From a83dc18d93efe0e92940f41fe13b17699da064a3 Mon Sep 17 00:00:00 2001
From: Anne Henmi <anne.henmi@docker.com>
Date: Fri, 21 Sep 2018 15:40:39 -0600
Subject: [PATCH 01/27] initial FIPS edits.

---
 install/linux/docker-ee/rhel.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index c96a9c2e31..9a21207956 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -44,6 +44,12 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
 
 - [Device Mapper](/storage/storagedriver/device-mapper-driver/){: target="_blank" class="_" }: On production systems using `devicemapper`, you must use `direct-lvm` mode, which requires one or more dedicated block devices. Fast storage such as solid-state media (SSD) is recommended. Do not start Docker until properly configured per the [storage guide](/storage/storagedriver/device-mapper-driver/){: target="_blank" class="_" }.
 
+### FIPS 140-2 support
+
+With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS will be automatically enabled in the Docker engine.
+
+**NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FISP-140-2. 
+
 ### Find your Docker EE repo URL
 
 {% include ee-linux-install-reuse.md section="find-ee-repo-url" %}

From b61e11f41d8bbfde31af1176384dac2732c422b5 Mon Sep 17 00:00:00 2001
From: Anne Henmi <anne.henmi@docker.com>
Date: Mon, 24 Sep 2018 08:01:59 -0600
Subject: [PATCH 02/27] Created instructions for adding or removing FIPS
 support in RHEL.

---
 install/linux/docker-ee/rhel.md | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index 9a21207956..d76df2117e 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -44,12 +44,27 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
 
 - [Device Mapper](/storage/storagedriver/device-mapper-driver/){: target="_blank" class="_" }: On production systems using `devicemapper`, you must use `direct-lvm` mode, which requires one or more dedicated block devices. Fast storage such as solid-state media (SSD) is recommended. Do not start Docker until properly configured per the [storage guide](/storage/storagedriver/device-mapper-driver/){: target="_blank" class="_" }.
 
-### FIPS 140-2 support
+### FIPS 140-2 cryptographic module support
 
 With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS will be automatically enabled in the Docker engine.
 
 **NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FISP-140-2. 
 
+To force FIPS-140-2 compliance with the Docker EE engine, do the following:
+
+Create a file called `/etc/systemd/system/docker.service.d/fips-module`. It needs to contain the following:
+
+```
+[Service]
+Environment="DOCKER_FIPS=1"
+```
+
+Restart the Docker service as root.
+
+`$ sudo service dockerd restart`
+
+**NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0" in the `/etc/systemd/system/docker.service.d/fips-module`.
+
 ### Find your Docker EE repo URL
 
 {% include ee-linux-install-reuse.md section="find-ee-repo-url" %}

From 346d5b01c0e18014487ccabd73d9806773700c27 Mon Sep 17 00:00:00 2001
From: Anne Henmi <anne.henmi@docker.com>
Date: Mon, 24 Sep 2018 08:03:49 -0600
Subject: [PATCH 03/27] Fixed typo

---
 install/linux/docker-ee/rhel.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index d76df2117e..d20c3ffb9d 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -63,7 +63,7 @@ Restart the Docker service as root.
 
 `$ sudo service dockerd restart`
 
-**NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0" in the `/etc/systemd/system/docker.service.d/fips-module`.
+**NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0` in the `/etc/systemd/system/docker.service.d/fips-module`.
 
 ### Find your Docker EE repo URL
 

From 7b76b1eaa93a158539119a537a081839261390ea Mon Sep 17 00:00:00 2001
From: Anne Henmi <anne.henmi@docker.com>
Date: Mon, 24 Sep 2018 08:05:20 -0600
Subject: [PATCH 04/27] Fixed wording.

---
 install/linux/docker-ee/rhel.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index d20c3ffb9d..c200770da8 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -46,7 +46,7 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
 
 ### FIPS 140-2 cryptographic module support
 
-With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS will be automatically enabled in the Docker engine.
+With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 
 **NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FISP-140-2. 
 

From b12fb0257861b94528345a2353e529822e610817 Mon Sep 17 00:00:00 2001
From: Anne Henmi <anne.henmi@docker.com>
Date: Tue, 25 Sep 2018 12:46:10 -0600
Subject: [PATCH 05/27] Added Windows information and `docker info` output to
 both RHEL and Windows.

---
 install/linux/docker-ee/rhel.md |  8 ++++++++
 install/windows/docker-ee.md    | 35 ++++++++++++++++++++++++++++-----
 2 files changed, 38 insertions(+), 5 deletions(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index c200770da8..8b05f1fba8 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -63,6 +63,14 @@ Restart the Docker service as root.
 
 `$ sudo service dockerd restart`
 
+To confirm Docker is running with FIPS-140-2 enabled, run the `docker info` command:
+
+```
+Labels:
+
+ com.docker.security.fips=enabled
+```
+
 **NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0` in the `/etc/systemd/system/docker.service.d/fips-module`.
 
 ### Find your Docker EE repo URL
diff --git a/install/windows/docker-ee.md b/install/windows/docker-ee.md
index ded7eaae94..51ed9b8a22 100644
--- a/install/windows/docker-ee.md
+++ b/install/windows/docker-ee.md
@@ -9,11 +9,7 @@ redirect_from:
 
 {% capture filename %}{{ page.win_latest_build }}.zip{% endcapture %} {% capture download_url %}https://download.docker.com/components/engine/windows-server/{{ site.docker_ee_version }}/{{ filename }}{% endcapture %}
 
-Docker Enterprise Edition for Windows Server (*Docker EE*) enables native
-Docker containers on Windows Server. Windows Server 2016 and later versions are supported. The Docker EE installation package
-includes everything you need to run Docker on Windows Server.
-This topic describes pre-install considerations, and how to download and
-install Docker EE.
+Docker Enterprise Edition for Windows Server (*Docker EE*) enables native Docker containers on Windows Server. Windows Server 2016 and later versions are supported. The Docker EE installation package includes everything you need to run Docker on Windows Server.  This topic describes pre-install considerations, and how to download and install Docker EE.
 
 > Release notes
 >
@@ -73,6 +69,35 @@ sconfig
 
 Select option `6) Download and Install Updates`.
 
+
+### FIPS 140-2 cryptographic module support
+
+With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS support in Windows XXX. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
+
+**NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FISP-140-2.
+
+To force FIPS-140-2 compliance with the Docker EE engine, do the following in PowerShell:
+
+```
+[System.Environment]::SetEnvironmentVariable("DOCKER_FIPS", "1", "Machine") 
+```
+
+Restart the Docker service by running the following command.
+
+```
+net stop docker
+net start docker
+```
+
+To confirm Docker is running with FIPS-140-2 enabled, run the `docker info` command:
+
+```
+Labels:                                                                                                                         
+ com.docker.security.fips=enabled 
+```
+
+**NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `"DOCKER_FIPS","0"` in the `[System.Environment]`.`
+
 ## Use a script to install Docker EE
 
 Use the following steps when you want to install manually, script automated

From 35982be0e41512463cea7bdc608fe3b35d9ad49c Mon Sep 17 00:00:00 2001
From: Anne Henmi <anne.henmi@docker.com>
Date: Tue, 25 Sep 2018 13:06:02 -0600
Subject: [PATCH 06/27] Fixed Windows veriosn

---
 install/windows/docker-ee.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/windows/docker-ee.md b/install/windows/docker-ee.md
index 51ed9b8a22..e199fc33fb 100644
--- a/install/windows/docker-ee.md
+++ b/install/windows/docker-ee.md
@@ -72,7 +72,7 @@ Select option `6) Download and Install Updates`.
 
 ### FIPS 140-2 cryptographic module support
 
-With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS support in Windows XXX. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
+With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS support in Windows Server 2016. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 
 **NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FISP-140-2.
 

From 4111b2e5f7321f39af1a87bd047171c5d5bac6c6 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Tue, 25 Sep 2018 13:09:46 -0600
Subject: [PATCH 07/27] Update rhel.md

---
 install/linux/docker-ee/rhel.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index 8b05f1fba8..07e19e3c31 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -48,7 +48,7 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
 
 With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 
-**NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FISP-140-2. 
+**NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS-140-2. 
 
 To force FIPS-140-2 compliance with the Docker EE engine, do the following:
 

From fa8353cd3143dce766081c7047a3a34f58a37aa2 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Tue, 25 Sep 2018 17:51:00 -0600
Subject: [PATCH 08/27] Update rhel.md

---
 install/linux/docker-ee/rhel.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index 07e19e3c31..7b7a5ba8f8 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -46,11 +46,13 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
 
 ### FIPS 140-2 cryptographic module support
 
-With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
+(Federal Information Processing Standards (FIPS) Publication 140-2[https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf] is a United States Federal security requirement for cryptographic modules. 
+
+With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS 140-2 support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 
 **NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS-140-2. 
 
-To force FIPS-140-2 compliance with the Docker EE engine, do the following:
+To enable FIPS-140-2 compliance on a system that is not in FIPS mode, do the following:
 
 Create a file called `/etc/systemd/system/docker.service.d/fips-module`. It needs to contain the following:
 

From c20652b1c97b43fbf1b551fdf1dd8b7f567a4e01 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Tue, 25 Sep 2018 17:52:02 -0600
Subject: [PATCH 09/27] Update rhel.md

---
 install/linux/docker-ee/rhel.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index 7b7a5ba8f8..12d7bde0cd 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -46,13 +46,13 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
 
 ### FIPS 140-2 cryptographic module support
 
-(Federal Information Processing Standards (FIPS) Publication 140-2[https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf] is a United States Federal security requirement for cryptographic modules. 
+(Federal Information Processing Standards (FIPS) Publication 140-2)[https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf] is a United States Federal security requirement for cryptographic modules. 
 
 With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS 140-2 support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 
 **NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS-140-2. 
 
-To enable FIPS-140-2 compliance on a system that is not in FIPS mode, do the following:
+To enable FIPS 140-2 compliance on a system that is not in FIPS 140-2 mode, do the following:
 
 Create a file called `/etc/systemd/system/docker.service.d/fips-module`. It needs to contain the following:
 
@@ -73,7 +73,7 @@ Labels:
  com.docker.security.fips=enabled
 ```
 
-**NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0` in the `/etc/systemd/system/docker.service.d/fips-module`.
+**NOTE:** If the system has the FIPS 140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS 140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0` in the `/etc/systemd/system/docker.service.d/fips-module`.
 
 ### Find your Docker EE repo URL
 

From 4c259f1f3bff419586be356dbbe9e9ac6d28c8b8 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Tue, 25 Sep 2018 17:53:23 -0600
Subject: [PATCH 10/27] Update rhel.md

fixed hyperlink
---
 install/linux/docker-ee/rhel.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index 12d7bde0cd..bfad5982b9 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -46,7 +46,7 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
 
 ### FIPS 140-2 cryptographic module support
 
-(Federal Information Processing Standards (FIPS) Publication 140-2)[https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf] is a United States Federal security requirement for cryptographic modules. 
+[Federal Information Processing Standards (FIPS) Publication 140-2](https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf) is a United States Federal security requirement for cryptographic modules. 
 
 With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS 140-2 support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 

From 981f9eeb99971d25d4da153c51e718325f3bc3b2 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Tue, 25 Sep 2018 17:57:54 -0600
Subject: [PATCH 11/27] Update docker-ee.md

Incorporated @justincormack and @ddeyo's feedback
---
 install/windows/docker-ee.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/install/windows/docker-ee.md b/install/windows/docker-ee.md
index e199fc33fb..dd1b362128 100644
--- a/install/windows/docker-ee.md
+++ b/install/windows/docker-ee.md
@@ -72,11 +72,13 @@ Select option `6) Download and Install Updates`.
 
 ### FIPS 140-2 cryptographic module support
 
-With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS support in Windows Server 2016. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
+[Federal Information Processing Standards (FIPS) Publication 140-2](https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf) is a United States Federal security requirement for cryptographic modules.
 
-**NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FISP-140-2.
+With Docker EE Basic license for versions 18.09 and later, Docker provides FIPS 140-2 support in Windows Server 2016. This includes a FIPS support cryptographic module. If the Windows implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 
-To force FIPS-140-2 compliance with the Docker EE engine, do the following in PowerShell:
+**NOTE:** FIPS 140-2 is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS 140-2.
+
+If the Windows implementation already has FIPS support enabled, do the following in PowerShell:
 
 ```
 [System.Environment]::SetEnvironmentVariable("DOCKER_FIPS", "1", "Machine") 

From 6411c478b71ee4801072bdd69e9caa29532329e8 Mon Sep 17 00:00:00 2001
From: Anne Henmi <anne.henmi@docker.com>
Date: Tue, 2 Oct 2018 09:42:45 -0600
Subject: [PATCH 12/27] Fixed docker info command output.

---
 install/linux/docker-ee/rhel.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index 8b05f1fba8..32f259d44e 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -66,9 +66,8 @@ Restart the Docker service as root.
 To confirm Docker is running with FIPS-140-2 enabled, run the `docker info` command:
 
 ```
-Labels:
-
- com.docker.security.fips=enabled
+$ docker info --format '{{ .SecurityOptions }}'
+[name=selinux name=fips]
 ```
 
 **NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0` in the `/etc/systemd/system/docker.service.d/fips-module`.

From 7d80bd020243fe7b3e142df2e3c9048abdb35602 Mon Sep 17 00:00:00 2001
From: Anne Henmi <anne.henmi@docker.com>
Date: Wed, 3 Oct 2018 14:03:10 -0600
Subject: [PATCH 13/27] Included updates from
 https://github.com/docker/docker-core-backlog/issues/375.

---
 engine/swarm/join-nodes.md      |  4 ++++
 install/linux/docker-ee/rhel.md | 15 ++++++++++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/engine/swarm/join-nodes.md b/engine/swarm/join-nodes.md
index f1e06bb80f..2cc6d95051 100644
--- a/engine/swarm/join-nodes.md
+++ b/engine/swarm/join-nodes.md
@@ -26,6 +26,10 @@ the `docker swarm join` command. The node only uses the token at join time. If
 you subsequently rotate the token, it doesn't affect existing swarm nodes. Refer
 to [Run Docker Engine in swarm mode](swarm-mode.md#view-the-join-command-or-update-a-swarm-join-token).
 
+**NOTE:** Docker allows a non-FIPS enabled worker or manager nodes to a FIPS-enabled 
+swarm cluster. This can cause issues with upgrading a swarm if nodes are FIPS-enabled and other 
+nodes are not FIPS-enabled.
+
 ## Join as a worker node
 
 To retrieve the join command including the join token for worker nodes, run the
diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index 0be5a511d9..8b4f529821 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -50,6 +50,13 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
 
 With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS 140-2 support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 
+To verify the FIPS-140-2 module is enabled in the Linux kernel, confirm the file `/proc/sys/crypto/fips_enabled` contains `1`.
+
+```
+$ cat /proc/sys/crypto/fips_enabled
+1
+```
+
 **NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS-140-2. 
 
 To enable FIPS 140-2 compliance on a system that is not in FIPS 140-2 mode, do the following:
@@ -72,7 +79,13 @@ $ docker info --format '{{ .SecurityOptions }}'
 [name=selinux name=fips]
 ```
 
-**NOTE:** If the system has the FIPS 140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS 140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0` in the `/etc/systemd/system/docker.service.d/fips-module`.
+### Disabling FIPS-140-2 
+
+If the system has the FIPS 140-2 cryptographic module installed on the operating system, 
+it is possible to disable FIPS-140-2 compliance. 
+
+To disable FIPS 140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0` 
+in the `/etc/systemd/system/docker.service.d/fips-module`.
 
 ### Find your Docker EE repo URL
 

From 36d6a8e85fb473db42d6ccacfb4519ffacaf24ba Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Thu, 4 Oct 2018 19:24:56 -0600
Subject: [PATCH 14/27] Update rhel.md

incorporated @davidwilliamson's feedback.
---
 install/linux/docker-ee/rhel.md | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index 8b4f529821..87b857788a 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -50,10 +50,10 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
 
 With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS 140-2 support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 
-To verify the FIPS-140-2 module is enabled in the Linux kernel, confirm the file `/proc/sys/crypto/fips_enabled` contains `1`.
+To verify the FIPS-140-2 module is enabled in the Linux kernel, confirm the file `/proc/sys/crypto/fips_enabled.conf` contains `1`.
 
 ```
-$ cat /proc/sys/crypto/fips_enabled
+$ cat /proc/sys/crypto/fips_enabled.conf
 1
 ```
 
@@ -61,13 +61,17 @@ $ cat /proc/sys/crypto/fips_enabled
 
 To enable FIPS 140-2 compliance on a system that is not in FIPS 140-2 mode, do the following:
 
-Create a file called `/etc/systemd/system/docker.service.d/fips-module`. It needs to contain the following:
+Create a file called `/etc/systemd/system/docker.service.d/fips-module.conf`. It needs to contain the following:
 
 ```
 [Service]
 Environment="DOCKER_FIPS=1"
 ```
 
+Reload the Docker configuration to systemd.
+
+`$ sudo systemctl daemon-reload`
+
 Restart the Docker service as root.
 
 `$ sudo service dockerd restart`
@@ -85,7 +89,15 @@ If the system has the FIPS 140-2 cryptographic module installed on the operating
 it is possible to disable FIPS-140-2 compliance. 
 
 To disable FIPS 140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0` 
-in the `/etc/systemd/system/docker.service.d/fips-module`.
+in the `/etc/systemd/system/docker.service.d/fips-module.conf`.
+
+Reload the Docker configuration to systemd.
+
+`$ sudo systemctl daemon-reload`
+
+Restart the Docker service as root.
+
+`$ sudo service dockerd restart`
 
 ### Find your Docker EE repo URL
 

From 27446f1fba9de3ac10daef631752ad0640643806 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Thu, 4 Oct 2018 19:29:09 -0600
Subject: [PATCH 15/27] Update join-nodes.md

Fixed @justincormack's clarification on running a mixed-FIPS environment.
---
 engine/swarm/join-nodes.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/engine/swarm/join-nodes.md b/engine/swarm/join-nodes.md
index 2cc6d95051..eafeb8c93d 100644
--- a/engine/swarm/join-nodes.md
+++ b/engine/swarm/join-nodes.md
@@ -27,8 +27,9 @@ you subsequently rotate the token, it doesn't affect existing swarm nodes. Refer
 to [Run Docker Engine in swarm mode](swarm-mode.md#view-the-join-command-or-update-a-swarm-join-token).
 
 **NOTE:** Docker allows a non-FIPS enabled worker or manager nodes to a FIPS-enabled 
-swarm cluster. This can cause issues with upgrading a swarm if nodes are FIPS-enabled and other 
-nodes are not FIPS-enabled.
+swarm cluster. 
+
+While a mixed-FIPS environment makes upgrading or changing status easier, Docker recommends not running a mixed-FIPS environment in production.
 
 ## Join as a worker node
 

From ea9f629d9325616d4063abb2d4563f46819111d7 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Fri, 5 Oct 2018 08:04:57 -0600
Subject: [PATCH 16/27] Update docker-ee.md

included @davidwilliamson's feedback.
---
 install/windows/docker-ee.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/windows/docker-ee.md b/install/windows/docker-ee.md
index dd1b362128..9dd46a48fb 100644
--- a/install/windows/docker-ee.md
+++ b/install/windows/docker-ee.md
@@ -91,11 +91,11 @@ net stop docker
 net start docker
 ```
 
-To confirm Docker is running with FIPS-140-2 enabled, run the `docker info` command:
+To confirm Docker is running with FIPS-140-2 enabled, the `docker info` command needs to include the following:
 
 ```
-Labels:                                                                                                                         
- com.docker.security.fips=enabled 
+Security Options:
+ fips
 ```
 
 **NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `"DOCKER_FIPS","0"` in the `[System.Environment]`.`

From 7c6f4efc909e1ca7b66a676aca4292c4f5b4a6b3 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Fri, 5 Oct 2018 10:46:36 -0600
Subject: [PATCH 17/27] Update rhel.md

Fixed @justincormack's wording.
---
 install/linux/docker-ee/rhel.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index 87b857788a..c6d757011c 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -48,7 +48,7 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
 
 [Federal Information Processing Standards (FIPS) Publication 140-2](https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf) is a United States Federal security requirement for cryptographic modules. 
 
-With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS 140-2 support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
+With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS 140-2 support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS supported cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 
 To verify the FIPS-140-2 module is enabled in the Linux kernel, confirm the file `/proc/sys/crypto/fips_enabled.conf` contains `1`.
 

From 037710693e1ca6e244fd1afef5663a41a76d64a7 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Fri, 5 Oct 2018 11:14:36 -0600
Subject: [PATCH 18/27] Update docker-ee.md

Fixed @justincormack's comments with @davidwilliamson's help. Thank you :)
---
 install/windows/docker-ee.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/install/windows/docker-ee.md b/install/windows/docker-ee.md
index 9dd46a48fb..ae9e36c65d 100644
--- a/install/windows/docker-ee.md
+++ b/install/windows/docker-ee.md
@@ -78,7 +78,7 @@ With Docker EE Basic license for versions 18.09 and later, Docker provides FIPS
 
 **NOTE:** FIPS 140-2 is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS 140-2.
 
-If the Windows implementation already has FIPS support enabled, do the following in PowerShell:
+To enable FIPS 140-2 compliance on a system that is not in FIPS 140-2 mode, do the following in PowerShell:
 
 ```
 [System.Environment]::SetEnvironmentVariable("DOCKER_FIPS", "1", "Machine") 
@@ -91,11 +91,11 @@ net stop docker
 net start docker
 ```
 
-To confirm Docker is running with FIPS-140-2 enabled, the `docker info` command needs to include the following:
+To confirm Docker is running with FIPS-140-2 enabled, run the `docker info` command:
 
 ```
-Security Options:
- fips
+Labels:    
+ com.docker.security.fips=enabled 
 ```
 
 **NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `"DOCKER_FIPS","0"` in the `[System.Environment]`.`

From 432984c74d5f2e136349a72d9fd7ee719b57f1c0 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Wed, 10 Oct 2018 10:43:02 -0600
Subject: [PATCH 19/27] Update join-nodes.md

---
 engine/swarm/join-nodes.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/engine/swarm/join-nodes.md b/engine/swarm/join-nodes.md
index eafeb8c93d..9ef407b14a 100644
--- a/engine/swarm/join-nodes.md
+++ b/engine/swarm/join-nodes.md
@@ -29,7 +29,7 @@ to [Run Docker Engine in swarm mode](swarm-mode.md#view-the-join-command-or-upda
 **NOTE:** Docker allows a non-FIPS enabled worker or manager nodes to a FIPS-enabled 
 swarm cluster. 
 
-While a mixed-FIPS environment makes upgrading or changing status easier, Docker recommends not running a mixed-FIPS environment in production.
+While a mixed FIPS environment makes upgrading or changing status easier, Docker recommends not running a mixed-FIPS environment in production.
 
 ## Join as a worker node
 

From 03e3c4dd5187c34fb22de1b15d514c9053ceaf03 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Wed, 10 Oct 2018 10:43:49 -0600
Subject: [PATCH 20/27] Update join-nodes.md

---
 engine/swarm/join-nodes.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/engine/swarm/join-nodes.md b/engine/swarm/join-nodes.md
index 9ef407b14a..e697f3fad6 100644
--- a/engine/swarm/join-nodes.md
+++ b/engine/swarm/join-nodes.md
@@ -4,7 +4,7 @@ keywords: guide, swarm mode, node
 title: Join nodes to a swarm
 ---
 
-When you first create a swarm, you place a single Docker Engine (Engine) into
+When you first create a swarm, you place a single Docker Engine into
 swarm mode. To take full advantage of swarm mode you can add nodes to the swarm:
 
 * Adding worker nodes increases capacity. When you deploy a service to a swarm,

From 7de1b2033e465a20404f0225c9e06e619975bf8a Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Wed, 10 Oct 2018 10:49:01 -0600
Subject: [PATCH 21/27] Update join-nodes.md

Added beta tag.
---
 engine/swarm/join-nodes.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/engine/swarm/join-nodes.md b/engine/swarm/join-nodes.md
index e697f3fad6..5f2a6a8062 100644
--- a/engine/swarm/join-nodes.md
+++ b/engine/swarm/join-nodes.md
@@ -4,6 +4,10 @@ keywords: guide, swarm mode, node
 title: Join nodes to a swarm
 ---
 
+> BETA DISCLAIMER
+>
+> This is beta content. It is not yet complete and should be considered a work in progress. This content is subject to change without notice.
+
 When you first create a swarm, you place a single Docker Engine into
 swarm mode. To take full advantage of swarm mode you can add nodes to the swarm:
 

From b2e60b1f60e4e24691167b1df40f82e6b869c01a Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Wed, 10 Oct 2018 10:49:22 -0600
Subject: [PATCH 22/27] Update rhel.md

Added beta tag.
---
 install/linux/docker-ee/rhel.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index c6d757011c..1076777eae 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -9,6 +9,10 @@ redirect_from:
 title: Get Docker EE for Red Hat Enterprise Linux
 ---
 
+> BETA DISCLAIMER
+>
+> This is beta content. It is not yet complete and should be considered a work in progress. This content is subject to change without notice.
+
 {% assign linux-dist = "rhel" %}
 {% assign linux-dist-cap = "RHEL" %}
 {% assign linux-dist-url-slug = "rhel" %}

From b5a96e0aac6c3117d06ee9ae80bb1f310c60675b Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Wed, 10 Oct 2018 10:50:15 -0600
Subject: [PATCH 23/27] Update docker-ee.md

Added beta tag
---
 install/windows/docker-ee.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/windows/docker-ee.md b/install/windows/docker-ee.md
index ae9e36c65d..b63ddb86aa 100644
--- a/install/windows/docker-ee.md
+++ b/install/windows/docker-ee.md
@@ -7,6 +7,10 @@ redirect_from:
 - /engine/installation/windows/docker-ee/
 ---
 
+> BETA DISCLAIMER
+>
+> This is beta content. It is not yet complete and should be considered a work in progress. This content is subject to change without notice.
+
 {% capture filename %}{{ page.win_latest_build }}.zip{% endcapture %} {% capture download_url %}https://download.docker.com/components/engine/windows-server/{{ site.docker_ee_version }}/{{ filename }}{% endcapture %}
 
 Docker Enterprise Edition for Windows Server (*Docker EE*) enables native Docker containers on Windows Server. Windows Server 2016 and later versions are supported. The Docker EE installation package includes everything you need to run Docker on Windows Server.  This topic describes pre-install considerations, and how to download and install Docker EE.

From fc9fdb01ac5e2aab0566e34b0469dd7354e3fbae Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Mon, 15 Oct 2018 15:07:45 -0600
Subject: [PATCH 24/27] Update join-nodes.md

Added in @andrewhsu's feedback.
---
 engine/swarm/join-nodes.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/engine/swarm/join-nodes.md b/engine/swarm/join-nodes.md
index 5f2a6a8062..6b894314c9 100644
--- a/engine/swarm/join-nodes.md
+++ b/engine/swarm/join-nodes.md
@@ -30,8 +30,7 @@ the `docker swarm join` command. The node only uses the token at join time. If
 you subsequently rotate the token, it doesn't affect existing swarm nodes. Refer
 to [Run Docker Engine in swarm mode](swarm-mode.md#view-the-join-command-or-update-a-swarm-join-token).
 
-**NOTE:** Docker allows a non-FIPS enabled worker or manager nodes to a FIPS-enabled 
-swarm cluster. 
+**NOTE:** Docker engine allows a non-FIPS node join to a FIPS-enabled swarm cluster. 
 
 While a mixed FIPS environment makes upgrading or changing status easier, Docker recommends not running a mixed-FIPS environment in production.
 

From 1e91176d27dc03fbc2bd122003d80dd581cac312 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Mon, 15 Oct 2018 15:09:11 -0600
Subject: [PATCH 25/27] Update rhel.md

Incorporated @andrewhsu's feedback.
---
 install/linux/docker-ee/rhel.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/linux/docker-ee/rhel.md b/install/linux/docker-ee/rhel.md
index 1076777eae..686e3faafc 100644
--- a/install/linux/docker-ee/rhel.md
+++ b/install/linux/docker-ee/rhel.md
@@ -78,7 +78,7 @@ Reload the Docker configuration to systemd.
 
 Restart the Docker service as root.
 
-`$ sudo service dockerd restart`
+`$ sudo systemctl restart docker`
 
 To confirm Docker is running with FIPS-140-2 enabled, run the `docker info` command:
 
@@ -101,7 +101,7 @@ Reload the Docker configuration to systemd.
 
 Restart the Docker service as root.
 
-`$ sudo service dockerd restart`
+`$ sudo systemctl restart docker`
 
 ### Find your Docker EE repo URL
 

From 69aa7d395d77b4aa50f046a9dcb292ce75fbe785 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Tue, 16 Oct 2018 08:55:58 -0600
Subject: [PATCH 26/27] Update join-nodes.md

Incorporated @JustinINevill's feedback.
---
 engine/swarm/join-nodes.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/engine/swarm/join-nodes.md b/engine/swarm/join-nodes.md
index 6b894314c9..c2a91d53ee 100644
--- a/engine/swarm/join-nodes.md
+++ b/engine/swarm/join-nodes.md
@@ -30,9 +30,9 @@ the `docker swarm join` command. The node only uses the token at join time. If
 you subsequently rotate the token, it doesn't affect existing swarm nodes. Refer
 to [Run Docker Engine in swarm mode](swarm-mode.md#view-the-join-command-or-update-a-swarm-join-token).
 
-**NOTE:** Docker engine allows a non-FIPS node join to a FIPS-enabled swarm cluster. 
+**NOTE:** Docker engine allows a non-FIPS node to join a FIPS-enabled swarm cluster. 
 
-While a mixed FIPS environment makes upgrading or changing status easier, Docker recommends not running a mixed-FIPS environment in production.
+While a mixed FIPS environment makes upgrading or changing status easier, Docker recommends not running a mixed FIPS environment in production.
 
 ## Join as a worker node
 

From 3a4d8ae20401dbc25d194809e32f2bfa20dea350 Mon Sep 17 00:00:00 2001
From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com>
Date: Tue, 16 Oct 2018 08:57:41 -0600
Subject: [PATCH 27/27] Update docker-ee.md

Incorporated @JustinINevill's feedback
---
 install/windows/docker-ee.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/windows/docker-ee.md b/install/windows/docker-ee.md
index b63ddb86aa..45471d02c4 100644
--- a/install/windows/docker-ee.md
+++ b/install/windows/docker-ee.md
@@ -78,7 +78,7 @@ Select option `6) Download and Install Updates`.
 
 [Federal Information Processing Standards (FIPS) Publication 140-2](https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf) is a United States Federal security requirement for cryptographic modules.
 
-With Docker EE Basic license for versions 18.09 and later, Docker provides FIPS 140-2 support in Windows Server 2016. This includes a FIPS support cryptographic module. If the Windows implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
+With Docker EE Basic license for versions 18.09 and later, Docker provides FIPS 140-2 support in Windows Server 2016. This includes a FIPS supported cryptographic module. If the Windows implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
 
 **NOTE:** FIPS 140-2 is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS 140-2.