwork/pull/1999)
@ -1031,7 +1031,7 @@ As a workaround, send at least a packet out from each container like
 * Don't abort when setting `may_detach_mounts` [moby/moby#35172](https://github.com/moby/moby/pull/35172)
 * Protect health monitor channel to prevent engine panic [moby/moby#35482](https://github.com/moby/moby/pull/35482)
-### Docker EE 17.03.2-ee-7 
+## Docker EE 17.03.2-ee-7 
 2017-10-04
 * Fix logic in network resource reaping to prevent memory leak [docker/libnetwork#1944](https://github.com/docker/libnetwork/pull/1944) [docker/libnetwork#1960](https://github.com/docker/libnetwork/pull/1960)
@ -1250,7 +1250,7 @@ As a workaround, send at least a packet out from each container like
 ## 18.03.1-ce 
 2018-04-26
-### Docker EE 17.03.2-ee-6 
+## Docker EE 17.03.2-ee-6 
 2017-08-24
 * Fix daemon panic on docker image push [moby/moby#33105](https://github.com/moby/moby/pull/33105)
@ -1260,7 +1260,7 @@ As a workaround, send at least a packet out from each container like
 * Lock goroutine to OS thread while changing NS [docker/libnetwork#1911](https://github.com/docker/libnetwork/pull/1911)
 * Ignore PullOptions for running tasks [docker/swarmkit#2351](https://github.com/docker/swarmkit/pull/2351)
-### Docker EE 17.03.2-ee-5 
+## Docker EE 17.03.2-ee-5 
 20 Jul 2017
 * Add more locking to storage drivers [#31136](https://github.com/moby/moby/pull/31136)
@ -1280,7 +1280,7 @@ As a workaround, send at least a packet out from each container like
 * Fix issue where slow/dead `docker logs` clients can block the container [#33897](https://github.com/moby/moby/pull/33897)
 * Fix potential panic on Windows when running as a service [#32244](https://github.com/moby/moby/pull/32244)
-### Docker EE 17.03.2-ee-4 
+## Docker EE 17.03.2-ee-4 
 2017-06-01
 Refer to the [detailed list](https://github.com/moby/moby/releases/tag/v17.03.2-ce) of all changes since the release of Docker EE 17.03.1-ee-3
@ -1288,19 +1288,19 @@ Refer to the [detailed list](https://github.com/moby/moby/releases/tag/v17.03.2-
 **Note**: This release includes a fix for potential data loss under certain
 circumstances with the local (built-in) volume driver.
-### Docker EE 17.03.1-ee-3 
+## Docker EE 17.03.1-ee-3 
 2017-03-30
 * Fix an issue with the SELinux policy for Oracle Linux [#31501](https://github.com/docker/docker/pull/31501)
-### Docker EE 17.03.1-ee-2 
+## Docker EE 17.03.1-ee-2 
 2017-03-28
 * Fix issue with swarm CA timeouts [#2063](https://github.com/docker/swarmkit/pull/2063) [#2064](https://github.com/docker/swarmkit/pull/2064/files)
 Refer to the [detailed list](https://github.com/moby/moby/releases/tag/v17.03.1-ce) of all changes since the release of Docker EE 17.03.0-ee-1
-### Docker EE 17.03.0-ee-1 (2 Mar 2017)
+## Docker EE 17.03.0-ee-1 (2 Mar 2017)
 Initial Docker EE release, based on Docker CE 17.03.0
@ -1308,7 +1308,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 ## Older Docker Engine CE Release notes
-### 18.03.1-ce 
+## 18.03.1-ce 
 2018-04-26
 #### Client
@ -1346,7 +1346,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 * Allow for larger preset property values, do not override [docker/libnetwork#2124](https://github.com/docker/libnetwork/pull/2124)
 * Prevent panics on concurrent reads/writes when calling `changeNodeState` [docker/libnetwork#2136](https://github.com/docker/libnetwork/pull/2136)
-### 18.03.0-ce 
+## 18.03.0-ce 
 2018-03-21
 #### Builder
@ -1464,7 +1464,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 + Add swarm types to bash completion event type filter [docker/cli#888](https://github.com/docker/cli/pull/888)
 - Fix issue where network inspect does not show Created time for networks in swarm scope [moby/moby#36095](https://github.com/moby/moby/pull/36095)
-### 17.12.1-ce 
+## 17.12.1-ce 
 2018-02-27
 #### Client
@ -1505,7 +1505,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 #### Swarm
 * Remove watchMiss from swarm mode [docker/libnetwork#2047](https://github.com/docker/libnetwork/pull/2047)
-### 17.12.0-ce 
+## 17.12.0-ce 
 2017-12-27
 #### Known Issues
@ -1608,7 +1608,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 * Pass Version to engine static builds [docker/docker-ce-packaging#70](https://github.com/docker/docker-ce-packaging/pull/70)
 + Added support for aarch64 on Debian (stretch/jessie) and Ubuntu Zesty or newer [docker/docker-ce-packaging#35](https://github.com/docker/docker-ce-packaging/pull/35)
-### 17.09.1-ce 
+## 17.09.1-ce 
 2017-12-07
 #### Builder
@ -1652,7 +1652,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 - Provide custom gRPC dialer to override default proxy dialer [docker/swarmkit/#2457](https://github.com/docker/swarmkit/pull/2457)
 - Avoids recursive readlock on swarm info [moby/moby#35388](https://github.com/moby/moby/pull/35388)
-### 17.09.0-ce 
+## 17.09.0-ce 
 2017-09-26
 #### Builder
@ -1717,7 +1717,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 + Remove deprecated `--enable-api-cors` daemon flag [moby/moby#34821](https://github.com/moby/moby/pull/34821)
-### 17.06.2-ce 
+## 17.06.2-ce 
 2017-09-05
 #### Client
@ -1733,7 +1733,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 - Ignore PullOptions for running tasks [docker/swarmkit#2351](https://github.com/docker/swarmkit/pull/2351)
-### 17.06.1-ce 
+## 17.06.1-ce 
 2017-08-15
 #### Builder
@ -1789,7 +1789,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 * Cluster update and memory issue fixes [#114](https://github.com/docker/docker-ce/pull/114)
 * Changing get network request to return predefined network in swarm [#150](https://github.com/docker/docker-ce/pull/150)
-### 17.06.0-ce 
+## 17.06.0-ce 
 2017-06-28
 > **Note**: Docker 17.06.0 has an issue in the image builder causing a change in the behavior
@ -1894,7 +1894,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 * Disable legacy registry (v1) by default [#33629](https://github.com/moby/moby/pull/33629)
-### 17.03.2-ce 
+## 17.03.2-ce 
 2017-05-29
 ## 17.03.3-ce 
@ -1927,7 +1927,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 - Fix a case where tasks could get killed unexpectedly [#33118](https://github.com/moby/moby/pull/33118)
 - Fix an issue preventing to deploy services if the registry cannot be reached despite the needed images being locally present [#33117](https://github.com/moby/moby/pull/33117)
-### 17.03.1-ce 
+## 17.03.1-ce 
 2017-03-27
 #### Remote API (v1.27) & Client
@ -1960,7 +1960,7 @@ Initial Docker EE release, based on Docker CE 17.03.0
 * Cleanup HCS on restore [#31503](https://github.com/docker/docker/pull/31503)
-### 17.03.0-ce 
+## 17.03.0-ce 
 2017-03-01
 **IMPORTANT**: Starting with this release, Docker is on a monthly release cycle and uses a
@ -2009,7 +2009,7 @@ Upgrading from Docker 1.13.1 to 17.03.0 is expected to be simple and low-risk.
 ## Edge releases
-### 18.05.0-ce 
+## 18.05.0-ce 
 2018-05-09
 #### Builder
@ -2080,7 +2080,7 @@ Upgrading from Docker 1.13.1 to 17.03.0 is expected to be simple and low-risk.
 * Expose swarmkit's Raft tuning parameters in engine config. [moby/moby#36726](https://github.com/moby/moby/pull/36726)
 * Make internal/test/daemon.Daemon swarm aware. [moby/moby#36826](https://github.com/moby/moby/pull/36826)
-### 18.04.0-ce 
+## 18.04.0-ce 
 2018-04-10
 #### Builder
@ -2162,7 +2162,7 @@ Upgrading from Docker 1.13.1 to 17.03.0 is expected to be simple and low-risk.
 - Fix agent logging race. [docker/swarmkit#2578](https://github.com/docker/swarmkit/pull/2578)
 * Adding logic to restore networks in order. [docker/swarmkit#2571](https://github.com/docker/swarmkit/pull/2571)
-### 18.02.0-ce 
+## 18.02.0-ce 
 2018-02-07
 #### Builder
@ -2228,7 +2228,7 @@ Upgrading from Docker 1.13.1 to 17.03.0 is expected to be simple and low-risk.
 * Update runc to fix hang during start and exec [moby/moby#36097](https://github.com/moby/moby/pull/36097)
 - Fix "--node-generic-resource" singular/plural [moby/moby#36125](https://github.com/moby/moby/pull/36125)
-### 18.01.0-ce 
+## 18.01.0-ce 
 2018-01-10
 #### Builder
@ -2286,7 +2286,7 @@ Upgrading from Docker 1.13.1 to 17.03.0 is expected to be simple and low-risk.
 - Fix published ports not being updated if a service has the same number of host-mode published ports with Published Port 0 [docker/swarmkit#2376](https://github.com/docker/swarmkit/pull/2376)
 * Make the task termination order deterministic [docker/swarmkit#2265](https://github.com/docker/swarmkit/pull/2265)
-### 17.11.0-ce 
+## 17.11.0-ce 
 2017-11-20
 > **Important**: Docker CE 17.11 is the first Docker release based on
@ -2359,7 +2359,7 @@ running, un-managed, on the system.
 + Build packages for Debian 10 (Buster) [docker/docker-ce-packaging#50](https://github.com/docker/docker-ce-packaging/pull/50)
 + Build packages for Ubuntu 17.10 (Artful) [docker/docker-ce-packaging#55](https://github.com/docker/docker-ce-packaging/pull/55)
-### 17.10.0-ce 
+## 17.10.0-ce 
 2017-10-17
 > **Important**: Starting with this release, `docker service create`, `docker service update`,
@ -2409,7 +2409,7 @@ use `--detach` to keep the old behaviour.
 - Do not filter nodes if logdriver is set to `none` [docker/swarmkit#2396](https://github.com/docker/swarmkit/pull/2396)
 + Adding ipam options to ipam driver requests [docker/swarmkit#2324](https://github.com/docker/swarmkit/pull/2324)
-### 17.07.0-ce 
+## 17.07.0-ce 
 2017-08-29
 #### API & Client
@ -2472,7 +2472,7 @@ use `--detach` to keep the old behaviour.
 * Fix error during service creation if a network with the same name exists both as "local" and "swarm" scoped network [docker/cli#184](https://github.com/docker/cli/pull/184)
 * (experimental) Add support for plugins on swarm [moby/moby#33575](https://github.com/moby/moby/pull/33575)
-### 17.05.0-ce 
+## 17.05.0-ce 
 2017-05-04
 #### Builder
@ -2559,7 +2559,7 @@ use `--detach` to keep the old behaviour.
 - Deprecate `--api-enable-cors` daemon flag. This flag was marked deprecated in Docker 1.6.0 but not listed in deprecated features [#32352](https://github.com/docker/docker/pull/32352)
 - Remove Ubuntu 12.04 (Precise Pangolin) as supported platform. Ubuntu 12.04 is EOL, and no longer receives updates [#32520](https://github.com/docker/docker/pull/32520)
-### 17.04.0-ce 
+## 17.04.0-ce 
 2017-04-05
 #### Builder
--- a/get-started/part3.md
+++ b/get-started/part3.md
@ -143,18 +143,28 @@ named it the same as shown in this example, the name is
 `getstartedlab_web`. The service ID is listed as well, along with the number of
 replicas, image name, and exposed ports.
 Alternatively, you can run `docker stack services`, followed by the name of
 your stack. The following example command lets you view all services associated with the
 `getstartedlab` stack:
 ```bash
 docker stack services getstartedlab
 ID                  NAME                MODE                REPLICAS            IMAGE               PORTS
 bqpve1djnk0x        getstartedlab_web   replicated          5/5                 username/repo:tag   *:4000->80/tcp
 ```
 A single container running in a service is called a **task**. Tasks are given unique
 IDs that numerically increment, up to the number of `replicas` you defined in
 `docker-compose.yml`. List the tasks for your service:
-```shell
+```bash
 docker service ps getstartedlab_web
 ```
 Tasks also show up if you just list all the containers on your system, though that
 is not filtered by service:
-```shell
+```bash
 docker container ls -q
 ```
@ -168,6 +178,18 @@ load-balancing; with each request, one of the 5 tasks is chosen, in a
 round-robin fashion, to respond. The container IDs match your output from
 the previous command (`docker container ls -q`).
 To view all tasks of a stack, you can run `docker stack ps` followed by your app name, as shown in the following example:
 ```bash
 docker stack ps getstartedlab
 ID                  NAME                  IMAGE               NODE                DESIRED STATE       CURRENT STATE           ERROR               PORTS
 uwiaw67sc0eh        getstartedlab_web.1   username/repo:tag   docker-desktop      Running             Running 9 minutes ago                       
 sk50xbhmcae7        getstartedlab_web.2   username/repo:tag   docker-desktop      Running             Running 9 minutes ago                       
 c4uuw5i6h02j        getstartedlab_web.3   username/repo:tag   docker-desktop      Running             Running 9 minutes ago                       
 0dyb70ixu25s        getstartedlab_web.4   username/repo:tag   docker-desktop      Running             Running 9 minutes ago                       
 aocrb88ap8b0        getstartedlab_web.5   username/repo:tag   docker-desktop      Running             Running 9 minutes ago
 ```
 > Running Windows 10?
 >
 > Windows 10 PowerShell should already have `curl` available, but if not you can
--- a/reference/ucp/3.1/cli/install.md
+++ b/reference/ucp/3.1/cli/install.md
@ -42,41 +42,42 @@ command.
 | Option                   | Description                                                                                                                                                                                                                               |
 |:-------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | `--debug, D`             | Enable debug mode  |
 | `--jsonlog`              | Produce json formatted output for easier parsing |
 | `--interactive, i`       | Run in interactive mode and prompt for configuration values |
 | `--admin-username`       | The UCP administrator username                             |
 | `--admin-password`       | The UCP administrator password |
-| `--san`                  | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) |   | `--unmanaged-cni`        | This determines who manages the CNI plugin, using `true` or `false`. The default is `false`. The `true` value installs UCP without a managed CNI plugin. UCP and the Kubernetes components will be running but pod to pod networking will not function until a CNI plugin is manually installed. This will impact some functionality of UCP until a CNI plugin is running.         |
+| `--admin-username`       | The UCP administrator username                             |
-| `--host-address`         | The network address to advertise to other nodes. Format: IP address or network interface name |
+| `--binpack`              | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility       |
-| `--data-path-addr`       | Address or interface to use for data path traffic. Format: IP address or network interface name |
+| `--cloud-provider`       | The cloud provider for the cluster 
 | `--controller-port`      | Port for the web UI and API                                                            |
 | `--kube-apiserver-port`  | Port for the Kubernetes API server (default: 6443)                                     |
 | `--swarm-port`           | Port for the Docker Swarm manager. Used for backwards compatibility                    | 
 | `--swarm-grpc-port`      | Port for communication between nodes                                                   | 
 | `--cni-installer-url`    | Deprecated feature. A URL pointing to a Kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin is not installed. If the URL uses the HTTPS scheme, no certificate verification is performed.       |
-| `--unmanaged-cni`        | flag to indicate if cni provider is calico and managed by UCP (calico is the default CNI provider). The default value is "true" when using the default Calico CNI.    |
+| `--controller-port`      | Port for the web UI and API 
-| `--pod-cidr`             | Kubernetes cluster IP pool for the pods to allocated IPs from (Default: `192.168.0.0/16`) |                                                                                                                                                   
+| `--data-path-addr`       | Address or interface to use for data path traffic. Format: IP address or network interface name
-| `--cloud-provider`       | The cloud provider for the cluster                                                     |                                                                                                                                                   
+| `--debug, D`             | Enable debug mode  |
 | `--dns`                  | Set custom DNS servers for the UCP containers                                          |                                                                                                                                                   
 | `--dns-opt`              | Set DNS options for the UCP containers                                                 |                                                                                                                                                   
 | `--dns-search`           | Set custom DNS search domains for the UCP containers                                   |                                                                                                                                                   
 | `--unlock-key`           | The unlock key for this swarm-mode cluster, if one exists.                             |                                                                                                                                                   
 | `--existing-config`      | Use the latest existing UCP config during this installation. The install fails if a config is not found.          |
 | `--force-minimums`       | Force the install/upgrade even if the system doesn't meet the minimum requirements.    |
 | `--pull`                 | Pull UCP images: `always`, when `missing`, or `never`                                  |
 | `--registry-username`    | Username to use when pulling images                                                    |
 | `--registry-password`    | Password to use when pulling images                                                    |
 | `--kv-timeout`           | Timeout in milliseconds for the key-value store                                        |
 | `--kv-snapshot-count`    | Number of changes between key-value store snapshots                                    |
 | `--swarm-experimental`   | Enable Docker Swarm experimental features. Used for backwards compatibility            |
 | `--disable-tracking`     | Disable anonymous tracking and analytics                                               |
 | `--disable-usage`        | Disable anonymous usage reporting                                                      |
-| `--external-server-cert` | Use the certificates in the `ucp-controller-server-certs` volume instead of generating self-signed certs during installation                                                                                           |
+| `--dns`                  | Set custom DNS servers for the UCP containers                                          |                                                                                                                                                   
-| `--preserve-certs`       | Don't generate certificates if they already exist                                      |
+| `--dns-opt`              | Set DNS options for the UCP containers                                                 |                                                                                                                                                   
-| `--binpack`              | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility       |
+| `--dns-search`           | Set custom DNS search domains for the UCP containers                                   |
 | `--random`               | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility        |
 | `--external-service-lb`  | Set the external service load balancer reported in the UI                              |
 | `--enable-profiling`     | Enable performance profiling                                                           |
-| `--license`              | Add a license: e.g.` --license "$(cat license.lic)" `                                  |
+| `--existing-config`      | Use the latest existing UCP config during this installation. The install fails if a config is not found.          |
 | `--external-server-cert` | Use the certificates in the `ucp-controller-server-certs` volume instead of generating self-signed certs during installation                                                                                           |
 | `--external-service-lb`  | Set the external service load balancer reported in the UI                              |
 | `--force-insecure-tcp`   | Force install to continue even with unauthenticated Docker Engine ports                |
 | `--force-minimums`       | Force the install/upgrade even if the system doesn't meet the minimum requirements.    |
 | `--host-address`         | The network address to advertise to other nodes. Format: IP address or network interface name |
 | `--interactive, i`       | Run in interactive mode and prompt for configuration values |
 | `--jsonlog`              | Produce json formatted output for easier parsing |
 | `--kube-apiserver-port`  | Port for the Kubernetes API server (default: 6443)                                     |
 | `--kv-snapshot-count`    | Number of changes between key-value store snapshots                                    |
 | `--kv-timeout`           | Timeout in milliseconds for the key-value store                                        |
 | `--license`              | Add a license: e.g.` --license "$(cat license.lic)" `                                  |
 | `--pod-cidr`             | Kubernetes cluster IP pool for the pods to allocated IPs from (Default: `192.168.0.0/16`) |
 | `--preserve-certs`       | Don't generate certificates if they already exist                                      |
 | `--pull`                 | Pull UCP images: `always`, when `missing`, or `never`                                  |
 | `--random`               | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility        |
 | `--registry-username`    | Username to use when pulling images                                                    |
 | `--registry-password`    | Password to use when pulling images                                                    |
 | `--san`                  | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) |
 | `--skip-cloud-provider`  | Disables checks that rely on detecting the cloud provider (if any) on which the cluster is currently running. | 
 | `--swarm-experimental`   | Enable Docker Swarm experimental features. Used for backwards compatibility            |
 | `--swarm-port`           | Port for the Docker Swarm manager. Used for backwards compatibility                    | 
 | `--swarm-grpc-port`      | Port for communication between nodes                                                   | 
 | `--unlock-key`           | The unlock key for this swarm-mode cluster, if one exists.                             |  
 | `--unmanaged-cni`        |The default value of `false` indicates that Kubernetes networking is managed by UCP with its default managed CNI plugin, Calico. When set to `true`, UCP does not deploy or manage the lifecycle of the default CNI plugin - the CNI plugin is deployed and managed independently of UCP. Note that when `unmanaged-cni=true`, networking in the cluster will not function for Kubernetes until a CNI plugin is deployed.    |