engine/swarm: use "console" for shell examples

This allows for easier copying of the commands, without selecting the prompt. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-06 17:06:20 +02:00 · 2021-08-06 17:06:20 +02:00 · 3b71231970
parent ba54a6519e
commit 3b71231970
20 changed files with 227 additions and 228 deletions
--- a/engine/swarm/admin_guide.md
+++ b/engine/swarm/admin_guide.md
@ -133,8 +133,8 @@ operations like swarm heartbeat or leader elections.
 To avoid interference with manager node operation, you can drain manager nodes
 to make them unavailable as worker nodes:
-```bash
+```console
-docker node update --availability drain <NODE>
+$ docker node update --availability drain <NODE>
 ```
 When you drain a node, the scheduler reassigns any tasks running on the node to
@ -161,8 +161,8 @@ From the command line, run `docker node inspect <id-node>` to query the nodes.
 For instance, to query the reachability of the node as a manager:
 {% raw %}
-```bash
+```console
-docker node inspect manager1 --format "{{ .ManagerStatus.Reachability }}"
+$ docker node inspect manager1 --format "{{ .ManagerStatus.Reachability }}"
 reachable
 ```
 {% endraw %}
@ -170,8 +170,8 @@ reachable
 To query the status of the node as a worker that accept tasks:
 {% raw %}
-```bash
+```console
-docker node inspect manager1 --format "{{ .Status.State }}"
+$ docker node inspect manager1 --format "{{ .Status.State }}"
 ready
 ```
 {% endraw %}
@ -190,9 +190,8 @@ manager:
 Alternatively you can also get an overview of the swarm health from a manager
 node with `docker node ls`:
-```bash
+```console
-
+$ docker node ls
 docker node ls
 ID                           HOSTNAME  MEMBERSHIP  STATUS  AVAILABILITY  MANAGER STATUS
 1mhtdwhvsgr3c26xxbnzdc3yp    node05    Accepted    Ready   Active
 516pacagkqp2xc3fk9t1dhjor    node02    Accepted    Ready   Active        Reachable
@ -301,7 +300,7 @@ restore the data to a new swarm.
    to connect to nodes that were part of the old swarm, and presumably no
    longer exist.
-    ```bash
+    ```console
    $ docker swarm init --force-new-cluster
    ```
@ -350,9 +349,10 @@ except the manager the command was run from. The quorum is achieved because
 there is now only one manager. Promote nodes to be managers until you have the
 desired number of managers.
-```bash
+From the node to recover, run:
-# From the node to recover
+
-docker swarm init --force-new-cluster --advertise-addr node01:2377
+```console
 $ docker swarm init --force-new-cluster --advertise-addr node01:2377
 ```
 When you run the `docker swarm init` command with the `--force-new-cluster`
--- a/engine/swarm/configs.md
+++ b/engine/swarm/configs.md
@ -141,7 +141,7 @@ real-world example, continue to
    input because the last argument, which represents the file to read the
    config from, is set to `-`.
-    ```bash
+    ```console
    $ echo "This is a config" | docker config create my-config -
    ```
@ -149,14 +149,14 @@ real-world example, continue to
    the container can access the config at `/my-config`, but
    you can customize the file name on the container using the `target` option.
-    ```bash
+    ```console
    $ docker service create --name redis --config my-config redis:alpine
    ```
 3.  Verify that the task is running without issues using `docker service ps`. If
    everything is working, the output looks similar to this:
-    ```bash
+    ```console
    $ docker service ps redis
    ID            NAME     IMAGE         NODE              DESIRED STATE  CURRENT STATE          ERROR  PORTS
@ -170,7 +170,7 @@ real-world example, continue to
    how to find the container ID, and the second and third commands use shell
    completion to do this automatically.
-    ```bash
+    ```console
    $ docker ps --filter name=redis -q
    5cb1c2348a59
@ -187,7 +187,7 @@ real-world example, continue to
 5.  Try removing the config. The removal fails because the `redis` service is
    running and has access to the config.
-    ```bash
+    ```console
    $ docker config ls
@ -204,7 +204,7 @@ real-world example, continue to
 6.  Remove access to the config from the running `redis` service by updating the
    service.
-    ```bash
+    ```console
    $ docker service update --config-rm my-config redis
    ```
@ -220,7 +220,7 @@ real-world example, continue to
 8.  Stop and remove the service, and remove the config from Docker.
-    ```bash
+    ```console
    $ docker service rm redis
    $ docker config rm my-config
@ -297,14 +297,14 @@ name as its argument. The template will be rendered when container is created.
 2.  Save the `index.html.tmpl` file as a swarm config named `homepage`. Provide
    parameter `--template-driver` and specify `golang` as template engine.
-    ```bash
+    ```console
    $ docker config create --template-driver golang homepage index.html.tmpl
    ```
 3.  Create a service that runs Nginx and has access to the environment variable
    HELLO and to the config.
-    ```bash
+    ```console
    $ docker service create \
         --name hello-template \
         --env HELLO="Docker" \
@ -316,7 +316,7 @@ name as its argument. The template will be rendered when container is created.
 4.  Verify that the service is operational: you can reach the Nginx server, and
    that the correct output is being served.
-    ```bash
+    ```console
    $ curl http://0.0.0.0:3000
    <html lang="en">
@ -351,13 +351,13 @@ generate the site key and certificate, name the files `site.key` and
 1.  Generate a root key.
-    ```bash
+    ```console
    $ openssl genrsa -out "root-ca.key" 4096
    ```
 2.  Generate a CSR using the root key.
-    ```bash
+    ```console
    $ openssl req \
              -new -key "root-ca.key" \
              -out "root-ca.csr" -sha256 \
@ -377,7 +377,7 @@ generate the site key and certificate, name the files `site.key` and
 4.  Sign the certificate.
-    ```bash
+    ```console
    $ openssl x509 -req -days 3650 -in "root-ca.csr" \
                   -signkey "root-ca.key" -sha256 -out "root-ca.crt" \
                   -extfile "root-ca.cnf" -extensions \
@ -386,13 +386,13 @@ generate the site key and certificate, name the files `site.key` and
 5.  Generate the site key.
-    ```bash
+    ```console
    $ openssl genrsa -out "site.key" 4096
    ```
 6.  Generate the site certificate and sign it with the site key.
-    ```bash
+    ```console
    $ openssl req -new -key "site.key" -out "site.csr" -sha256 \
              -subj '/C=US/ST=CA/L=San Francisco/O=Docker/CN=localhost'
    ```
@ -414,7 +414,7 @@ generate the site key and certificate, name the files `site.key` and
 8.  Sign the site certificate.
-    ```bash
+    ```console
    $ openssl x509 -req -days 750 -in "site.csr" -sha256 \
        -CA "root-ca.crt" -CAkey "root-ca.key" -CAcreateserial \
        -out "site.crt" -extfile "site.cnf" -extensions server
@ -452,7 +452,7 @@ generate the site key and certificate, name the files `site.key` and
    to decouple the key and certificate from the services that use them.
    In these examples, the secret name and the file name are the same.
-    ```bash
+    ```console
    $ docker secret create site.key site.key
    $ docker secret create site.crt site.crt
@ -461,13 +461,13 @@ generate the site key and certificate, name the files `site.key` and
 3.  Save the `site.conf` file in a Docker config. The first parameter is the
    name of the config, and the second parameter is the file to read it from.
-    ```bash
+    ```console
    $ docker config create site.conf site.conf
    ```
    List the configs:
-    ```bash
+    ```console
    $ docker config ls
    ID                          NAME                CREATED             UPDATED
@ -479,7 +479,7 @@ generate the site key and certificate, name the files `site.key` and
    config. Set the mode to `0440` so that the file is only readable by its
    owner and that owner's group, not the world.
-    ```bash
+    ```console
    $ docker service create \
         --name nginx \
         --secret site.key \
@ -498,7 +498,7 @@ generate the site key and certificate, name the files `site.key` and
 5.  Verify that the Nginx service is running.
-    ```bash
+    ```console
    $ docker service ls
    ID            NAME   MODE        REPLICAS  IMAGE
@ -513,7 +513,7 @@ generate the site key and certificate, name the files `site.key` and
 6.  Verify that the service is operational: you can reach the Nginx
    server, and that the correct TLS certificate is being used.
-    ```bash
+    ```console
    $ curl --cacert root-ca.crt https://0.0.0.0:3000
    <!DOCTYPE html>
@ -543,7 +543,7 @@ generate the site key and certificate, name the files `site.key` and
    </html>
    ```
-    ```bash
+    ```console
    $ openssl s_client -connect 0.0.0.0:3000 -CAfile root-ca.crt
    CONNECTED(00000003)
@ -588,7 +588,7 @@ generate the site key and certificate, name the files `site.key` and
    this example by removing the `nginx` service and the stored secrets and
    config.
-    ```bash
+    ```console
    $ docker service rm nginx
    $ docker secret rm site.crt site.key
@ -633,7 +633,7 @@ configuration file.
 3.  Update the `nginx` service to use the new config instead of the old one.
-    ```bash
+    ```console
    $ docker service update \
      --config-rm site.conf \
      --config-add source=site-v2.conf,target=/etc/nginx/conf.d/site.conf,mode=0440 \
@ -644,14 +644,14 @@ configuration file.
    `docker service ps nginx`. When it is, you can remove the old `site.conf`
    config.
-    ```bash
+    ```console
    $ docker config rm site.conf
    ```
 5.  To clean up, you can remove the `nginx` service, as well as the secrets and
    configs.
-    ```bash
+    ```console
    $ docker service rm nginx
    $ docker secret rm site.crt site.key
--- a/engine/swarm/how-swarm-mode-works/swarm-task-states.md
+++ b/engine/swarm/how-swarm-mode-works/swarm-task-states.md
@ -48,7 +48,7 @@ Run `docker service ps <service-name>` to get the state of a task. The
 `CURRENT STATE` field shows the task's state and how long it's been
 there.
-```bash
+```console
 $ docker service ps webserver
 ID             NAME              IMAGE    NODE        DESIRED STATE  CURRENT STATE            ERROR                              PORTS
 owsz0yp6z375   webserver.1       nginx    UbuntuVM    Running        Running 44 seconds ago
--- a/engine/swarm/ingress.md
+++ b/engine/swarm/ingress.md
@ -31,7 +31,7 @@ specify the port to bind on the routing mesh. If you leave off the `published`
 port, a random high-numbered port is bound for each service task. You
 need to inspect the task to determine the port.
-```bash
+```console
 $ docker service create \
  --name <SERVICE-NAME> \
  --publish published=<PUBLISHED-PORT>,target=<CONTAINER-PORT> \
@ -51,7 +51,7 @@ is required.
 For example, the following command publishes port 80 in the nginx container to
 port 8080 for any node in the swarm:
-```bash
+```console
 $ docker service create \
  --name my-web \
  --publish published=8080,target=80 \
@ -73,7 +73,7 @@ within the host.
 You can publish a port for an existing service using the following command:
-```bash
+```console
 $ docker service update \
  --publish-add published=<PUBLISHED-PORT>,target=<CONTAINER-PORT> \
  <SERVICE>
@ -83,7 +83,7 @@ You can use `docker service inspect` to view the service's published port. For
 instance:
 {% raw %}
-```bash
+```console
 $ docker service inspect --format="{{json .Endpoint.Spec.Ports}}" my-web
 [{"Protocol":"tcp","TargetPort":80,"PublishedPort":8080}]
@ -105,7 +105,7 @@ set the `protocol` key to either `tcp` or `udp`.
 **Long syntax:**
-```bash
+```console
 $ docker service create --name dns-cache \
  --publish published=53,target=53 \
  dns-cache
@ -113,7 +113,7 @@ $ docker service create --name dns-cache \
 **Short syntax:**
-```bash
+```console
 $ docker service create --name dns-cache \
  -p 53:53 \
  dns-cache
@ -123,7 +123,7 @@ $ docker service create --name dns-cache \
 **Long syntax:**
-```bash
+```console
 $ docker service create --name dns-cache \
  --publish published=53,target=53 \
  --publish published=53,target=53,protocol=udp \
@ -132,7 +132,7 @@ $ docker service create --name dns-cache \
 **Short syntax:**
-```bash
+```console
 $ docker service create --name dns-cache \
  -p 53:53 \
  -p 53:53/udp \
@ -143,7 +143,7 @@ $ docker service create --name dns-cache \
 **Long syntax:**
-```bash
+```console
 $ docker service create --name dns-cache \
  --publish published=53,target=53,protocol=udp \
  dns-cache
@ -151,7 +151,7 @@ $ docker service create --name dns-cache \
 **Short syntax:**
-```bash
+```console
 $ docker service create --name dns-cache \
  -p 53:53/udp \
  dns-cache
@ -180,7 +180,7 @@ set `mode` to `host`. If you omit the `mode` key or set it to `ingress`, the
 routing mesh is used. The following command creates a global service using
 `host` mode and bypassing the routing mesh.
-```bash
+```console
 $ docker service create --name dns-cache \
  --publish published=53,target=53,protocol=udp,mode=host \
  --mode global \
--- a/engine/swarm/join-nodes.md
+++ b/engine/swarm/join-nodes.md
@ -28,7 +28,7 @@ to [Run Docker Engine in swarm mode](swarm-mode.md#view-the-join-command-or-upda
 To retrieve the join command including the join token for worker nodes, run the
 following command on a manager node:
-```bash
+```console
 $ docker swarm join-token worker
 To add a worker to this swarm, run the following command:
@ -40,7 +40,7 @@ To add a worker to this swarm, run the following command:
 Run the command from the output on the worker to join the swarm:
-```bash
+```console
 $ docker swarm join \
  --token SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2e7c \
  192.168.99.100:2377
@ -76,7 +76,7 @@ For more detail about swarm managers and administering a swarm, see
 To retrieve the join command including the join token for manager nodes, run the
 following command on a manager node:
-```bash
+```console
 $ docker swarm join-token manager
 To add a manager to this swarm, run the following command:
@ -88,7 +88,7 @@ To add a manager to this swarm, run the following command:
 Run the command from the output on the new manager node to join it to the swarm:
-```bash
+```console
 $ docker swarm join \
  --token SWMTKN-1-61ztec5kyafptydic6jfc1i33t37flcl4nuipzcusor96k7kby-5vy9t8u35tuqm7vh67lrz9xp6 \
  192.168.99.100:2377
--- a/engine/swarm/manage-nodes.md
+++ b/engine/swarm/manage-nodes.md
@ -15,7 +15,7 @@ As part of the swarm management lifecycle, you may need to view or update a node
 To view a list of nodes in the swarm run `docker node ls` from a manager node:
-```bash
+```console
 $ docker node ls
 ID                           HOSTNAME  STATUS  AVAILABILITY  MANAGER STATUS
@ -58,7 +58,7 @@ You can run `docker node inspect <NODE-ID>` on a manager node to view the
 details for an individual node. The output defaults to JSON format, but you can
 pass the `--pretty` flag to print the results in human-readable format. For example:
-```bash
+```console
 $ docker node inspect self --pretty
 ID:                     ehkv3bcimagdese79dn78otj5
@ -103,7 +103,7 @@ Changing node availability lets you:
 For example, to change a manager node to `Drain` availability:
-```bash
+```console
 $ docker node update --availability drain node-1
 node-1
@ -124,7 +124,7 @@ pair.
 Pass the `--label-add` flag once for each node label you want to add:
-```bash
+```console
 $ docker node update --label-add foo --label-add bar=baz node-1
 node-1
@ -164,7 +164,7 @@ maintenance. Similarly, you can demote a manager node to the worker role.
 To promote a node or set of nodes, run `docker node promote` from a manager
 node:
-```bash
+```console
 $ docker node promote node-3 node-2
 Node node-3 promoted to a manager in the swarm.
@ -173,7 +173,7 @@ Node node-2 promoted to a manager in the swarm.
 To demote a node or set of nodes, run `docker node demote` from a manager node:
-```bash
+```console
 $ docker node demote node-3 node-2
 Manager node-3 demoted in the swarm.
@ -210,7 +210,7 @@ Run the `docker swarm leave` command on a node to remove it from the swarm.
 For example to leave the swarm on a worker node:
-```bash
+```console
 $ docker swarm leave
 Node left the swarm.
@ -232,7 +232,7 @@ manager node to remove the node from the node list.
 For instance:
-```bash
+```console
 $ docker node rm node-2
 ```
--- a/engine/swarm/networking.md
+++ b/engine/swarm/networking.md
@ -60,7 +60,7 @@ each other over the following ports:
 To create an overlay network, specify the `overlay` driver when using the
 `docker network create` command:
-```bash
+```console
 $ docker network create \
  --driver overlay \
  my-network
@ -73,7 +73,7 @@ subnet and uses default options. You can see information about the network using
 When no containers are connected to the overlay network, its configuration is
 not very exciting:
-```bash
+```console
 $ docker network inspect my-network
 [
    {
@ -110,7 +110,7 @@ connects to the network for the first time. The following example shows
 the same network as above, but with three containers of a `redis` service
 connected to it.
-```bash
+```console
 $ docker network inspect my-network
 [
    {
@ -184,7 +184,7 @@ the first service is connected to the network. You can configure these when
 creating a network using the `--subnet` and `--gateway` flags. The following
 example extends the previous one by configuring the subnet and gateway.
-```bash
+```console
 $ docker network create \
  --driver overlay \
  --subnet 10.0.9.0/24 \
@ -198,7 +198,7 @@ To customize subnet allocation for your Swarm networks, you can [optionally conf
 For example, the following command is used when initializing Swarm:
-```bash
+```console
 $ docker swarm init --default-addr-pool 10.20.0.0/16 --default-addr-pool-mask-length 26`
 ```
@ -237,7 +237,7 @@ option before using it in production.
 To attach a service to an existing overlay network, pass the `--network` flag to
 `docker service create`, or the `--network-add` flag to `docker service update`.
-```bash
+```console
 $ docker service create \
  --replicas 3 \
  --name my-web \
@ -310,7 +310,7 @@ services which publish ports, such as a WordPress service which publishes port
 2.  Remove the existing `ingress` network:
-    ```bash
+    ```console
    $ docker network rm ingress
    WARNING! Before removing the routing-mesh network, make sure all the nodes
@ -324,7 +324,7 @@ services which publish ports, such as a WordPress service which publishes port
    custom options you want to set. This example sets the MTU to 1200, sets
    the subnet to `10.11.0.0/16`, and sets the gateway to `10.11.0.2`.
-    ```bash
+    ```console
    $ docker network create \
      --driver overlay \
      --ingress \
@ -365,7 +365,7 @@ order to delete an existing bridge. The package name is `bridge-utils`.
    This example uses the subnet `10.11.0.0/16`. For a full list of customizable
    options, see [Bridge driver options](../reference/commandline/network_create.md#bridge-driver-options).
-    ```bash
+    ```console
    $ docker network create \
    --subnet 10.11.0.0/16 \
    --opt com.docker.network.bridge.name=docker_gwbridge \
@ -396,14 +396,14 @@ that your Docker host has two different network interfaces: 10.0.0.1 should be
 used for control and management traffic and 192.168.0.1 should be used for
 traffic relating to services.
-```bash
+```console
 $ docker swarm init --advertise-addr 10.0.0.1 --data-path-addr 192.168.0.1
 ```
 This example joins the swarm managed by host `192.168.99.100:2377` and sets the
 `--advertise-addr` flag to `eth0` and the `--data-path-addr` flag to `eth1`.
-```bash
+```console
 $ docker swarm join \
  --token SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2d7c \
  --advertise-addr eth0 \
--- a/engine/swarm/secrets.md
+++ b/engine/swarm/secrets.md
@ -149,7 +149,7 @@ real-world example, continue to
    input because the last argument, which represents the file to read the
    secret from, is set to `-`.
-    ```bash
+    ```console
    $ printf "This is a secret" | docker secret create my_secret_data -
    ```
@ -157,14 +157,14 @@ real-world example, continue to
    the container can access the secret at `/run/secrets/<secret_name>`, but
    you can customize the file name on the container using the `target` option.
-    ```bash
+    ```console
    $ docker service  create --name redis --secret my_secret_data redis:alpine
    ```
 3.  Verify that the task is running without issues using `docker service ps`. If
    everything is working, the output looks similar to this:
-    ```bash
+    ```console
    $ docker service ps redis
    ID            NAME     IMAGE         NODE              DESIRED STATE  CURRENT STATE          ERROR  PORTS
@ -174,7 +174,7 @@ real-world example, continue to
    If there were an error, and the task were failing and repeatedly restarting,
    you would see something like this:
-    ```bash
+    ```console
    $ docker service ps redis
    NAME                      IMAGE         NODE  DESIRED STATE  CURRENT STATE          ERROR                      PORTS
@ -192,7 +192,7 @@ real-world example, continue to
    how to find the container ID, and the second and third commands use shell
    completion to do this automatically.
-    ```bash
+    ```console
    $ docker ps --filter name=redis -q
    5cb1c2348a59
@ -220,8 +220,7 @@ real-world example, continue to
 6.  Try removing the secret. The removal fails because the `redis` service is
    running and has access to the secret.
-    ```bash
+    ```console
    $ docker secret ls
    ID                          NAME                CREATED             UPDATED
@ -237,7 +236,7 @@ real-world example, continue to
 7.  Remove access to the secret from the running `redis` service by updating the
    service.
-    ```bash
+    ```console
    $ docker service update --secret-rm my_secret_data redis
    ```
@ -253,7 +252,7 @@ real-world example, continue to
 7.  Stop and remove the service, and remove the secret from Docker.
-    ```bash
+    ```console
    $ docker service rm redis
    $ docker secret rm my_secret_data
@ -336,13 +335,13 @@ generate the site key and certificate, name the files `site.key` and
 1.  Generate a root key.
-    ```bash
+    ```console
    $ openssl genrsa -out "root-ca.key" 4096
    ```
 2.  Generate a CSR using the root key.
-    ```bash
+    ```console
    $ openssl req \
              -new -key "root-ca.key" \
              -out "root-ca.csr" -sha256 \
@ -362,7 +361,7 @@ generate the site key and certificate, name the files `site.key` and
 4.  Sign the certificate.
-    ```bash
+    ```console
    $ openssl x509 -req  -days 3650  -in "root-ca.csr" \
                   -signkey "root-ca.key" -sha256 -out "root-ca.crt" \
                   -extfile "root-ca.cnf" -extensions \
@ -371,13 +370,13 @@ generate the site key and certificate, name the files `site.key` and
 5.  Generate the site key.
-    ```bash
+    ```console
    $ openssl genrsa -out "site.key" 4096
    ```
 6.  Generate the site certificate and sign it with the site key.
-    ```bash
+    ```console
    $ openssl req -new -key "site.key" -out "site.csr" -sha256 \
              -subj '/C=US/ST=CA/L=San Francisco/O=Docker/CN=localhost'
    ```
@ -399,7 +398,7 @@ generate the site key and certificate, name the files `site.key` and
 8.  Sign the site certificate.
-    ```bash
+    ```console
    $ openssl x509 -req -days 750 -in "site.csr" -sha256 \
        -CA "root-ca.crt" -CAkey "root-ca.key"  -CAcreateserial \
        -out "site.crt" -extfile "site.cnf" -extensions server
@ -440,7 +439,7 @@ generate the site key and certificate, name the files `site.key` and
    secret from on the host machine's filesystem. In these examples, the secret
    name and the file name are the same.
-    ```bash
+    ```console
    $ docker secret create site.key site.key
    $ docker secret create site.crt site.crt
@ -448,7 +447,7 @@ generate the site key and certificate, name the files `site.key` and
    $ docker secret create site.conf site.conf
    ```
-    ```bash
+    ```console
    $ docker secret ls
    ID                          NAME                  CREATED             UPDATED
@ -474,7 +473,7 @@ generate the site key and certificate, name the files `site.key` and
    secret available in a different path. The example below creates a symbolic
    link to the true location of the `site.conf` file so that Nginx can read it:
-    ```bash
+    ```console
    $ docker service create \
         --name nginx \
         --secret site.key \
@ -490,7 +489,7 @@ generate the site key and certificate, name the files `site.key` and
    secret is made available at `/etc/nginx/conf.d/site.conf` inside the container
    without the use of symbolic links:
-    ```bash
+    ```console
    $ docker service create \
         --name nginx \
         --secret site.key \
@ -512,7 +511,7 @@ generate the site key and certificate, name the files `site.key` and
 5.  Verify that the Nginx service is running.
-    ```bash
+    ```console
    $ docker service ls
    ID            NAME   MODE        REPLICAS  IMAGE
@ -527,7 +526,7 @@ generate the site key and certificate, name the files `site.key` and
 6.  Verify that the service is operational: you can reach the Nginx
    server, and that the correct TLS certificate is being used.
-    ```bash
+    ```console
    $ curl --cacert root-ca.crt https://localhost:3000
    <!DOCTYPE html>
@ -557,7 +556,7 @@ generate the site key and certificate, name the files `site.key` and
    </html>
    ```
-    ```bash
+    ```console
    $ openssl s_client -connect localhost:3000 -CAfile root-ca.crt
    CONNECTED(00000003)
@ -601,7 +600,7 @@ generate the site key and certificate, name the files `site.key` and
 7.  To clean up after running this example, remove the `nginx` service and the
    stored secrets.
-    ```bash
+    ```console
    $ docker service rm nginx
    $ docker secret rm site.crt site.key site.conf
@ -647,7 +646,7 @@ line.
    The last argument is set to `-`, which indicates that the input is read from
    standard input.
-    ```bash
+    ```console
    $ openssl rand -base64 20 | docker secret create mysql_password -
    l1vinzevzhj4goakjap5ya409
@ -660,13 +659,13 @@ line.
    shared with the WordPress service created later. It's only needed to
    bootstrap the `mysql` service.
-    ```bash
+    ```console
    $ openssl rand -base64 20 | docker secret create mysql_root_password -
    ```
    List the secrets managed by Docker using `docker secret ls`:
-    ```bash
+    ```console
    $ docker secret ls
    ID                          NAME                  CREATED             UPDATED
@ -680,7 +679,7 @@ line.
    between the MySQL and WordPress services. There is no need to expose the
    MySQL service to any external host or container.
-    ```bash
+    ```console
    $ docker network create -d overlay mysql_private
    ```
@ -711,7 +710,7 @@ line.
      user cannot create or drop databases or change the MySQL
      configuration.
-      ```bash
+      ```console
      $ docker service create \
           --name mysql \
           --replicas 1 \
@ -728,7 +727,7 @@ line.
 4.  Verify that the `mysql` container is running using the `docker service ls` command.
-    ```bash
+    ```console
    $ docker service ls
    ID            NAME   MODE        REPLICAS  IMAGE
@ -768,7 +767,7 @@ line.
    - Stores its data, such as themes and plugins, in a volume called `wpdata`
      so these files  persist when the service restarts.
-    ```bash
+    ```console
    $ docker service create \
         --name wordpress \
         --replicas 1 \
@ -786,7 +785,7 @@ line.
 6.  Verify the service is running using `docker service ls` and
    `docker service ps` commands.
-    ```bash
+    ```console
    $ docker service ls
    ID            NAME       MODE        REPLICAS  IMAGE
@ -794,7 +793,7 @@ line.
    nzt5xzae4n62  wordpress  replicated  1/1       wordpress:latest
    ```
-    ```bash
+    ```console
    $ docker service ps wordpress
    ID            NAME         IMAGE             NODE  DESIRED STATE  CURRENT STATE           ERROR  PORTS
@ -836,7 +835,7 @@ use it, then remove the old secret.
 1.  Create the new password and store it as a secret named `mysql_password_v2`.
-    ```bash
+    ```console
    $ openssl rand -base64 20 | docker secret create mysql_password_v2 -
    ```
@ -844,7 +843,7 @@ use it, then remove the old secret.
    Remember that you cannot update or rename a secret, but you can revoke a
    secret and grant access to it using a new target filename.
-    ```bash
+    ```console
    $ docker service update \
         --secret-rm mysql_password mysql
@ -874,7 +873,7 @@ use it, then remove the old secret.
    First, find the ID of the `mysql` container task.
-    ```bash
+    ```console
    $ docker ps --filter name=mysql -q
    c7705cf6176f
@ -883,14 +882,14 @@ use it, then remove the old secret.
    Substitute the ID in the command below, or use the second variant which
    uses shell expansion to do it all in a single step.
-    ```bash
+    ```console
    $ docker container exec <CONTAINER_ID> \
        bash -c 'mysqladmin --user=wordpress --password="$(< /run/secrets/old_mysql_password)" password "$(< /run/secrets/mysql_password)"'
    ```
    **or**:
-    ```bash
+    ```console
    $ docker container exec $(docker ps --filter name=mysql -q) \
        bash -c 'mysqladmin --user=wordpress --password="$(< /run/secrets/old_mysql_password)" password "$(< /run/secrets/mysql_password)"'
    ```
@ -900,7 +899,7 @@ use it, then remove the old secret.
    `0400`.  This triggers a rolling restart of the WordPress service and
    the new secret is used.
-    ```bash
+    ```console
    $ docker service update \
         --secret-rm mysql_password \
         --secret-add source=mysql_password_v2,target=wp_db_password,mode=0400 \
@ -917,8 +916,7 @@ use it, then remove the old secret.
 6.  Revoke access to the old secret from the MySQL service and
    remove the old secret from Docker.
-    ```bash
+    ```console
    $ docker service update \
         --secret-rm mysql_password \
         mysql
@ -932,7 +930,7 @@ use it, then remove the old secret.
    WordPress service, the MySQL container, the `mydata` and `wpdata` volumes,
    and the Docker secrets.
-    ```bash
+    ```console
    $ docker service rm wordpress mysql
    $ docker volume rm mydata wpdata
--- a/engine/swarm/services.md
+++ b/engine/swarm/services.md
@ -29,14 +29,14 @@ to supply the image name. This command starts an Nginx service with a
 randomly-generated name and no published ports. This is a naive example, since
 you can't interact with the Nginx service.
-```bash
+```console
 $ docker service create nginx
 ```
 The service is scheduled on an available node. To confirm that the service
 was created and started successfully, use the `docker service ls` command:
-```bash
+```console
 $ docker service ls
 ID                  NAME                MODE                REPLICAS            IMAGE                                                                                             PORTS
@ -51,7 +51,7 @@ information.
 To provide a name for your service, use the `--name` flag:
-```bash
+```console
 $ docker service create --name my_web nginx
 ```
@ -60,14 +60,14 @@ service's containers should run, by adding it after the image name. This example
 starts a service called `helloworld` which uses an `alpine` image and runs the
 command `ping docker.com`:
-```bash
+```console
 $ docker service create --name helloworld alpine ping docker.com
 ```
 You can also specify an image tag for the service to use. This example modifies
 the previous one to use the `alpine:3.6` tag:
-```bash
+```console
 $ docker service create --name helloworld alpine:3.6 ping docker.com
 ```
@ -83,14 +83,14 @@ The following example assumes a gMSA and its credential spec (called credspec.js
 To use a Config as a credential spec, first create the Docker Config containing the credential spec:
-```bash
+```console
-docker config create credspec credspec.json
+$ docker config create credspec credspec.json
 ```
 Now, you should have a Docker Config named credspec, and you can create a service using this credential spec. To do so, use the --credential-spec flag with the config name, like this:
-```bash
+```console
-docker service create --credential-spec="config://credspec" <your image>
+$ docker service create --credential-spec="config://credspec" <your image>
 ```
 Your service will use the gMSA credential spec when it starts, but unlike a typical Docker Config (used by passing the --config flag), the credential spec will not be mounted into the container.
@ -102,7 +102,7 @@ If your image is available on a private registry which requires login, use the
 your image is stored on `registry.example.com`, which is a private registry, use
 a command like the following:
-```bash
+```console
 $ docker login registry.example.com
 $ docker service  create \
@ -167,13 +167,13 @@ was previously published.
 Assuming that the `my_web` service from the previous section still exists, use
 the following command to update it to publish port 80.
-```bash
+```console
 $ docker service update --publish-add 80 my_web
 ```
 To verify that it worked, use `docker service ls`:
-```bash
+```console
 $ docker service ls
 ID                  NAME                MODE                REPLICAS            IMAGE                                                                                             PORTS
@ -193,7 +193,7 @@ To remove a service, use the `docker service remove` command. You can remove a
 service by its ID or name, as shown in the output of the `docker service ls`
 command. The following command removes the `my_web` service.
-```bash
+```console
 $ docker service remove my_web
 ```
@ -222,7 +222,7 @@ The following service's containers have an environment variable `$MYVAR`
 set to `myvalue`, run from the `/tmp/` directory, and run as the
 `my_user` user.
-```bash
+```console
 $ docker service create --name helloworld \
  --env MYVAR=myvalue \
  --workdir /tmp \
@ -237,7 +237,7 @@ The following example updates an existing service called `helloworld` so that
 it runs the command `ping docker.com` instead of whatever command it was running
 before:
-```bash
+```console
 $ docker service update --args "ping docker.com" helloworld
 ```
@ -255,7 +255,7 @@ An image version can be expressed in several different ways:
  When the request to create a container task is received on a worker node, the
  worker node only sees the digest, not the tag.
-  ```bash
+  ```console
  $ docker service create --name="myservice" ubuntu:16.04
  ```
@ -274,7 +274,7 @@ An image version can be expressed in several different ways:
  Thus, the following two commands are equivalent:
-  ```bash
+  ```console
  $ docker service create --name="myservice" ubuntu
  $ docker service create --name="myservice" ubuntu:latest
@ -283,7 +283,7 @@ An image version can be expressed in several different ways:
 - If you specify a digest directly, that exact version of the image is always
  used when creating service tasks.
-  ```bash
+  ```console
  $ docker service create \
      --name="myservice" \
      ubuntu:16.04@sha256:35bc48a1ca97c3971611dc4662d08d131869daa692acb281c7e9e052924e38b1
@ -318,7 +318,7 @@ To see an image's current digest, issue the command
 following is the current digest for `ubuntu:latest` at the time this content
 was written. The output is truncated for clarity.
-```bash
+```console
 $ docker inspect ubuntu:latest
 ```
@ -426,7 +426,7 @@ more details about swarm service networking, see
 Imagine that you have a 10-node swarm, and you deploy an Nginx service running
 three tasks on a 10-node swarm:
-```bash
+```console
 $ docker service create --name my_web \
                        --replicas 3 \
                        --publish published=8080,target=80 \
@ -442,7 +442,7 @@ host, substitute the host's IP address or resolvable host name.
 The HTML output is truncated:
-```bash
+```console
 $ curl localhost:8080
 <!DOCTYPE html>
@ -483,7 +483,7 @@ web page for (effectively) **a random swarm node** running the service.
 The following example runs nginx as a service on each node in your swarm and
 exposes nginx port locally on each swarm node.
-```bash
+```console
 $ docker service create \
  --mode global \
  --publish mode=host,target=80,published=8080 \
@ -506,7 +506,7 @@ You can use overlay networks to connect one or more services within the swarm.
 First, create overlay network on a manager node using the `docker network create`
 command with the `--driver overlay` flag.
-```bash
+```console
 $ docker network create --driver overlay my-network
 ```
@ -516,7 +516,7 @@ to the network.
 You can create a new service and pass the `--network` flag to attach the service
 to the overlay network:
-```bash
+```console
 $ docker service create \
  --replicas 3 \
  --network my-network \
@ -529,13 +529,13 @@ The swarm extends `my-network` to each node running the service.
 You can also connect an existing service to an overlay network using the
 `--network-add` flag.
-```bash
+```console
 $ docker service update --network-add my-network my-web
 ```
 To disconnect a running service from a network, use the `--network-rm` flag.
-```bash
+```console
 $ docker service update --network-rm my-network my-web
 ```
@ -627,7 +627,7 @@ mode, the service defaults to `replicated`. For replicated services, you specify
 the number of replica tasks you want to start using the `--replicas` flag. For
 example, to start a replicated nginx service with 3 replica tasks:
-```bash
+```console
 $ docker service create \
  --name my_web \
  --replicas 3 \
@ -639,7 +639,7 @@ To start a global service on each available node, pass `--mode global` to
 places a task for the global service on the new node. For example to start a
 service that runs alpine on every node in the swarm:
-```bash
+```console
 $ docker service create \
  --name myservice \
  --mode global \
@ -684,7 +684,7 @@ services run on the same node, or each node only runs one replica, or that some
 nodes don't run any replicas. For global services, the service runs on every
 node that meets the placement constraint and any [resource requirements](#reserve-memory-or-cpus-for-a-service).
-```bash
+```console
 $ docker service create \
  --name my-nginx \
  --replicas 5 \
@ -699,7 +699,7 @@ If you specify multiple placement constraints, the service only deploys onto
 nodes where they are all met. The following example limits the service to run on
 all nodes where `region` is set to `east` and `type` is not set to `devel`:
-```bash
+```console
 $ docker service create \
  --name my-nginx \
  --mode global \
@ -735,7 +735,7 @@ based on the value of the `datacenter` label. If some nodes have
 `datacenter=us-east` and others have `datacenter=us-west`, the service is
 deployed as evenly as possible across the two sets of nodes.
-```bash
+```console
 $ docker service create \
  --replicas 9 \
  --name redis_2 \
@ -758,7 +758,7 @@ order they are encountered. The following example sets up a service with
 multiple placement preferences. Tasks are spread first over the various
 datacenters, and then over racks (as indicated by the respective labels):
-```bash
+```console
 $ docker service create \
  --replicas 9 \
  --name redis_2 \
@ -807,7 +807,7 @@ In the example service below, the scheduler applies updates to a maximum of 2
 replicas at a time. When an updated task returns either `RUNNING` or `FAILED`,
 the scheduler waits 10 seconds before stopping the next task to update:
-```bash
+```console
 $ docker service create \
  --replicas 10 \
  --name my_web \
@ -840,7 +840,7 @@ to the configuration that was in place before the most recent
 Other options can be combined with `--rollback`; for example,
 `--update-delay 0s` to execute the rollback without a delay between tasks:
-```bash
+```console
 $ docker service update \
  --rollback \
  --update-delay 0s
@ -876,7 +876,7 @@ parallel. Tasks are monitored for 20 seconds after rollback to be sure they do
 not exit, and a maximum failure ratio of 20% is tolerated. Default values are
 used for `--rollback-delay` and `--rollback-failure-action`.
-```bash
+```console
 $ docker service create --name=my_redis \
                        --replicas=5 \
                        --rollback-parallelism=2 \
@ -908,7 +908,7 @@ created automatically according to the volume specification on the service.
 To use existing data volumes with a service use the `--mount` flag:
-```bash
+```console
 $ docker service create \
  --mount src=<VOLUME-NAME>,dst=<CONTAINER-PATH> \
  --name myservice \
@ -920,7 +920,7 @@ scheduled to a particular host, then one is created. The default volume
 driver is `local`.  To use a different volume driver with this create-on-demand
 pattern, specify the driver and its options with the `--mount` flag:
-```bash
+```console
 $ docker service create \
  --mount type=volume,src=<VOLUME-NAME>,dst=<CONTAINER-PATH>,volume-driver=<DRIVER>,volume-opt=<KEY0>=<VALUE0>,volume-opt=<KEY1>=<VALUE1>
  --name myservice \
@ -942,7 +942,7 @@ The following examples show bind mount syntax:
 - To mount a read-write bind:
-  ```bash
+  ```console
  $ docker service create \
    --mount type=bind,src=<HOST-PATH>,dst=<CONTAINER-PATH> \
    --name myservice \
@ -951,7 +951,7 @@ The following examples show bind mount syntax:
 - To mount a read-only bind:
-  ```bash
+  ```console
  $ docker service create \
    --mount type=bind,src=<HOST-PATH>,dst=<CONTAINER-PATH>,readonly \
    --name myservice \
@ -1005,7 +1005,7 @@ This example sets the template of the created containers based on the
 service's name and the ID of the node where the container is running:
 {% raw %}
-```bash
+```console
 $ docker service create --name hosttempl \
                        --hostname="{{.Node.ID}}-{{.Service.Name}}"\
                         busybox top
@ -1015,7 +1015,7 @@ $ docker service create --name hosttempl \
 To see the result of using the template, use the `docker service ps` and
 `docker inspect` commands.
-```bash
+```console
 $ docker service ps va8ew30grofhjoychbr6iot8c
 ID            NAME         IMAGE                                                                                   NODE          DESIRED STATE  CURRENT STATE               ERROR  PORTS
@ -1023,7 +1023,7 @@ wo41w8hg8qan  hosttempl.1  busybox:latest@sha256:29f5d56d12684887bdfa50dcd29fc31
 ```
 {% raw %}
-```bash
+```console
 $ docker inspect --format="{{.Config.Hostname}}" hosttempl.1.wo41w8hg8qanxwjwsg4kxpprj
 ```
 {% endraw %}
--- a/engine/swarm/stack-deploy.md
+++ b/engine/swarm/stack-deploy.md
@ -39,13 +39,13 @@ a throwaway registry, which you can discard afterward.
 1.  Start the registry as a service on your swarm:
-    ```bash
+    ```console
    $ docker service create --name registry --publish published=5000,target=5000 registry:2
    ```
 2.  Check its status with `docker service ls`:
-    ```bash
+    ```console
    $ docker service ls
    ID            NAME      REPLICAS  IMAGE                                                                               COMMAND
@ -57,7 +57,7 @@ a throwaway registry, which you can discard afterward.
 3.  Check that it's working with `curl`:
-    ```bash
+    ```console
    $ curl http://localhost:5000/v2/
    {}
@ -72,7 +72,7 @@ counter whenever you visit it.
 1.  Create a directory for the project:
-    ```bash
+    ```console
    $ mkdir stackdemo
    $ cd stackdemo
    ```
@ -163,7 +163,7 @@ counter whenever you visit it.
 2.  Check that the app is running with `docker-compose ps`:
-    ```bash
+    ```console
    $ docker-compose ps
          Name                     Command               State           Ports
@ -174,7 +174,7 @@ counter whenever you visit it.
    You can test the app with `curl`:
-    ```bash
+    ```console
    $ curl http://localhost:8000
    Hello World! I have been seen 1 times.
@ -187,7 +187,7 @@ counter whenever you visit it.
 3.  Bring the app down:
-    ```bash
+    ```console
    $ docker-compose down --volumes
    Stopping stackdemo_web_1 ... done
@ -203,7 +203,7 @@ counter whenever you visit it.
 To distribute the web app's image across the swarm, it needs to be pushed to the
 registry you set up earlier. With Compose, this is very simple:
-```bash
+```console
 $ docker-compose push
 Pushing web (127.0.0.1:5000/stackdemo:latest)...
@ -223,7 +223,7 @@ The stack is now ready to be deployed.
 1.  Create the stack with `docker stack deploy`:
-    ```bash
+    ```console
    $ docker stack deploy --compose-file docker-compose.yml stackdemo
    Ignoring unsupported options: build
@ -238,7 +238,7 @@ The stack is now ready to be deployed.
 2.  Check that it's running with `docker stack services stackdemo`:
-    ```bash
+    ```console
    $ docker stack services stackdemo
    ID            NAME             MODE        REPLICAS  IMAGE
@ -252,7 +252,7 @@ The stack is now ready to be deployed.
    As before, you can test the app with `curl`:
-    ```bash
+    ```console
    $ curl http://localhost:8000
    Hello World! I have been seen 1 times.
@ -266,14 +266,14 @@ The stack is now ready to be deployed.
    Thanks to Docker's built-in routing mesh, you can access any node in the
    swarm on port 8000 and get routed to the app:
-    ```bash
+    ```console
    $ curl http://address-of-other-node:8000
    Hello World! I have been seen 4 times.
    ```
 3.  Bring the stack down with `docker stack rm`:
-    ```bash
+    ```console
    $ docker stack rm stackdemo
    Removing service stackdemo_web
@ -283,14 +283,14 @@ The stack is now ready to be deployed.
 4.  Bring the registry down with `docker service rm`:
-    ```bash
+    ```console
    $ docker service rm registry
    ```
 5.  If you're just testing things out on a local machine and want to bring your
    Docker Engine out of swarm mode, use `docker swarm leave`:
-    ```bash
+    ```console
    $ docker swarm leave --force
    Node left the swarm.
--- a/engine/swarm/swarm-mode.md
+++ b/engine/swarm/swarm-mode.md
@ -51,7 +51,7 @@ external to the swarm.
 The output for `docker swarm init` provides the connection command to use when
 you join new worker nodes to the swarm:
-```bash
+```console
 $ docker swarm init
 Swarm initialized: current node (dxn1zf6l61qsb1josjja83ngz) is now a manager.
@ -83,20 +83,20 @@ The subnet range comes from the `--default-addr-pool`, (such as `10.10.0.0/16`).
 The format of the command is:
-```bash
+```console
 $ docker swarm init --default-addr-pool <IP range in CIDR> [--default-addr-pool <IP range in CIDR> --default-addr-pool-mask-length <CIDR value>]
 ```
 To create a default IP address pool with a /16 (class B) for the 10.20.0.0 network looks like this:
-```bash
+```console
 $ docker swarm init --default-addr-pool 10.20.0.0/16
 ```
 To create a default IP address pool with a `/16` (class B) for the `10.20.0.0` and `10.30.0.0` networks, and to 
 create a subnet mask of `/26` for each network looks like this:
-```bash
+```console
 $ docker swarm init --default-addr-pool 10.20.0.0/16 --default-addr-pool 10.30.0.0/16 --default-addr-pool-mask-length 26
 ```
@ -120,7 +120,7 @@ single IP address. If so, Docker uses the IP address with the listening port
 correct `--advertise-addr` to enable inter-manager communication and overlay
 networking:
-```bash
+```console
 $ docker swarm init --advertise-addr <MANAGER-IP>
 ```
@ -146,7 +146,7 @@ swarm.
 To retrieve the join command including the join token for worker nodes, run:
-```bash
+```console
 $ docker swarm join-token worker
 To add a worker to this swarm, run the following command:
@ -160,7 +160,7 @@ This node joined a swarm as a worker.
 To view the join command and token for manager nodes, run:
-```bash
+```console
 $ docker swarm join-token manager
 To add a worker to this swarm, run the following command:
@ -172,7 +172,7 @@ To add a worker to this swarm, run the following command:
 Pass the `--quiet` flag to print only the token:
-```bash
+```console
 $ docker swarm join-token --quiet worker
 SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2e7c
@ -200,7 +200,7 @@ Run `swarm join-token --rotate` to invalidate the old token and generate a new
 token. Specify whether you want to rotate the token for `worker` or `manager`
 nodes:
-```bash
+```console
 $ docker swarm join-token  --rotate worker
 To add a worker to this swarm, run the following command:
--- a/engine/swarm/swarm-tutorial/add-nodes.md
+++ b/engine/swarm/swarm-tutorial/add-nodes.md
@ -15,7 +15,7 @@ to add worker nodes.
    [Create a swarm](create-swarm.md) tutorial step to create a worker node
    joined to the existing swarm:
-    ```bash
+    ```console
    $ docker swarm join \
      --token  SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2e7c \
      192.168.99.100:2377
@ -26,7 +26,7 @@ to add worker nodes.
    If you don't have the command available, you can run the following command
    on a manager node to retrieve the join command for a worker:
-    ```bash
+    ```console
    $ docker swarm join-token worker
    To add a worker to this swarm, run the following command:
@ -43,7 +43,7 @@ to add worker nodes.
    [Create a swarm](create-swarm.md) tutorial step to create a second worker
    node joined to the existing swarm:
-    ```bash
+    ```console
    $ docker swarm join \
      --token SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2e7c \
      192.168.99.100:2377
@ -54,7 +54,8 @@ to add worker nodes.
 5.  Open a terminal and ssh into the machine where the manager node runs and
    run the `docker node ls` command to see the worker nodes:
-    ```bash
+    ```console
    $ docker node ls
    ID                           HOSTNAME  STATUS  AVAILABILITY  MANAGER STATUS
    03g1y59jwfg7cf99w4lt0f662    worker2   Ready   Active
    9j68exjopxe7wfl6yuxml7a7j    worker1   Ready   Active
--- a/engine/swarm/swarm-tutorial/create-swarm.md
+++ b/engine/swarm/swarm-tutorial/create-swarm.md
@ -13,13 +13,13 @@ machines.
    node. This tutorial uses a machine named `manager1`. If you use Docker Machine,
    you can connect to it via SSH using the following command:
-    ```bash
+    ```console
    $ docker-machine ssh manager1
    ```
 2.  Run the following command to create a new swarm:
-    ```bash
+    ```console
    $ docker swarm init --advertise-addr <MANAGER-IP>
    ```
@ -33,7 +33,7 @@ machines.
    In the tutorial, the following command creates a swarm on the `manager1`
    machine:
-    ```bash
+    ```console
    $ docker swarm init --advertise-addr 192.168.99.100
    Swarm initialized: current node (dxn1zf6l61qsb1josjja83ngz) is now a manager.
@ -56,7 +56,7 @@ machines.
 2.  Run `docker info` to view the current state of the swarm:
-    ```bash
+    ```console
    $ docker info
    Containers: 2
@ -74,7 +74,7 @@ machines.
 3.  Run the `docker node ls` command to view information about nodes:
-    ```bash
+    ```console
    $ docker node ls
    ID                           HOSTNAME  STATUS  AVAILABILITY  MANAGER STATUS
--- a/engine/swarm/swarm-tutorial/delete-service.md
+++ b/engine/swarm/swarm-tutorial/delete-service.md
@ -14,7 +14,7 @@ you can delete the service from the swarm.
 2.  Run `docker service rm helloworld` to remove the `helloworld` service.
-    ```bash
+    ```console
    $ docker service rm helloworld
    helloworld
@ -24,7 +24,7 @@ you can delete the service from the swarm.
    removed the service. The CLI returns a message that the service is not
    found:
-    ```bash
+    ```console
    $ docker service inspect helloworld
    []
    Error: no such service: helloworld
@ -34,7 +34,7 @@ you can delete the service from the swarm.
    seconds to clean up. You can use `docker ps` on the nodes to verify when the
    tasks have been removed.
-    ```bash
+    ```console
    $ docker ps
        CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
--- a/engine/swarm/swarm-tutorial/deploy-service.md
+++ b/engine/swarm/swarm-tutorial/deploy-service.md
@ -14,7 +14,7 @@ is not a requirement to deploy a service.
 2.  Run the following command:
-    ```bash
+    ```console
    $ docker service create --replicas 1 --name helloworld alpine ping docker.com
    9uk4639qpg7npwf3fn2aasksr
@ -28,7 +28,7 @@ is not a requirement to deploy a service.
 3.  Run `docker service ls` to see the list of running services:
-    ```bash
+    ```console
    $ docker service ls
    ID            NAME        SCALE  IMAGE   COMMAND
--- a/engine/swarm/swarm-tutorial/drain-node.md
+++ b/engine/swarm/swarm-tutorial/drain-node.md
@ -26,7 +26,7 @@ node and launches replica tasks on a node with `ACTIVE` availability.
 2.  Verify that all your nodes are actively available.
-    ```bash
+    ```console
    $ docker node ls
    ID                           HOSTNAME  STATUS  AVAILABILITY  MANAGER STATUS
@ -38,7 +38,7 @@ node and launches replica tasks on a node with `ACTIVE` availability.
 3.  If you aren't still running the `redis` service from the
    [rolling update](rolling-update.md) tutorial, start it now:
-    ```bash
+    ```console
    $ docker service create --replicas 3 --name redis --update-delay 10s redis:3.0.6
    c5uo6kdmzpon37mgj9mwglcfw
@ -47,7 +47,7 @@ node and launches replica tasks on a node with `ACTIVE` availability.
 4.  Run `docker service ps redis` to see how the swarm manager assigned the
 tasks to different nodes:
-    ```bash
+    ```console
    $ docker service ps redis
    NAME                               IMAGE        NODE     DESIRED STATE  CURRENT STATE
@ -62,15 +62,15 @@ tasks to different nodes:
 5.  Run `docker node update --availability drain <NODE-ID>` to drain a node that
 had a task assigned to it:
-    ```bash
+    ```console
-    docker node update --availability drain worker1
+    $ docker node update --availability drain worker1
    worker1
    ```
 6.  Inspect the node to check its availability:
-    ```bash
+    ```console
    $ docker node inspect --pretty worker1
    ID:			38ciaotwjuritcdtn9npbnkuz
@ -86,7 +86,7 @@ had a task assigned to it:
 7.  Run `docker service ps redis` to see how the swarm manager updated the
 task assignments for the `redis` service:
-    ```bash
+    ```console
    $ docker service ps redis
    NAME                                    IMAGE        NODE      DESIRED STATE  CURRENT STATE           ERROR
@ -103,7 +103,7 @@ task assignments for the `redis` service:
 8.  Run  `docker node update --availability active <NODE-ID>` to return the
 drained node to an active state:
-    ```bash
+    ```console
    $ docker node update --availability active worker1
    worker1
@ -111,7 +111,7 @@ drained node to an active state:
 9.  Inspect the node to see the updated state:
-    ```bash
+    ```console
    $ docker node inspect --pretty worker1
    ID:			38ciaotwjuritcdtn9npbnkuz
--- a/engine/swarm/swarm-tutorial/inspect-service.md
+++ b/engine/swarm/swarm-tutorial/inspect-service.md
@ -17,7 +17,7 @@ the Docker CLI to see details about the service running in the swarm.
    To see the details on the `helloworld` service:
-    ```bash
+    ```console
    [manager1]$ docker service inspect --pretty helloworld
    ID:		9uk4639qpg7npwf3fn2aasksr
@ -37,7 +37,7 @@ the Docker CLI to see details about the service running in the swarm.
    >**Tip**: To return the service details in json format, run the same command
    without the `--pretty` flag.
-    ```bash
+    ```console
    [manager1]$ docker service inspect helloworld
    [
    {
@ -89,7 +89,7 @@ the Docker CLI to see details about the service running in the swarm.
 4.  Run `docker service ps <SERVICE-ID>` to see which nodes are running the
    service:
-    ```bash
+    ```console
    [manager1]$ docker service ps helloworld
    NAME                                    IMAGE   NODE     DESIRED STATE  CURRENT STATE           ERROR               PORTS
@ -110,7 +110,7 @@ the Docker CLI to see details about the service running in the swarm.
    >**Tip**: If `helloworld` is running on a node other than your manager node,
    you must ssh to that node.
-    ```bash
+    ```console
    [worker2]$ docker ps
    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
--- a/engine/swarm/swarm-tutorial/rolling-update.md
+++ b/engine/swarm/swarm-tutorial/rolling-update.md
@ -17,7 +17,7 @@ Redis 3.0.7 container image using rolling updates.
 2.  Deploy your Redis tag to the swarm and configure the swarm with a 10 second
    update delay. Note that the following example shows an older Redis tag:
-    ```bash
+    ```console
    $ docker service create \
      --replicas 3 \
      --name redis \
@ -47,7 +47,7 @@ Redis 3.0.7 container image using rolling updates.
 3.  Inspect the `redis` service:
-    ```bash
+    ```console
    $ docker service inspect --pretty redis
    ID:             0u6a4s31ybk7yw2wyvtikmu50
@ -68,7 +68,7 @@ Redis 3.0.7 container image using rolling updates.
 4.  Now you can update the container image for `redis`. The swarm  manager
    applies the update to nodes according to the `UpdateConfig` policy:
-    ```bash
+    ```console
    $ docker service update --image redis:3.0.7 redis
    redis
    ```
@ -86,7 +86,7 @@ Redis 3.0.7 container image using rolling updates.
 5.  Run `docker service inspect --pretty redis` to see the new image in the
    desired state:
-    ```bash
+    ```console
    $ docker service inspect --pretty redis
    ID:             0u6a4s31ybk7yw2wyvtikmu50
@ -106,7 +106,7 @@ Redis 3.0.7 container image using rolling updates.
    The output of `service inspect` shows if your update paused due to failure:
-    ```bash
+    ```console
    $ docker service inspect --pretty redis
    ID:             0u6a4s31ybk7yw2wyvtikmu50
@ -121,8 +121,8 @@ Redis 3.0.7 container image using rolling updates.
    To restart a paused update run `docker service update <SERVICE-ID>`. For example:
-    ```bash
+    ```console
-    docker service update redis
+    $ docker service update redis
    ```
    To avoid repeating certain update failures, you may need to reconfigure the
@ -130,7 +130,7 @@ Redis 3.0.7 container image using rolling updates.
 6.  Run `docker service ps <SERVICE-ID>` to watch the rolling update:
-    ```bash
+    ```console
    $ docker service ps redis
    NAME                                   IMAGE        NODE       DESIRED STATE  CURRENT STATE            ERROR
--- a/engine/swarm/swarm-tutorial/scale-service.md
+++ b/engine/swarm/swarm-tutorial/scale-service.md
@ -16,13 +16,13 @@ the service. Containers running in a service are called "tasks."
 2.  Run the following command to change the desired state of the
    service running in the swarm:
-    ```bash
+    ```console
    $ docker service scale <SERVICE-ID>=<NUMBER-OF-TASKS>
    ```
    For example:
-    ```bash
+    ```console
    $ docker service scale helloworld=5
    helloworld scaled to 5
@ -30,7 +30,7 @@ the service. Containers running in a service are called "tasks."
 3.  Run `docker service ps <SERVICE-ID>` to see the updated task list:
-    ```bash
+    ```console
    $ docker service ps helloworld
    NAME                                    IMAGE   NODE      DESIRED STATE  CURRENT STATE
@ -48,7 +48,7 @@ the service. Containers running in a service are called "tasks."
 4.  Run `docker ps` to see the containers running on the node where you're
    connected. The following example shows the tasks running on `manager1`:
-    ```bash
+    ```console
    $ docker ps
    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
--- a/engine/swarm/swarm_manager_locking.md
+++ b/engine/swarm/swarm_manager_locking.md
@ -29,7 +29,7 @@ rotate this key encryption key at any time.
 When you initialize a new swarm, you can use the `--autolock` flag to
 enable autolocking of swarm manager nodes when Docker restarts.
-```bash
+```console
 $ docker swarm init --autolock
 Swarm initialized: current node (k1q27tfyx9rncpixhk69sa61v) is now a manager.
@ -54,7 +54,7 @@ When Docker restarts, you need to [unlock the swarm](#unlock-a-swarm). A locked
 swarm causes an error like the following when you try to start or restart a
 service:
-```bash
+```console
 $ sudo service docker restart
 $ docker service ls
@ -66,7 +66,7 @@ Error response from daemon: Swarm is encrypted and needs to be unlocked before i
 To enable autolock on an existing swarm, set the `autolock` flag to `true`.
-```bash
+```console
 $ docker swarm update --autolock=true
 Swarm updated.
@ -85,7 +85,7 @@ disk. There is a trade-off between the risk of storing the encryption key
 unencrypted at rest and the convenience of restarting a swarm without
 needing to unlock each manager.
-```bash
+```console
 $ docker swarm update --autolock=false
 ```
@ -96,7 +96,7 @@ a manager goes down while it is still configured to lock using the old key.
 To unlock a locked swarm, use `docker swarm unlock`.
-```bash
+```console
 $ docker swarm unlock
 Please enter unlock key:
@ -116,7 +116,7 @@ If the key has not been rotated since the node left the swarm, and you have a
 quorum of functional manager nodes in the swarm, you can view the current unlock
 key using `docker swarm unlock-key` without any arguments.
-```bash
+```console
 $ docker swarm unlock-key
 To unlock a swarm manager after it restarts, run the `docker swarm unlock`
@ -136,7 +136,7 @@ the swarm and join it back to the swarm as a new manager.
 You should rotate the locked swarm's unlock key on a regular schedule.
-```bash
+```console
 $ docker swarm unlock-key --rotate
 Successfully rotated manager unlock key.