[ee] fix various broken links

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

ee/admin/backup/back-up-swarm.md

@@ -27,7 +27,7 @@ You must perform a manual backup on each manager node, because logs contain node
 1.  Retrieve your Swarm unlock key if `auto-lock` is enabled to be able
     to restore the swarm from backup. Retrieve the unlock key if necessary and
     store it in a safe location. If you are unsure, read
-    [Lock your swarm to protect its encryption key](/engine/swarm/swarm_manager_locking.md).
+    [Lock your swarm to protect its encryption key](../../../engine/swarm/swarm_manager_locking.md).
 
 2.  Because you must stop the engine of the manager node before performing the backup, having three manager 
     nodes is recommended for high availability (HA). For a cluster to be operational, a majority of managers 
@@ -80,5 +80,5 @@ You must perform a manual backup on each manager node, because logs contain node
 
 ### Where to go next
 
-- [Back up UCP](back-up-ucp)
+- [Back up UCP](back-up-ucp.md)
  

ee/admin/backup/back-up-ucp.md

@@ -259,5 +259,5 @@ The following table describes the backup schema returned by the `GET` and `LIST`
 
 ### Where to go next
 
-- [Back up the Docker Trusted Registry](./back-up-dtr/)
+- [Back up the Docker Trusted Registry](back-up-dtr.md)
  

ee/admin/backup/index.md

@@ -22,9 +22,9 @@ This document provides instructions and best practices for Docker Enterprise bac
 To back up Docker Enterprise, you must create individual backups
 for each of the following components:
 
-1. [Back up Docker Swarm](back-up-swarm). Back up Swarm resources like service and network definitions.
-2. [Back up Universal Control Plane (UCP)](back-up-ucp). Back up UCP configurations.
-3. [Back up Docker Trusted Registry (DTR)](back-up-dtr). Back up DTR configurations, images, and metadata.
+1. [Back up Docker Swarm](back-up-swarm.md). Back up Swarm resources like service and network definitions.
+2. [Back up Universal Control Plane (UCP)](back-up-ucp.md). Back up UCP configurations.
+3. [Back up Docker Trusted Registry (DTR)](back-up-dtr.md). Back up DTR configurations, images, and metadata.
 
 If you do not create backups for all components, you cannot restore your deployment to its previous state. 
 
@@ -35,4 +35,4 @@ a fresh installation on a separate infrastructure with the backup. Refer to [Res
 
 ### Where to go next
 
-- [Back up Docker Swarm](./back-up-swarm/)
+- [Back up Docker Swarm](back-up-swarm.md)

ee/admin/restore/index.md

@@ -10,10 +10,10 @@ swarm and join new ones to bring the swarm to an healthy state.
 
 Restore components individually and in the following order:
 
-1. [Restore Docker Swarm](restore-swarm).
-2. [Restore Universal Control Plane (UCP)](restore-ucp).
-3. [Restore Docker Trusted Registry (DTR)](restore-dtr).
+1. [Restore Docker Swarm](restore-swarm.md).
+2. [Restore Universal Control Plane (UCP)](restore-ucp.md).
+3. [Restore Docker Trusted Registry (DTR)](restore-dtr.md).
 
 ## Where to go next
 
-- [Restore Docker Swarm](restore-swarm)
+- [Restore Docker Swarm](restore-swarm.md)

ee/admin/restore/restore-swarm.md

@@ -50,4 +50,4 @@ Use the following procedure on each manager node to restore data to a new swarm.
 
 ### Where to go next
 
-- [Restore UCP](restore-ucp)
+- [Restore UCP](restore-ucp.md)

ee/admin/restore/restore-ucp.md

@@ -99,4 +99,4 @@ Alternatively, check the UCP UI **Nodes** page for node status, and monitor the
 
 ### Where to go next
 
-- [Restore DTR](restore-dtr)
+- [Restore DTR](restore-dtr.md)

ee/cluster/aws.md

@@ -389,6 +389,6 @@ All provisioned resources are destroyed and the context for the cluster is remov
 
 ## Where to go next
 
-- View the quick start guide for [Azure](azure.md) or [vSphere](vsphere.md)
+- View the quick start guide for [Azure](azure.md)
 - [Explore the full list of Cluster commands](/engine/reference/commandline/cluster/)
-- [Cluster configuration file reference](/ee/cluster-file.md)
+- [Cluster configuration file reference](cluster-file.md)

ee/cluster/azure.md

@@ -402,5 +402,5 @@ When the cluster has reached end-of-life, run `docker cluster rm quickstart`
 
 ## Where to go next
 
-- [Explore the full list of Cluster commands](./reference/index.md)
-- [Cluster configuration file reference](/ee/cluster-file/index.md)
+- [Explore the full list of Cluster commands](/engine/reference/commandline/cluster/)
+- [Cluster configuration file reference](cluster-file.md)

ee/cluster/index.md

@@ -74,5 +74,5 @@ docker container rm dci
 
 - [Get started with Docker Cluster on AWS](aws.md)
 - [Command line reference](/engine/reference/commandline/cluster/)
-- [Cluster file reference](/ee/cluster-file.md)
+- [Cluster file reference](cluster-file.md)
 

ee/docker-ee-architecture.md

@@ -75,7 +75,7 @@ directly. Instead, you interact with UCP. Since UCP exposes the standard
 Docker API and the full Kubernetes API transparently, you can use the tools
 you already know and love, like `kubectl`, the Docker CLI client, and Docker
 Compose.
-[Learn about UCP architecture](/ee/ucp/ucp-architecture.md).
+[Learn about UCP architecture](ucp/ucp-architecture.md).
 
 ![](/ee/ucp/images/ucp-architecture-2.svg){: .with-border}
 
@@ -96,9 +96,9 @@ worker node.
 
 All DTR replicas run the same set of services, and changes to their configuration
 are automatically propagated to other replicas.
-[Learn about DTR architecture](/ee/dtr/architecture.md).
+[Learn about DTR architecture](dtr/architecture.md).
 
 ## Where to go next
 
-- [UCP architecture](/ee/ucp/ucp-architecture.md)
-- [DTR architecture](/ee/dtr/architecture.md)
+- [UCP architecture](ucp/ucp-architecture.md)
+- [DTR architecture](dtr/architecture.md)

ee/docker-ee/centos.md

@@ -29,7 +29,7 @@ Shared between centOS.md, rhel.md, oracle.md
 --->
 
 For Docker Community Edition on {{ linux-dist-cap }}, see
-[Install Docker Engine on CentOS](/engine/install/centos.md).
+[Install Docker Engine on CentOS](../../engine/install/centos.md).
 
 ## Prerequisites
 
@@ -53,7 +53,7 @@ On {{ linux-dist-long }}, Docker Engine - Enterprise supports storage drivers,
 higher, `overlay2` is the recommended storage driver. The following limitations
 apply:
 
-- [OverlayFS](/storage/storagedriver/overlayfs-driver){: target="_blank" class="_" }:
+- [OverlayFS](/storage/storagedriver/overlayfs-driver/){: target="_blank" class="_" }:
   If `selinux` is enabled, the `overlay2` storage driver is supported on
   {{ linux-dist-cap }} 7.4 or higher. If `selinux` is disabled, `overlay2` is
   supported on {{ linux-dist-cap }} 7.2 or higher with kernel version 3.10.0-693
@@ -220,7 +220,7 @@ Shared between centOS.md, oracle.md
     ```
 
     Docker Engine - Enterprise is installed and running. Use `sudo` to run Docker commands. See
-    [Linux postinstall](/engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
+    [Linux postinstall](../../engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
     non-privileged users to run Docker commands.
 
 <!---
@@ -282,7 +282,7 @@ Not shared
     ```
 
     Docker Engine - Enterprise is installed and running. Use `sudo` to run Docker commands. See
-    [Linux postinstall](/engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
+    [Linux postinstall](../../engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
     non-privileged users to run Docker commands.
 
 <!---
@@ -333,6 +333,6 @@ Shared between centOS.md, rhel.md, oracle.md
 ## Next steps
 
 
-- Continue to [Post-installation steps for Linux](/engine/install/linux-postinstall.md){: target="_blank" class="_" }
+- Continue to [Post-installation steps for Linux](../../engine/install/linux-postinstall.md){: target="_blank" class="_" }
 
 - Continue with user guides on [Universal Control Plane (UCP)](/ee/ucp/){: target="_blank" class="_" } and [Docker Trusted Registry (DTR)](/ee/dtr/){: target="_blank" class="_" }

ee/docker-ee/oracle.md

@@ -215,7 +215,7 @@ Shared between centOS.md, oracle.md
     ```
 
     Docker Engine - Enterprise is installed and running. Use `sudo` to run Docker commands. See
-    [Linux postinstall](/engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
+    [Linux postinstall](../../engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
     non-privileged users to run Docker commands.
 
 <!---
@@ -281,7 +281,7 @@ Not shared
     ```
 
     Docker Engine - Enterprise is installed and running. Use `sudo` to run Docker commands. See
-    [Linux postinstall](/engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
+    [Linux postinstall](../../engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
     non-privileged users to run Docker commands.
 
 <!---
@@ -332,6 +332,6 @@ Shared between centOS.md, rhel.md, oracle.md
 ## Next steps
 
 
-- Continue to [Post-installation steps for Linux](/engine/install/linux-postinstall.md){: target="_blank" class="_" }
+- Continue to [Post-installation steps for Linux](../../engine/install/linux-postinstall.md){: target="_blank" class="_" }
 
 - Continue with user guides on [Universal Control Plane (UCP)](/ee/ucp/){: target="_blank" class="_" } and [Docker Trusted Registry (DTR)](/ee/dtr/){: target="_blank" class="_" }

ee/docker-ee/rhel.md

@@ -396,7 +396,7 @@ Shared between centOS.md, rhel.md, oracle.md
     ```
 
     Docker Engine - Enterprise is installed and running. Use `sudo` to run Docker commands. See
-    [Linux postinstall](/engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
+    [Linux postinstall](../../engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
     non-privileged users to run Docker commands.
 
 <!---
@@ -479,7 +479,7 @@ Shared between centOS.md, rhel.md, oracle.md
     ```
 
     Docker Engine - Enterprise is installed and running. Use `sudo` to run Docker commands. See
-    [Linux postinstall](/engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
+    [Linux postinstall](../../engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
     non-privileged users to run Docker commands.
 
 </div>
@@ -522,7 +522,7 @@ Shared between centOS.md, rhel.md, oracle.md
     ```
 
     Docker Engine - Enterprise is installed and running. Use `sudo` to run Docker commands. See
-    [Linux postinstall](/engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
+    [Linux postinstall](../../engine/install/linux-postinstall.md){: target="_blank" class="_" } to allow
     non-privileged users to run Docker commands.
 
 </div>
@@ -572,6 +572,6 @@ Shared between centOS.md, rhel.md, oracle.md
 ## Next steps
 
 
-- Continue to [Post-installation steps for Linux](/engine/install/linux-postinstall.md){: target="_blank" class="_" }
+- Continue to [Post-installation steps for Linux](../../engine/install/linux-postinstall.md){: target="_blank" class="_" }
 
 - Continue with user guides on [Universal Control Plane (UCP)](/ee/ucp/){: target="_blank" class="_" } and [Docker Trusted Registry (DTR)](/ee/dtr/){: target="_blank" class="_" }

ee/docker-ee/suse.md

@@ -311,7 +311,7 @@ and update Docker from the repository.
     container runs, it prints an informational message and exits.
 
 Docker Engine - Enterprise is installed and running. You need to use `sudo` to
-run Docker commands. Continue to [Linux postinstall](/engine/install/linux-postinstall.md)
+run Docker commands. Continue to [Linux postinstall](../../engine/install/linux-postinstall.md)
 to configure the graph storage driver, allow non-privileged users to run Docker
 commands, and for other optional configuration steps.
 
@@ -427,6 +427,6 @@ You must delete any edited configuration files manually.
 
 ## Next steps
 
-- Continue to [Post-installation steps for Linux](/engine/install/linux-postinstall.md)
+- Continue to [Post-installation steps for Linux](../../engine/install/linux-postinstall.md)
 
-- Continue with the [User Guide](/engine/userguide/index.md).
+- Continue with the [User Guide](/engine/userguide/).

ee/docker-ee/ubuntu.md

@@ -203,7 +203,7 @@ Naturally, to install Docker Engine - Enterprise on a new host machine using the
 
 Docker Engine - Enterprise is installed and running. The `docker` group is
 created but no users are added to it. You need to use `sudo` to run Docker
-commands. Continue to [Linux postinstall](/engine/install/linux-postinstall.md)
+commands. Continue to [Linux postinstall](../../engine/install/linux-postinstall.md)
 to allow non-privileged users to run Docker commands and for other optional
 configuration steps.
 
@@ -265,7 +265,7 @@ Engine - Enterprise.
 
 Docker Engine - Enterprise is installed and running. The `docker` group is
 created but no users are added to it. You need to use `sudo` to run Docker
-commands. Continue to [Post-installation steps for Linux](/engine/install/linux-postinstall.md)
+commands. Continue to [Post-installation steps for Linux](../../engine/install/linux-postinstall.md)
 to allow non-privileged users to run Docker commands and for other optional
 configuration steps.
 
@@ -295,5 +295,5 @@ You must delete any edited configuration files manually.
 
 ## Next steps
 
-- Continue to [Post-installation steps for Linux](/engine/install/linux-postinstall.md).
-- Continue with the [User Guide](/engine/userguide/index.md).
+- Continue to [Post-installation steps for Linux](../../engine/install/linux-postinstall.md).
+- Continue with the [User Guide](/engine/userguide/).

ee/docker-ee/windows/docker-ee.md

@@ -315,18 +315,18 @@ posts](https://www.docker.com/microsoft/) on the Docker website.
 
 ## Where to go next
 
-* [Getting started](/docker-for-windows/index.md) provides an overview of
+* [Getting started](../../../docker-for-windows/index.md) provides an overview of
 Docker Desktop for Windows, basic Docker command examples, how to get help or
 give feedback, and links to all topics in the Docker Desktop for Windows guide.
 
-* [FAQs](/docker-for-windows/faqs.md) provides answers to frequently asked
+* [FAQs](../../../docker-for-windows/faqs.md) provides answers to frequently asked
 questions.
 
-* [Release Notes](/docker-for-windows/release-notes.md) lists component
+* [Release Notes](../../../docker-for-windows/release-notes.md) lists component
 updates, new features, and improvements associated with Stable and Edge
 releases.
 
-* [Learn Docker](/learn.md) provides general Docker tutorials.
+* [Learn Docker](../../../get-started/index.md) provides general Docker tutorials.
 
 * [Windows Containers on Windows Server](https://docs.microsoft.com/en-us/virtualization/windowscontainers/quick-start/quick-start-windows-server)
 is the official Microsoft documentation.

ee/dtr/admin/configure/deploy-caches/configuration-reference.md

@@ -8,7 +8,7 @@ keywords: DTR, cache
 
 DTR caches are based on Docker Registry, and use the same configuration
 file format.
-[Learn more about the configuration options](/registry/configuration.md).
+[Learn more about the configuration options](/registry/configuration/).
 
 The DTR cache extends the Docker Registry configuration file format by
 introducing a new middleware called `downstream` that has three configuration

ee/dtr/admin/configure/deploy-caches/high-availability.md

@@ -69,7 +69,7 @@ Create the cache configuration files by following the
 [instructions for deploying a single cache replica](simple.md#prepare-the-cache-deployment).
 
 Make sure you adapt the `storage` object, using the
-[configuration options for the shared storage](/registry/configuration.md#storage)
+[configuration options for the shared storage](/registry/configuration/#storage)
 of your choice.
 
 ## Configure your load balancer

ee/dtr/admin/configure/deploy-caches/simple.md

@@ -35,7 +35,7 @@ configure your Docker CLI client to connect to the swarm.
 docker node update --label-add dtr.cache=true <node-hostname>
 ```
 
-[Learn more about labelling nodes](/engine/swarm/manage-nodes.md#add-or-remove-label-metadata).
+[Learn more about labelling nodes](../../../../../engine/swarm/manage-nodes.md#add-or-remove-label-metadata).
 
 
 ## Prepare the cache deployment
@@ -175,7 +175,7 @@ the cache fetches it again from DTR.
 The cache is configured to persist data inside its container.
 If something goes wrong with the cache service, Docker automatically redeploys a
 new container, but previously cached data is not persisted.
-You can [customize the storage parameters](/registry/configuration.md#storage),
+You can [customize the storage parameters](/registry/configuration/#storage),
 if you want to store the image layers using a persistent storage backend.
 
 Also, the cache is configured to use port 443. If you're already using that

ee/dtr/admin/configure/enable-single-sign-on.md

@@ -63,5 +63,5 @@ docker run --rm -it \
 
 ## Where to go next
 
-- [Use your own TLS certificates](use-your-own-tls-certificates)
+- [Use your own TLS certificates](use-your-own-tls-certificates.md)
 - [Enable authentication using client certificates](/ee/enable-authentication-via-client-certs/)

ee/dtr/admin/configure/external-storage/index.md

@@ -42,7 +42,7 @@ as an admin, and navigate to **System > Storage**.
 The storage configuration page gives you the most
 common configuration options, but you have the option to upload a configuration file in `.yml`, `.yaml`, or `.txt` format.
 
-See [Docker Registry Configuration](/registry/configuration.md) for configuration options.
+See [Docker Registry Configuration](/registry/configuration/) for configuration options.
 
 ## Local filesystem
 

ee/dtr/admin/configure/external-storage/s3.md

@@ -108,7 +108,7 @@ of both DTR and the storage backend, they won't be able to push or pull images.
 And if you've configured DTR to skip TLS verification, you also need to
 configure all Docker Engines that push or pull from DTR to skip TLS
 verification. You do this by adding DTR to
-the [list of insecure registries when starting Docker](/engine/reference/commandline/dockerd.md).
+the [list of insecure registries when starting Docker](/engine/reference/commandline/dockerd/).
 
 ## Supported regions
 

ee/dtr/admin/configure/license-your-installation.md

@@ -34,5 +34,5 @@ Within **System > General** under the **License** section, you should see the ti
 
 ## Where to go next
 
-- [Use your own TLS certificates](use-your-own-tls-certificates)
-- [Enable single sign-on](enable-single-sign-on)
+- [Use your own TLS certificates](use-your-own-tls-certificates.md)
+- [Enable single sign-on](enable-single-sign-on.md)

ee/dtr/admin/configure/use-your-own-tls-certificates.md

@@ -55,5 +55,5 @@ CA.
 See [docker/dtr install](/reference/dtr/2.7/cli/install/) and [docker/dtr reconfigure](/reference/dtr/2.7/cli/reconfigure/) for TLS certificate options and usage. 
 
 ## Where to go next
-- [Enable single sign-on](enable-single-sign-on)
-- [Set up external storage](external-storage)
+- [Enable single sign-on](enable-single-sign-on.md)
+- [Set up external storage](external-storage/index.md)

ee/dtr/admin/upgrade.md

@@ -43,9 +43,9 @@ to avoid any business impacts.
 
 Before starting the upgrade, confirm that:
 * The version of UCP in use is supported by the upgrade version of DTR. [Check the compatibility matrix](https://success.docker.com/article/compatibility-matrix).
-* The [DTR backup](disaster-recovery/create-a-backup) is recent.
-* [Docker content trust in UCP is disabled](/ee/ucp/admin/configure/run-only-the-images-you-trust/).
-* [All system requirements are met](install/system-requirements).
+* The [DTR backup](disaster-recovery/create-a-backup.md) is recent.
+* [Docker content trust in UCP is disabled](../../ucp/admin/configure/run-only-the-images-you-trust.md).
+* [All system requirements are met](install/system-requirements.md).
 
 ### Step 1. Upgrade DTR to {{ previous_version }} if necessary
 
@@ -59,7 +59,7 @@ Pull the latest version of DTR:
 docker pull {{ page.dtr_org }}/{{ page.dtr_repo }}:{{ page.dtr_version }}
 ```
 
-Confirm that at least [16GB RAM is available](install/system-requirements) on the node on which you are running the upgrade. If the DTR node does not have access to the internet, follow the [offline installation documentation](install/install-offline) to get the images.
+Confirm that at least [16GB RAM is available](install/system-requirements.md) on the node on which you are running the upgrade. If the DTR node does not have access to the internet, follow the [offline installation documentation](install/install-offline) to get the images.
 
 Once you have the latest image on your machine (and the images on the target
 nodes, if upgrading offline), run the upgrade command.
@@ -118,5 +118,5 @@ After upgrading DTR, it is necessary to redownload the vulnerability database.
 
 ## Where to go next
 
-- [Release notes](../release-notes)
+- [Release notes](../release-notes.md)
 - [Garbage collection in v2.5](/datacenter/dtr/2.5/guides/admin/configure/garbage-collection/)

ee/dtr/release-notes.md

@@ -267,7 +267,7 @@ Refer to [DTR image vulnerabilities](https://success.docker.com/article/dtr-imag
 ### Known issues
 
 * Docker Engine Enterprise Edition (Docker EE) Upgrade
-  * There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
+  * There are [important changes to the upgrade process](/ee/upgrade/) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
 * Web Interface
   * Poll mirroring for Docker plugins such as `docker/imagefs` is currently broken. (docker/dhe-deploy #9490)
   * When viewing the details of a scanned image tag, the header may display a different vulnerability count from the layer details. (docker/dhe-deploy #9474)
@@ -297,7 +297,7 @@ Refer to [DTR image vulnerabilities](https://success.docker.com/article/dtr-imag
 ### Known issues
 
 * Docker Engine Enterprise Edition (Docker EE) Upgrade
-  * There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
+  * There are [important changes to the upgrade process](/ee/upgrade/) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
 * Web Interface
   * Poll mirroring for Docker plugins such as `docker/imagefs` is currently broken. (docker/dhe-deploy #9490)
   * When viewing the details of a scanned image tag, the header may display a different vulnerability count from the layer details. (docker/dhe-deploy #9474)
@@ -334,7 +334,7 @@ Refer to [DTR image vulnerabilities](https://success.docker.com/article/dtr-imag
 ### Known issues
 
 * Docker Engine Enterprise Edition (Docker EE) Upgrade
-  * There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
+  * There are [important changes to the upgrade process](/ee/upgrade/) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
 * Web Interface
   * Poll mirroring for Docker plugins such as `docker/imagefs` is currently broken. (docker/dhe-deploy #9490)
   * When viewing the details of a scanned image tag, the header may display a different vulnerability count from the layer details. (docker/dhe-deploy #9474)
@@ -355,7 +355,7 @@ Refer to [DTR image vulnerabilities](https://success.docker.com/article/dtr-imag
 ### Known issues
 
 * Docker Engine Enterprise Edition (Docker EE) Upgrade
-  * There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
+  * There are [important changes to the upgrade process](/ee/upgrade/) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
 * Web Interface
   * Poll mirroring for Docker plugins such as `docker/imagefs` is currently broken. (docker/dhe-deploy #9490)
   * When viewing the details of a scanned image tag, the header may display a different vulnerability count from the layer details. (docker/dhe-deploy #9474)
@@ -381,7 +381,7 @@ Refer to [DTR image vulnerabilities](https://success.docker.com/article/dtr-imag
 ### Known issues
 
 * Docker Engine Enterprise Edition (Docker EE) Upgrade
-  * There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
+  * There are [important changes to the upgrade process](/ee/upgrade/) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
 
 * Web Interface
   * Poll mirroring for Docker plugins such as `docker/imagefs` is currently broken. (docker/dhe-deploy #9490)
@@ -408,7 +408,7 @@ Refer to [DTR image vulnerabilities](https://success.docker.com/article/dtr-imag
 ### Known issues
 
 * Docker Engine Enterprise Edition (Docker EE) Upgrade
-  * There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
+  * There are [important changes to the upgrade process](/ee/upgrade/) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
 
 * Web Interface
   * Poll mirroring for Docker plugins such as `docker/imagefs` is currently broken. (docker/dhe-deploy #9490)
@@ -437,7 +437,7 @@ Refer to [DTR image vulnerabilities](https://success.docker.com/article/dtr-imag
 ### Known issues
 
 * Docker Engine Enterprise Edition (Docker EE) Upgrade
-  * There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
+  * There are [important changes to the upgrade process](/ee/upgrade/) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
 
 * Web Interface
   * Users with read-only permissions to a repository can edit the repository README but their changes will not be saved. Only repository admins should have the ability to [edit the description](/ee/dtr/admin/manage-users/permission-levels/#team-permission-levels) of a repository. (docker/dhe-deploy #9677)
@@ -472,7 +472,7 @@ Refer to [DTR image vulnerabilities](https://success.docker.com/article/dtr-imag
 ### Known issues
 
 * Docker Engine Enterprise Edition (Docker EE) Upgrade
-  * There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
+  * There are [important changes to the upgrade process](/ee/upgrade/) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
 
 * Web Interface
   * Users with read-only permissions to a repository can edit the repository README but their changes will not be saved. Only repository admins should have the ability to [edit the description](/ee/dtr/admin/manage-users/permission-levels/#team-permission-levels) of a repository. (docker/dhe-deploy #9677)
@@ -526,7 +526,7 @@ Refer to [DTR image vulnerabilities](https://success.docker.com/article/dtr-imag
 ### Known issues
 
 * Docker Engine Enterprise Edition (Docker EE) Upgrade
-  * There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
+  * There are [important changes to the upgrade process](/ee/upgrade/) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade).
 
 * Web Interface
   * Users with read-only permissions to a repository can edit the repository README but their changes will not be saved. Only repository admins should have the ability to [edit the description](/ee/dtr/admin/manage-users/permission-levels/#team-permission-levels) of a repository. (docker/dhe-deploy #9677)

ee/dtr/user/audit-repository-events.md

@@ -60,4 +60,4 @@ For more details on different permission levels within DTR, see [Authentication
 
 ## Where to go next
 
-- [Enable auto-deletion of repository events](/ee/dtr/admin/configure/auto-delete-repo-events.md)
+- [Enable auto-deletion of repository events](../admin/configure/auto-delete-repo-events.md)

ee/dtr/user/manage-images/review-repository-info.md

@@ -7,7 +7,7 @@ keywords: dtr, repository, permissions
 >{% include enterprise_label_shortform.md %}
 
 The **Repository Info** tab includes the following details:
-   *  README (which you can [edit if you have admin rights to the repository](../../admin/manage-users/permission-levels/#team-permission-levels))
+   *  README (which you can [edit if you have admin rights to the repository](../../admin/manage-users/permission-levels.md#team-permission-levels))
    *  Docker Pull Command
    *  Your repository permissions
 
@@ -21,7 +21,7 @@ To learn more about pulling images, see [Pull and Push Images](pull-and-push-ima
 
 3. You should see the **Info** tab by default. Notice **Your Permission** under **Docker Pull Command**. 
 
-4. Hover over the question mark next to [your permission level](../../admin/manage-users/permission-levels/) to view the list of repository events you have access to.
+4. Hover over the question mark next to [your permission level](../../admin/manage-users/permission-levels.md) to view the list of repository events you have access to.
 	   
     ![](../../images/manage-repo-events-2.png){: .img-fluid .with-border}
 

ee/end-to-end-install.md

@@ -21,7 +21,7 @@ running one of the supported operating systems from Docker Enterprise's
 
 ## Step 1: Install Docker Enterprise Container Engine
 
-[Select a platform](/ee/supported-platforms) and click through to install the
+[Select a platform](supported-platforms.md) and click through to install the
 Docker Enterprise container engine on all hosts you want to manage.
 
 ## Step 2: Install Universal Control Plane

ee/licensing.md

@@ -69,7 +69,7 @@ After you’ve downloaded the license keys, you can apply it to your Docker Ente
 2. Navigate to the **Admin Settings** page.
 3. On the left pane, click **License** and then **Upload License**. The license is refreshed immediately.
 
-For details, see [Licensing UCP](https://docs.docker.com/ee/ucp/admin/configure/license-your-installation/).
+For details, see [Licensing UCP](ucp/admin/configure/license-your-installation.md).
 
 ### DTR
 
@@ -77,7 +77,7 @@ For details, see [Licensing UCP](https://docs.docker.com/ee/ucp/admin/configure/
 2. Select **System** from the left navigation pane.
 3. Click **Apply new license** and upload your license key.
     
-For details, see [Licensing DTR](https://docs.docker.com/ee/dtr/admin/configure/license-your-installation/).
+For details, see [Licensing DTR](dtr/admin/configure/license-your-installation.md).
 
 ### Engine - Enterprise
 

ee/overview.md

@@ -105,7 +105,7 @@ Docker Enterprise has its own built-in authentication mechanism with role-based
 control (RBAC), so that you can control who can access and make changes to your
 cluster and applications. Also, Docker Enterprise authentication integrates with LDAP
 services and supports SAML SCIM to proactively synchronize with authentication providers.
-[Learn about role-based access control](./ucp/authorization/). You can also opt to enable [PKI authentication](./enable-client-certificate-authentication/) to use client certificates, rather than username and password.
+[Learn about role-based access control](ucp/authorization/index.md). You can also opt to enable [PKI authentication](enable-client-certificate-authentication.md) to use client certificates, rather than username and password.
 
 ![](images/docker-ee-overview-2.png){: .with-border}
 
@@ -121,7 +121,7 @@ Windows applications typically require Active Directory authentication in order
 ## Docker Enterprise and the CLI
 
 Docker Enterprise exposes the standard Docker API, so you can continue using the tools
-that you already know, [including the Docker CLI client](./ucp/user-access/cli/),
+that you already know, [including the Docker CLI client](ucp/user-access/cli.md),
 to deploy and manage your applications.
 
 For example, you can use the `docker info` command to check the

ee/supported-platforms.md

@@ -63,7 +63,7 @@ Docker distributing the CLI as a separate installation package. This gives Docke
 Enterprise users the ability to install as many CLI packages as needed without
 using the Engine node licenses for client-only systems.
 
-[Learn more about Docker Enterprise](/ee/index.md).
+[Learn more about Docker Enterprise](index.md).
 
 
 > When using Docker Enterprise
@@ -78,8 +78,8 @@ a CLI plugin for automated deployment and configuration, and third-party ecosyst
 
 | Platform  | Docker Enterprise support |
 :----------------------------------------------------------------------------------------|:-------------------------:|
-| [Amazon Web Services](..\cluster\aws.md) |  {{ page.green-check }}   |
-| [Azure](..\cluster\azure.md) |  {{ page.green-check }}   |
+| [Amazon Web Services](cluster/aws.md) |  {{ page.green-check }}   |
+| [Azure](cluster/azure.md) |  {{ page.green-check }}   |
 | VMware  |  coming soon  |
 
 ## Docker Enterprise release cycles
@@ -104,6 +104,6 @@ details on EOL of minor and major versions of Docker Enterprise.
 
 ## Where to go next
 
-- [Install Docker Engine - Enterprise for RHEL](/ee/docker-ee/rhel.md)
-- [Install Docker Engine - Enterprise for Ubuntu](/ee/docker-ee/ubuntu/)
-- [Install Docker Engine - Enterprise for Windows Server](/ee/docker-ee/windows/docker-ee.md)
+- [Install Docker Engine - Enterprise for RHEL](docker-ee/rhel.md)
+- [Install Docker Engine - Enterprise for Ubuntu](docker-ee/ubuntu.md)
+- [Install Docker Engine - Enterprise for Windows Server](docker-ee/windows/docker-ee.md)

ee/ucp/admin/configure/add-labels-to-cluster-nodes.md

@@ -145,4 +145,4 @@ You can add or remove deployment constraints on this page.
 ## Where to go next
 
 - [Collect UCP Cluster Metrics with Prometheus](collect-cluster-metrics.md)
-- [Configure UCP Audit Logging](create-audit-logs.md)
+- [Configure UCP Audit Logging](enable-audit-logging.md)

ee/ucp/admin/configure/enable-audit-logging.md

@@ -37,7 +37,7 @@ request payload.
 >
 > Once UCP audit logging has been enabled, audit logs can be found within the 
 > container logs of the `ucp-controller` container on each UCP manager node. 
-> Ensure that you have a [logging  driver](../../../../config/containers/logging/configure/) 
+> Ensure that you have a [logging  driver](../../../../config/containers/logging/configure.md) 
 > configured appropriately with log rotation set, as audit logging can generate a large amount of data. 
 
 ## Benefits of audit logging

ee/ucp/admin/configure/integrate-scim.md

@@ -26,8 +26,8 @@ SCIM implementation allows proactive synchronization with UCP and eliminates thi
 
 ## Typical steps involved in SCIM integration:
 1. [Configure SCIM for UCP](#configure-scim-for-ucp)
-2. [Configure SCIM authentication and access](#scim-authentication-and-access)
-3. [Specify user attributes](#specify-user-access)
+2. [Configure SCIM authentication and access](#configure-scim-authentication-and-access)
+3. [Specify user attributes](#specify-user-attributes)
 
 Other information in this topic includes:
 

ee/ucp/admin/configure/join-nodes/join-linux-nodes-to-cluster.md

@@ -12,7 +12,7 @@ to your needs. You can join Windows Server and Linux nodes
 to the cluster.
 
 Because Docker Enterprise leverages the clustering functionality provided by Docker
-Engine, you use the [docker swarm join](/engine/swarm/swarm-tutorial/add-nodes.md)
+Engine, you use the [docker swarm join](../../../../../engine/swarm/swarm-tutorial/add-nodes.md)
 command to add more nodes to your cluster. When you join a new node, Docker Enterprise
 services start running on the node automatically.
 

ee/ucp/admin/configure/join-nodes/join-windows-nodes-to-cluster.md

@@ -25,8 +25,7 @@ To enable a worker node on Windows:
 
 ## Install Docker Engine - Enterprise on Windows Server 
 
-[Install Docker Engine -
-Enterprise](/engine/installation/windows/docker-ee/#use-a-script-to-install-docker-ee)
+[Install Docker Engine - Enterprise](../../../../docker-ee/windows/docker-ee.md#use-a-script-to-install-docker-engine---enterprise)
 on a Windows Server 2016 or 2019 instance before joining the node to a Docker
 Enterprise Cluster.
 
@@ -231,4 +230,4 @@ The following features are not yet supported on Windows Server 2016:
 
 ## Known Issues
 
-Refer to the [Docker Enterprise UCP release notes](/ee/ucp/release-notes) for Known Issues information.
+Refer to the [Docker Enterprise UCP release notes](/ee/ucp/release-notes/) for Known Issues information.

ee/ucp/admin/configure/license-your-installation.md

@@ -31,5 +31,5 @@ license refreshes immediately, and you don't need to click **Save**.
 
 ## Where to go next
 
-- [Install UCP](../install.md)
+- [Install UCP](../install/index.md)
 - [Install UCP offline](../install/install-offline.md)

ee/ucp/admin/configure/restrict-services-to-worker-nodes.md

@@ -108,4 +108,4 @@ $ kubectl get <object> <workload> -o json | jq -r '.spec.template.spec.toleratio
 
 - [Deploy an application package](/ee/ucp/deploy-application-package/)
 - [Deploy a Swarm workload](/ee/ucp/swarm/)
-- [Deploy a Kubernetes workload](/ee/ucp/kubernetes//)
+- [Deploy a Kubernetes workload](/ee/ucp/kubernetes/)

ee/ucp/admin/configure/run-only-the-images-you-trust.md

@@ -48,4 +48,4 @@ To configure UCP to only allow running services that use Docker trusted images:
 
 ## Where to go next
 
-- [Sign and push images to DTR](/ee/dtr/user/manage-images/sign-images.md)
+- [Sign and push images to DTR](../../../dtr/user/manage-images/sign-images/index.md)

ee/ucp/admin/configure/scale-your-cluster.md

@@ -13,7 +13,7 @@ scale to your needs.
 ![](../../images/scale-your-cluster-0.svg)
 
 Since UCP leverages the clustering functionality provided by Docker Engine,
-you use the [docker swarm join](/engine/swarm/swarm-tutorial/add-nodes.md)
+you use the [docker swarm join](../../../../engine/swarm/swarm-tutorial/add-nodes.md)
 command to add more nodes to your cluster. When joining new nodes, the UCP
 services automatically start running in that node.
 

ee/ucp/admin/configure/use-your-own-tls-certificates.md

@@ -57,7 +57,7 @@ web UI and [download new client certificate bundles](../../user-access/cli.md).
 
 If you deployed Docker Trusted Registry (DTR), you'll also need to reconfigure it
 to trust the new UCP TLS certificates.
-[Learn how to configure DTR](/reference/dtr/2.7/cli/reconfigure.md).
+[Learn how to configure DTR](/reference/dtr/2.7/cli/reconfigure/).
 
 ## Where to go next
 

ee/ucp/admin/install/architecture-specific-images.md

@@ -23,4 +23,4 @@ following table to ensure that you're pulling the right images for each node.
 
 ## Where to go next
 
-- [Join nodes to your cluster](../configure/join-nodes.md)
+- [Join nodes to your cluster](../configure/join-nodes/index.md)

ee/ucp/admin/install/cloudproviders/install-on-aws.md

@@ -7,7 +7,7 @@ keywords: Universal Control Plane, UCP, install, Docker EE, AWS, Kubernetes
 >{% include enterprise_label_shortform.md %}
 
 Docker Universal Control Plane (UCP) can be installed on top of AWS without any
-customisation following the UCP [install documentation](./install/). Therefore
+customisation following the UCP [install documentation](../index.md). Therefore
 this document is **optional**, however if you are deploying Kubernetes
 workloads with UCP and want to leverage the [AWS kubernetes cloud
 provider](https://github.com/kubernetes/cloud-provider-aws), which provides

ee/ucp/admin/install/cloudproviders/install-on-azure.md

@@ -27,7 +27,7 @@ There are two options for provisioning IPs for the Kubernetes cluster on Azure:
 `calico-node` daemonset and provisions 128 IP addresses for each node by default. For information on customizing this value, see [Adjust the IP count value](#adjust-the-ip-count-value).
 - **Manual provision of additional IP address for each Azure VM.** This
   could be done through the Azure Portal, the Azure CLI `$ az network nic ip-config create`, or an ARM template. You can find an example of an ARM template
-  [here](#manually-provision-ip-address-pools-as-part-of-an-azure-virtual-machine-scale-set).
+  [here](#manually-provision-ip-address-pools-as-part-of-an-azure-vm-scale-set).
 
 ## Azure Prerequisites
 
@@ -39,7 +39,7 @@ You must meet the following infrastructure prerequisites to successfully deploy
 - The Azure Virtual Network and Subnet must be appropriately sized for your
   environment, as addresses from this pool will be consumed by Kubernetes Pods.
   For more information, see [Considerations for IPAM
-  Configuration](#considerations-for-ipam-configuration).
+  Configuration](#guidelines-for-ipam-configuration).
 - All UCP worker and manager nodes need to be attached to the same Azure
   Subnet.
 - Internal IP addresses for all nodes should be [set to

ee/ucp/admin/install/index.md

@@ -160,5 +160,5 @@ same steps as before, but don't check the **Add node as a manager** option.
 
 ## Where to go next
 
-- [Join nodes to your cluster](../configure/join-nodes.md)
+- [Join nodes to your cluster](../configure/join-nodes/index.md)
 - [Use your own TLS certificates](../configure/use-your-own-tls-certificates.md)

ee/ucp/admin/install/plan-installation.md

@@ -273,7 +273,7 @@ address and FQDN of the load balancer's VIP by using
 one or more `--san` flags in the 
 [UCP install command](/reference/ucp/{{ site.ucp_version }}/cli/install/)
 or when you're asked for additional SANs in interactive mode.
-[Learn about high availability](../configure/set-up-high-availability.md).
+[Learn about high availability](../configure/join-nodes/index.md).
 
 ## Use an external Certificate Authority
 

ee/ucp/admin/install/system-requirements.md

@@ -15,7 +15,7 @@ Before installing, be sure your infrastructure has these requirements.
 
 You can install UCP on-premises or on a cloud provider. Common requirements:
 
-* [Docker Engine - Enterprise](/ee/supported-platforms.md) version {{ site.docker_ee_version }}
+* [Docker Engine - Enterprise](../../../supported-platforms.md) version {{ site.docker_ee_version }}
 * Linux kernel version 3.10 or higher. For debugging purposes, it is suggested to match the host OS kernel versions as close as possible.
 * [A static IP address for each node in the cluster](/ee/ucp/admin/install/plan-installation/#static-ip-addresses)
 * User namespaces should not be configured on any node. This function is not currently supported by UCP. See [Isolate containers with a user namespace](https://docs.docker.com/engine/security/userns-remap/) for more information.

ee/ucp/admin/install/uninstall.md

@@ -49,7 +49,7 @@ The UCP configuration is kept in case you want to reinstall UCP with the same
 configuration. If you want to also delete the configuration, run the uninstall
 command with the `--purge-config` option.
 
-Refer to the [reference documentation](/reference/ucp/3.0/cli/index.md) to learn the options available.
+Refer to the [reference documentation](../../../../reference/ucp/3.2/cli/index.md) to learn the options available.
 
 Once the uninstall command finishes, UCP is completely removed from all the
 nodes in the cluster. You don't need to run the command again from other nodes.
@@ -73,4 +73,4 @@ After you uninstall UCP, restart the node to restore its IP tables.
 
 ## Where to go next
 
-- [Join nodes to your cluster](../configure/join-nodes.md)
+- [Join nodes to your cluster](../configure/join-nodes/index.md)

ee/ucp/admin/install/upgrade.md

@@ -37,7 +37,7 @@ Complete the following checks:
 > Note
 > 
 > If you are upgrading a cluster to UCP 3.0.2 or higher on Microsoft
-> Azure, please ensure that all of the Azure [prerequisites](install-on-azure.md#azure-prerequisites)
+> Azure, please ensure that all of the Azure [prerequisites](cloudproviders/install-on-azure.md#azure-prerequisites)
 > are met.
 
 #### Storage

ee/ucp/authorization/deploy-stateless-app.md

@@ -64,7 +64,7 @@ Learn to [create and configure users and teams](create-users-and-teams-manually.
 ### Define roles
 
 For this exercise, create a simple role for the ops team. To learn how to create roles for Kubernetes,
-see [Configure native Kubernetes role-based access control](/ee/ucp/admin/configure/configure-rbac-kube/).
+see [Configure native Kubernetes role-based access control](../admin/configure/configure-rbac-kube.md).
 
 ### Grant access
 

ee/ucp/authorization/group-resources.md

@@ -9,7 +9,7 @@ redirect_from:
 >{% include enterprise_label_shortform.md %}
 
 Docker Enterprise enables access control to cluster resources by grouping resources
-into **resource sets**. Combine resource sets with [grants](grant-permissions)
+into **resource sets**. Combine resource sets with [grants](grant-permissions.md)
 to give users permission to access specific cluster resources.
 
 A resource set can be:

ee/ucp/index.md

@@ -83,4 +83,4 @@ Managers: 1
 ## Where to go next
 
 - [Install UCP](admin/install/index.md)
-- [Docker Enterprise architecture](/ee/docker-ee-architecture.md)
+- [Docker Enterprise architecture](../docker-ee-architecture.md)

ee/ucp/interlock/config/index.md

@@ -209,6 +209,6 @@ PollInterval = "3s"
 
 - [Configure host mode networking](host-mode-networking.md)
 - [Configure an NGINX extension](nginx-config.md)
-- [Use application service labels](service-labels.md)
+- [Use application service labels](../usage/labels-reference.md)
 - [Tune the proxy service](tuning.md)
 - [Update Interlock services](updates.md)

ee/ucp/interlock/config/updates.md

@@ -45,7 +45,7 @@ docker.io/docker/ucp:latest
 ```
 
 Next, list all the latest UCP images. To learn more about `docker/ucp images` and available options, 
-see [the reference page](/reference/ucp/3.1/cli/images/).
+see [the reference page](/reference/ucp/3.2/cli/images/).
 
 ```bash
 $> docker run --rm docker/ucp images --list

ee/ucp/interlock/index.md

@@ -13,7 +13,7 @@ Application-layer (Layer 7) routing is the application routing and load balancin
 > The HTTP routing mesh functionality was redesigned in UCP 3.0 for greater security and flexibility. The functionality was also renamed to “Layer 7 routing” to make it easier for new users to get started.
 
 Interlock is specific to the Swarm orchestrator. If you're trying to route
-traffic to your Kubernetes applications, refer to [Layer 7 routing with Kubernetes](../kubernetes/layer-7-routing.md) for more information.
+traffic to your Kubernetes applications, refer to [Layer 7 routing with Kubernetes](../kubernetes/cluster-ingress/index.md) for more information.
 
 Interlock uses the Docker Remote API to automatically configure extensions such as NGINX or HAProxy for application traffic. Interlock is designed for:
 

ee/ucp/interlock/usage/service-clusters.md

@@ -22,7 +22,7 @@ proxy servers for two independent Interlock service clusters.
 
 
 We'll also assume you've already enabled Interlock, per the 
-[instructions here](../deploy/), 
+[instructions here](../deploy/index.md), 
 with an HTTP port of 80 and an HTTPS port of 8443.
 
 ## Setting up Interlock service clusters

ee/ucp/kubernetes/cluster-ingress/canary.md

@@ -15,7 +15,7 @@ multiple back-end applications.
 
 > Note
 > 
-> This guide assumes the [Deploy Sample Application](./ingress/)
+> This guide assumes the [Deploy Sample Application](ingress.md)
 > tutorial was followed, with the artifacts still running on the cluster. If
 > they are not, please go back and follow this guide.
 
@@ -107,4 +107,4 @@ In this case, 100% of the traffic with the `stage=dev` header is sent to the v3
 
 ## Where to go next
 
-- [Deploy the Sample Application with Sticky Sessions](./sticky/)
+- [Deploy the Sample Application with Sticky Sessions](sticky.md)

ee/ucp/kubernetes/cluster-ingress/index.md

@@ -28,11 +28,11 @@ For a detailed look at Istio Ingress architecture, refer to the [Istio Ingress d
 
 To get started with UCP Ingress, the following help topics are provided:
 
-- [Install Cluster Ingress on a UCP Cluster](./install/)
-- [Deploy a Sample Application with Ingress Rules](./ingress)
-- [Deploy a Sample Application with a Canary Release](./canary/)
-- [Deploy a Sample Application with Sticky Sessions](./sticky/)
+- [Install Cluster Ingress on a UCP Cluster](install.md)
+- [Deploy a Sample Application with Ingress Rules](ingress.md)
+- [Deploy a Sample Application with a Canary Release](canary.md)
+- [Deploy a Sample Application with Sticky Sessions](sticky.md)
 
 ## Where to go next
 
-- [Install Cluster Ingress on to a UCP Cluster](./install/)
+- [Install Cluster Ingress on to a UCP Cluster](install.md)

ee/ucp/kubernetes/cluster-ingress/ingress.md

@@ -156,5 +156,5 @@ requests are sent to the other versions.
 
 ## Where to go next
 
-- [Deploy a Sample Application with a Canary release](./canary/)
-- [Deploy a Sample Application with Sticky Sessions](./sticky/)
+- [Deploy a Sample Application with a Canary release](canary.md)
+- [Deploy a Sample Application with Sticky Sessions](sticky.md)

ee/ucp/kubernetes/cluster-ingress/install.md

@@ -122,4 +122,4 @@ If the output is `HTTP/1.1 200 OK`, then Envoy is running correctly, ready to se
 
 ## Where to go next
 
-- [Deploy a Sample Application](./ingress/)
+- [Deploy a Sample Application](ingress.md)

ee/ucp/kubernetes/cluster-ingress/sticky.md

@@ -16,7 +16,7 @@ that a clients requests are sent to the same back end.
 
 > Note
 > 
-> This guide assumes the [Deploy Sample Application](./ingress/)
+> This guide assumes the [Deploy Sample Application](ingress.md)
 > tutorial was followed, with the artifacts still running on the cluster. If
 > they are not, please go back and follow this guide.
 
@@ -90,6 +90,6 @@ persisted across requests, and that for a given session header, the responses ar
 
 When the HTTP uses the cookie that is set by the Ingress proxy, all requests are sent to the same back end, `demo-v1-7797b7c7c8-kw6gp`.
 
-## Where to to go next
+## Where to go next
 
-- [Cluster Ingress Overview](./)
+- [Cluster Ingress Overview](ingress.md)

ee/ucp/kubernetes/create-service-account.md

@@ -88,4 +88,4 @@ assigned to the `nginx` namespace.
 
 ## Where to go next
 
-- [Deploy a Sample Application with Ingress](https://docs.docker.com/ee/ucp/kubernetes/cluster-ingress/ingress/)
+- [Deploy a Sample Application with Ingress](cluster-ingress/ingress.md)

ee/ucp/kubernetes/deploy-with-compose.md

@@ -8,7 +8,7 @@ redirect_from:
 
 >{% include enterprise_label_shortform.md %}
 
-Docker Enterprise Edition enables deploying [Docker Compose](/compose/overview.md)
+Docker Enterprise Edition enables deploying [Docker Compose](/compose/)
 files to Kubernetes clusters. Starting in Compose file version 3.3, you use the
 same `docker-compose.yml` file that you use for Swarm deployments, but you
 specify **Kubernetes workloads** when you deploy the stack. The result is a
@@ -19,7 +19,7 @@ true Kubernetes app.
 To deploy a stack to Kubernetes, you need a namespace for the app's resources.
 Contact your Docker EE administrator to get access to a namespace. In this
 example, the namespace is called `labs`.
-[Learn how to grant access to a Kubernetes namespace](../authorization/grant-permissions/#kubernetes-grants).
+[Learn how to grant access to a Kubernetes namespace](../authorization/grant-permissions.md#kubernetes-grants).
 
 ## Create a Kubernetes app from a Compose file
 

ee/ucp/kubernetes/install-cni-plugin.md

@@ -126,5 +126,5 @@ weave-net-wgvcd                2/2       Running   0          8m        172.31.6
 
 ## Where to go next
 
-- [Make your Cluster Highly Available](https://docs.docker.com/ee/ucp/admin/install/#step-6-join-manager-nodes)
-- [Deploy a Sample Application with Ingress](https://docs.docker.com/ee/ucp/kubernetes/cluster-ingress/ingress/)
+- [Make your Cluster Highly Available](../admin/install/index.md#step-6-join-manager-nodes)
+- [Deploy a Sample Application with Ingress](cluster-ingress/ingress.md)

ee/ucp/kubernetes/kubernetes-network-encryption.md

@@ -45,7 +45,7 @@ packet size must be a multiple of 4 bytes.  IPIP tunnels require 20 bytes of enc
 tunnel interface MTU must be no more than "EXTMTU - 46 - ((EXTMTU - 46) modulo 4)", where EXTMTU is the minimum MTU 
 of the external interfaces.   An IPIP MTU of 1452 should generally be safe for most deployments. 
 
-Changing UCP's MTU requires updating the UCP configuration.  This process is described [here](/ee/ucp/admin/configure/ucp-configuration-file).  
+Changing UCP's MTU requires updating the UCP configuration.  This process is described [here](../admin/configure/ucp-configuration-file.md).  
 
 Update the following values to the new MTU:
 
@@ -65,7 +65,7 @@ Beginning with UCP 3.2.4, you can configure SecureOverlay in two ways:
 
 ### UCP configuration file
 
-Add `secure-overlay` to the UCP configuration file. Set this option to `true` to enable IPSec network encryption. The default is `false`. See [cluster_config options](https://docs.docker.com/ee/ucp/admin/configure/ucp-configuration-file/#cluster_config-table-required) for more information.
+Add `secure-overlay` to the UCP configuration file. Set this option to `true` to enable IPSec network encryption. The default is `false`. See [cluster_config options](../admin/configure/ucp-configuration-file.md#cluster_config-table-required) for more information.
 
 ### SecureOverlay YAML file
 

ee/ucp/kubernetes/pod-security-policies.md

@@ -71,7 +71,7 @@ after an upgrade. By default, any user can create any pod.
 
 > Note: PSPs do not override security defaults built into the
 > UCP RBAC engine for Kubernetes pods. These [Security
-> defaults](https://docs.docker.com/ee/ucp/authorization/) prevent non-admin
+> defaults](/ee/ucp/authorization/) prevent non-admin
 > users from mounting host paths into pods or starting privileged pods.
 
 ```bash

ee/ucp/kubernetes/storage/configure-aws-storage.md

@@ -138,6 +138,6 @@ The AWS console shows a volume has been provisioned having a matching name with
 
 ## Where to go next
 
-- [Deploy an Ingress Controller on Kubernetes](/ee/ucp/kubernetes/layer-7-routing/)
-- [Discover Network Encryption on Kubernetes](/ee/ucp/kubernetes/kubernetes-network-encryption/)
-- [UCP CLI reference](https://docs.docker.com/reference/)
+- [Deploy an Ingress Controller on Kubernetes](../cluster-ingress/index.md)
+- [Discover Network Encryption on Kubernetes](../kubernetes-network-encryption.md)
+- [UCP CLI reference](/reference/)

ee/ucp/kubernetes/storage/use-azure-disk.md

@@ -18,12 +18,12 @@ Disks on demand.
 
 This guide assumes you have already provisioned a UCP environment on 
 Microsoft Azure. The Cluster must be provisioned after meeting all of the
-prerequisites listed in [Install UCP on Azure](/ee/ucp/admin/install/cloudproviders/install-on-azure.md).
+prerequisites listed in [Install UCP on Azure](../../admin/install/cloudproviders/install-on-azure.md).
 
 Additionally, this guide uses the Kubernetes Command Line tool `$
 kubectl` to provision Kubernetes objects within a UCP cluster. Therefore, this
 tool must be downloaded, along with a UCP client bundle. For more
-information on configuring CLI access for UCP, see [CLI Based Access](/ee/ucp/user-access/cli.md).
+information on configuring CLI access for UCP, see [CLI Based Access](../../user-access/cli.md).
 
 ## Manually provision Azure Disks
 
@@ -233,7 +233,5 @@ $ kubectl describe pods mypod-azure-disk
 
 ## Where to go next
 
-- [Deploy an Ingress Controller on
-  Kubernetes](/ee/ucp/kubernetes/layer-7-routing/)
-- [Discover Network Encryption on
-  Kubernetes](/ee/ucp/kubernetes/kubernetes-network-encryption/)
+- [Deploy an Ingress Controller on Kubernetes](../cluster-ingress/index.md)
+- [Discover Network Encryption on Kubernetes](../kubernetes-network-encryption.md)

ee/ucp/kubernetes/storage/use-azure-files.md

@@ -17,12 +17,12 @@ provision Azure Files Shares on demand.
 
 This guide assumes you have already provisioned a UCP environment on
 Microsoft Azure. The cluster must be provisioned after meeting all
-prerequisites listed in [Install UCP on Azure](/ee/ucp/admin/install/cloudproviders/install-on-azure.md).
+prerequisites listed in [Install UCP on Azure](../../admin/install/cloudproviders/install-on-azure.md).
 
 Additionally, this guide uses the Kubernetes Command Line tool `$
 kubectl` to provision Kubernetes objects within a UCP cluster. Therefore, you must download
 this tool along with a UCP client bundle. For more
-information on configuring CLI access to UCP, see [CLI Based Access](/ee/ucp/user-access/cli.md).
+information on configuring CLI access to UCP, see [CLI Based Access](../../user-access/cli.md).
 
 ## Manually Provisioning Azure Files
 
@@ -285,5 +285,5 @@ subjects:
 
 ## Where to go next
 
-- [Deploy an Ingress Controller on Kubernetes](/ee/ucp/kubernetes/layer-7-routing/)
+- [Deploy an Ingress Controller on Kubernetes](../cluster-ingress/index.md)
 - [Discover Network Encryption on Kubernetes](../kubernetes-network-encryption.md)

ee/ucp/kubernetes/storage/use-nfs-volumes.md

@@ -34,7 +34,7 @@ within the Pod specification, which could be a standalone pod, or could be
 wrapped in a higher-level object like a Deployment, Daemonset, or StatefulSet. 
 
 The following example includes a running UCP cluster and a downloaded 
-[client bundle](../../user-access/cli/#download-client-certificates) with
+[client bundle](../../user-access/cli.md#download-client-certificates) with
 permission to schedule pods in a namespace. 
 
 Here is an example pod specification with an NFS volume defined:
@@ -255,5 +255,5 @@ nfs.example.com://share1 on /var/nfs type nfs4 (rw,relatime,vers=4.1,rsize=26214
 
 ## Where to go next
 
-- [Deploy an Ingress Controller on Kubernetes](/ee/ucp/kubernetes/layer-7-routing/)
-- [Discover Network Encryption on Kubernetes](/ee/ucp/kubernetes/kubernetes-network-encryption/)
+- [Deploy an Ingress Controller on Kubernetes](../cluster-ingress/index.md)
+- [Discover Network Encryption on Kubernetes](../kubernetes-network-encryption.md)

ee/ucp/kubernetes/storage/use-vsphere-volumes.md

@@ -79,5 +79,5 @@ To deploy vSphere volumes:
 3. Start a Pod using the PVC that you defined.
 
 ## Where to go next
-* [Configuring iSCSI for Kubernetes](https://docs.docker.com/ee/ucp/kubernetes/storage/use-iscsi/)
-* [Using CSI Drivers](https://docs.docker.com/ee/ucp/kubernetes/storage/use-csi/)
+* [Configuring iSCSI for Kubernetes](use-iscsi.md)
+* [Using CSI Drivers](use-csi.md)

ee/ucp/release-notes.md

@@ -63,7 +63,7 @@ upgrade your installation to the latest release.
     ```
     
 ### Kubernetes
-* Enabled support for a user-managed Kubernetes KMS plugin. See [KMS plugin support for UCP](/ee/ucp/admin/configure/kms-plugin.md) for more information.
+* Enabled support for a user-managed Kubernetes KMS plugin. See [KMS plugin support for UCP](admin/configure/kms-plugin.md) for more information.
 
 ### Components
 
@@ -590,7 +590,7 @@ leading to a gap in permissions checks.  (ENGORC-2781)
     * Host PID
 * If you delete the built-in **ClusterRole** or **ClusterRoleBinding** for `cluster-admin`, restart the `ucp-kube-apiserver` container on any manager node to recreate them. (#14483)
 * Pod Security Policies are not supported in this release. (#15105)
-* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements) for details.
+* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements/) for details.
 
 ### Components
 
@@ -767,7 +767,7 @@ leading to a gap in permissions checks.  (ENGORC-2781)
     * Host PID
 * If you delete the built-in **ClusterRole** or **ClusterRoleBinding** for `cluster-admin`, restart the `ucp-kube-apiserver` container on any manager node to recreate them. (#14483)
 * Pod Security Policies are not supported in this release. (#15105)
-* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements) for details.
+* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements/) for details.
 
 ### Components
 
@@ -815,7 +815,7 @@ leading to a gap in permissions checks.  (ENGORC-2781)
     * Host PID
 * If you delete the built-in **ClusterRole** or **ClusterRoleBinding** for `cluster-admin`, restart the `ucp-kube-apiserver` container on any manager node to recreate them. (docker/orca#14483)
 * Pod Security Policies are not supported in this release. (docker/orca#15105)
-* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements) for details.
+* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements/) for details.
 
 ### Components
 
@@ -988,7 +988,7 @@ There are several backward-incompatible changes in the Kubernetes API that may a
     * Host PID
 * If you delete the built-in **ClusterRole** or **ClusterRoleBinding** for `cluster-admin`, restart the `ucp-kube-apiserver` container on any manager node to recreate them. (#14483)
 * Pod Security Policies are not supported in this release. (#15105)
-* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements) for details.
+* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements/) for details.
 
 ### Deprecated features
 

ee/ucp/swarm/deploy-to-collection.md

@@ -126,5 +126,5 @@ be grouped with the other resources in your stack.
 ## Where to go next
 
 - [Deploy a Compose-based app to a Kubernetes cluster](../kubernetes/deploy-with-compose.md)
-- [Set metadata on a service (-l, –label)](/engine/reference/commandline/service_create/#set-metadata-on-a-service--l-label.md)
-- [Docker object labels](/engine/userguide/labels-custom-metadata/.md)
+- [Set metadata on a service (-l, –label)](/engine/reference/commandline/service_create/#set-metadata-on-a-service--l---label)
+- [Docker object labels](/config/labels-custom-metadata/)

ee/ucp/ucp-architecture.md

@@ -7,7 +7,7 @@ keywords: ucp, architecture
 >{% include enterprise_label_shortform.md %}
 
 Docker Universal Control Plane (UCP) is a containerized application that runs on
-[Docker Enterprise Edition](/ee/index.md), extending its functionality
+[Docker Enterprise Edition](../index.md), extending its functionality
 to simplify the deployment, configuration, and monitoring of your applications at scale.
 
 UCP also secures Docker with role-based access control (RBAC) so that only authorized
@@ -29,14 +29,14 @@ UCP leverages the clustering and orchestration functionality provided by Docker.
 ![](images/ucp-architecture-2.svg){: .with-border}
 
 A swarm is a collection of nodes that are in the same Docker cluster.
-[Nodes](/engine/swarm/key-concepts.md) in a Docker swarm operate in one of two
+[Nodes](../../engine/swarm/key-concepts.md) in a Docker swarm operate in one of two
 modes: manager or worker. If nodes are not already running in a swarm when
 installing UCP, nodes will be configured to run in swarm mode.
 
 When you deploy UCP, it starts running a globally scheduled service called
 `ucp-agent`. This service monitors the node where it's running and starts
 and stops UCP services, based on whether the node is a
-[manager or a worker node](/engine/swarm/key-concepts.md).
+[manager or a worker node](../../engine/swarm/key-concepts.md).
 
 If the node is a:
 

ee/ucp/user-access/cli.md

@@ -194,4 +194,4 @@ to [build command documentation](/engine/reference/commandline/build/) and
 
 ## Where to go next
 
-- [Deploy a service](../swarm.md)
+- [Deploy a service](../swarm/index.md)

ee/ucp/user-access/kubectl.md

@@ -18,7 +18,7 @@ To access the UCP cluster with kubectl, install the [UCP client bundle](cli.md).
 > Docker Desktop for Mac and Docker Desktop for Windows provide a standalone Kubernetes server that
 > runs on your development machine, with kubectl installed by default. This installation is
 > separate from the Kubernetes deployment on a UCP cluster.
-> Learn how to [deploy to Kubernetes on Docker Desktop for Mac](/docker-for-mac/kubernetes.md).
+> Learn how to [deploy to Kubernetes on Docker Desktop for Mac](../../../docker-for-mac/kubernetes.md).
 {: .important}
 
 ## Install the kubectl binary
@@ -119,5 +119,5 @@ See [initialize Helm and install Tiller](https://helm.sh/docs/using_helm/#initia
 
 ## Where to go next
 
-- [Deploy a workload to a Kubernetes cluster](../kubernetes.md)
-- [Deploy to Kubernetes on Docker Desktop for Mac](/docker-for-mac/kubernetes.md)
+- [Deploy a workload to a Kubernetes cluster](../kubernetes/index.md)
+- [Deploy to Kubernetes on Docker Desktop for Mac](../../../docker-for-mac/kubernetes.md)

ee/upgrade.md

@@ -28,7 +28,7 @@ space exhaustion and associated application downtime.
 
 ## Create a backup
 
-Before upgrading Docker Engine - Enterprise, you should make sure you [create a backup](backup.md).
+Before upgrading Docker Engine - Enterprise, you should make sure you [create a backup](admin/backup/index.md).
 This makes it possible to recover if anything goes wrong during the upgrade.
 
 ## Check the compatibility matrix
@@ -86,7 +86,7 @@ Swarm mode and deploying your workloads as Docker services. That way you can
 drain the nodes of any workloads before starting the upgrade.
 
 If you have workloads running as containers as opposed to swarm services,
-make sure they are configured with a [restart policy](/engine/admin/start-containers-automatically/).
+make sure they are configured with a [restart policy](../config/containers/start-containers-automatically.md).
 This ensures that your containers are started automatically after the upgrade.
 
 To ensure that workloads running as Swarm services have no downtime, you need to:
@@ -232,14 +232,14 @@ If any worker nodes were drained, they can be undrained again by setting `--avai
 ## Upgrade UCP
 
 Once you've upgraded the Docker Engine - Enterprise running on all the nodes,
-[upgrade UCP](/ee/ucp/admin/install/upgrade.md).
+[upgrade UCP](ucp/admin/install/upgrade.md).
 
 ## Upgrade DTR
 
-After you upgrade Docker Engine - Enterprise and UCP, [upgrade DTR](/ee/dtr/admin/upgrade.md).
+After you upgrade Docker Engine - Enterprise and UCP, [upgrade DTR](dtr/admin/upgrade.md).
 
 After the DTR upgrade is finished, the Docker Enterprise upgrade is complete.
 
 ## Where to go next
 
-- [Backup Docker EE](backup.md)
+- [Backup Docker EE](admin/backup/index.md)