Merge branch 'master' into spelling

_includes/ee-linux-install-reuse.md

@@ -116,6 +116,16 @@ You only need to set up the repository once, after which you can install Docker
 
 {% endif %}
 
+{% if linux-dist == "oraclelinux" %}
+
+5.  Enable the `ol7_addons` Oracle repository. This ensures access to the `container-selinux` package required by `docker-ee`.
+
+    ```bash
+    $ sudo yum-config-manager --enable ol7_addons
+    ```
+
+{% endif %}
+
 6.  Add the Docker EE **stable** repository:
 
     ```bash

_includes/install-script.md

@@ -42,20 +42,24 @@ $ curl -fsSL https://get.docker.com -o get-docker.sh
 $ sudo sh get-docker.sh
 
 <output truncated>
+```
 
 If you would like to use Docker as a non-root user, you should now consider
 adding your user to the "docker" group with something like:
 
+```bash
   sudo usermod -aG docker your-user
+```
 
 Remember to log out and back in for this to take effect!
 
-WARNING: Adding a user to the "docker" group grants the ability to run
-         containers which can be used to obtain root privileges on the
-         docker host.
-         Refer to https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
-         for more information.
-```
+> **Warning**:
+>
+> Adding a user to the "docker" group grants the ability to run containers
+> which can be used to obtain root privileges on the  docker host. Refer to
+> [Docker Daemon Attack Surface](https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface)
+> for more information.
+{:.warning}
 
 Docker CE is installed. It starts automatically on `DEB`-based distributions. On
 `RPM`-based distributions, you need to start it manually using the appropriate

_includes/kubernetes-mac-win.md

@@ -12,11 +12,12 @@ Usage: {% include kubernetes-mac-win.md platform="mac" %}
 {% if platform == "mac" %}
   {% assign product = "Docker for Mac" %}
 
-  {% capture min-version %}{{ product }} 17.12 CE Edge{% endcapture %}
+  {% capture min-version %}{{ product }} 17.12 CE{% endcapture %}
+  {% capture min-stable-version %}{{ product }} 18.06 CE{% endcapture %}
 
   {% capture version-caveat %}
-**Kubernetes is only available in {{ min-version }} and higher, on the Edge
-channel.** Kubernetes support is not included in Docker for Mac Stable releases.
+    **Kubernetes is only available in {{ min-version }} and higher on the Edge channel, and in {{ in-stable-version }} and higher in the Stable channel**
+
   {% endcapture %}
 
   {% capture local-kubectl-warning %}
@@ -32,11 +33,11 @@ channel.** Kubernetes support is not included in Docker for Mac Stable releases.
 {% elsif platform == "windows" %}
   {% assign product = "Docker for Windows" %}
 
-  {% capture min-version %}{{ product }} 18.02 CE Edge{% endcapture %}
+  {% capture min-version %}{{ product }} 18.02 CE{% endcapture %}
+  {% capture min-stable-version %}{{ product }} 18.06 CE{% endcapture %}
 
   {% capture version-caveat %}
-  **Kubernetes is only available in {{ min-version }}.** Kubernetes
-  support is not included in {{ product }} 18.02 CE Stable.
+  **Kubernetes is only available in {{ min-version }} and higher on the Edge channel, and in {{ in-stable-version }} and higher in the Stable channel**
   {% endcapture %}
 
   {% capture local-kubectl-warning %}

compose/aspnet-mssql-compose.md

@@ -55,8 +55,8 @@ configure this app to use our SQL Server database, and then create a
 
     This file defines how to build the web app image. It uses the
     [microsoft/aspnetcore-build](https://hub.docker.com/r/microsoft/aspnetcore-build/),
-    map the volume with the generated code, restore the dependencies, build the
-    project and expose port 80. After that, it calls an `entrypoint` script
+    maps the volume with the generated code, restores the dependencies, builds the
+    project and exposes port 80. After that, it calls an `entrypoint` script
     that we create in the next step.
 
 1.  The `Dockerfile` makes use of an entrypoint to your webapp Docker

compose/completion.md

@@ -29,7 +29,7 @@ On a Mac, add the following to your `~/.bash_profile`:
 
 ```shell
 if [ -f $(brew --prefix)/etc/bash_completion ]; then
-. $(brew --prefix)/etc/bash_completion
+    . $(brew --prefix)/etc/bash_completion
 fi
 ```
 

compose/startup-order.md

@@ -54,7 +54,7 @@ script:
     check. For example, you might want to wait until Postgres is definitely
     ready to accept commands:
 
-        #!/bin/bash
+        #!/bin/sh
         # wait-for-postgres.sh
 
         set -e

config/containers/logging/journald.md

@@ -57,7 +57,7 @@ driver options.
 | Option      | Required | Description                                                                                                                                                                                      |
 |:------------|:---------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | `tag`       | optional | Specify template to set `CONTAINER_TAG` and `SYSLOG_IDENTIFIER` value in journald logs. Refer to [log tag option documentation](/engine/admin/logging/log_tags/) to customize the log tag format |
-| `label`     | optional | Comma-separated list of keys of labels, which should be included in message, if these labels are specified for the container.                                                                    |
+| `labels`     | optional | Comma-separated list of keys of labels, which should be included in message, if these labels are specified for the container.                                                                    |
 | `env`       | optional | Comma-separated list of keys of environment variables, which should be included in message, if these variables are specified for the container.                                                  |
 | `env-regex` | optional | Similar to and compatible with env. A regular expression to match logging-related environment variables. Used for advanced [log tag options](/engine/admin/logging/log_tags/).                   |
 

config/containers/resource_constraints.md

@@ -9,7 +9,7 @@ keywords: "docker, daemon, configuration"
 
 By default, a container has no resource constraints and can use as much of a
 given resource as the host's kernel scheduler allows. Docker provides ways
-to control how much memory, CPU, or block IO a container can use, setting runtime
+to control how much memory, or CPU a container can use, setting runtime
 configuration flags of the `docker run` command. This section provides details
 on when you should set such limits and the possible implications of setting them.
 

datacenter/dtr/2.3/guides/user/create-promotion-policies.md

@@ -97,5 +97,5 @@ pipelines.
 Also, users don't need access to all repositories in the promotion pipeline.
 A repository admin can define the promotion policies, and only
 allow access to push to the first repository in that pipeline. Once users push
-to the fist repository, the image gets promoted to the other repositories as
+to the first repository, the image gets promoted to the other repositories as
 long as it satisfies the promotion policies.

datacenter/dtr/2.3/guides/user/manage-images/sign-images/index.md

@@ -47,7 +47,7 @@ need to do the same procedure for every one of them.
 ### Configure your Notary client
 
 Start by [configuring your Notary client](../../access-dtr/configure-your-notary-client.md).
-This ensures the Docker an Notary CLI clients know about your UCP private keys.
+This ensures the Docker and Notary CLI clients know about your UCP private keys.
 
 ### Initialize the trust metadata
 

docker-for-azure/release-notes.md

@@ -9,7 +9,7 @@ title: Docker for Azure Release Notes
 ## Enterprise Edition
 [Docker Enterprise Edition Lifecycle](https://success.docker.com/Policies/Maintenance_Lifecycle){: target="_blank"}<!--_-->
 
-[Deploy Docker Enterprise Edition (EE) for AWS](https://store.docker.com/editions/enterprise/docker-ee-aws?tab=description){: target="_blank" class="button outline-btn"}
+[Deploy Docker Enterprise Edition (EE) for Azure](https://store.docker.com/editions/enterprise/docker-ee-azure?tab=description){: target="_blank" class="button outline-btn"}
 
 ### 17.06 EE
 

docker-for-windows/edge-release-notes.md

@@ -18,6 +18,27 @@ for Windows](install.md#download-docker-for-windows).
 
 ## Edge Releases of 2018
 
+### Docker Community Edition 2.0.0.0-beta1-win75 2018-09-14
+
+[Download](https://download.docker.com/win/edge/19925/Docker%20for%20Windows%20Installer.exe)
+
+* Upgrades
+  - [Docker 18.09.0-ce-beta1](https://github.com/docker/docker-ce/releases/tag/v18.09.0-ce-beta1)
+  - Linux Kernel 4.9.125
+
+* New
+  - New version scheme
+
+* Deprecation
+  - Removed support of AUFS
+
+* Bug fixes and minor changes
+  - LCOW does not anymore need --platform flag on multi-arch images
+  - Better WCOW host.docker.internal resolution on host, don't rewrite it if not modified. From [docker/for-win#1976](https://github.com/docker/for-win/issues/1976)
+  - Disk size can now be ajusted from 32GiB to drive space.
+  - Fix dns update too verbose in logs
+  - Fix panic in diagnose
+
 ### Docker Community Edition 18.06.1-ce-win74 2018-08-29
 
 [Download](https://download.docker.com/win/edge/19508/Docker%20for%20Windows%20Installer.exe)

docker-for-windows/faqs.md

@@ -69,7 +69,7 @@ Do the following each time:
 4.  Install a different version of the app (Stable or Edge).
 
 
-### Feeback
+### Feedback
 #### What kind of feedback are we looking for?
 
 Everything is fair game. We'd like your impressions on the download-install

docker-for-windows/install.md

@@ -39,7 +39,7 @@ guarantees. For more information, see
 
 Looking for information on using Windows containers?
 
-* [Switch between Windows and Linux containers](index.md#switch-between-windows-and-linux-containers) describes the Linux / Windows containers toggle in Docker for Windows and points you to the tutorial mentioned above.
+* [Switch between Windows and Linux containers](https://docs.docker.com/docker-for-windows/#switch-between-windows-and-linux-containers) describes the Linux / Windows containers toggle in Docker for Windows and points you to the tutorial mentioned above.
 * [Getting Started with Windows Containers (Lab)](https://github.com/docker/labs/blob/master/windows/windows-containers/README.md)
 provides a tutorial on how to set up and run Windows containers on Windows 10 or
 with Windows Server 2016. It shows you how to use a MusicStore application with

docker-for-windows/networking.md

@@ -76,7 +76,7 @@ This is for development purpose and will not work in a production environment ou
 
 The gateway is also reachable as `gateway.docker.internal`.
 
-#### I want to connect to a container from the Windows
+#### I want to connect to a container from Windows
 
 Port forwarding works for `localhost`; `--publish`, `-p`, or `-P` all work.
 Ports exposed from Linux are forwarded to the host.

docker-hub/github.md

@@ -11,29 +11,28 @@ skip to [Creating an Automated Build](github.md#creating-an-automated-build).
 
 > *Note:*
 > Automated Builds currently require *read* and *write* access since
-> [Docker Hub](https://hub.docker.com) needs to set up a GitHub service
-> hook. We have no choice here, this is how GitHub manages permissions.
+> [Docker Hub](https://hub.docker.com) needs to set up a GitHub webhook.
+> We have no choice here – this is how GitHub manages permissions.
 > We do guarantee nothing else is touched in your account.
 
 To set up an Automated Build of a repository on GitHub, you need to
 link [Docker Hub](https://hub.docker.com/account/authorized-services/) to your
 GitHub account. This allows the registry to see your GitHub repositories.
 
-To add, remove or view your linked account, go to the "Linked Accounts &
-Services" section of your Hub profile "Settings".
+To add, remove or view your linked account, log in to your Docker Hub account. Select **Settings > Linked Accounts & Services**.
 
 ![authorized-services](images/authorized-services.png)
 
-When linking to GitHub, select either "Public and Private",
-or "Limited Access" linking.
+When linking to GitHub, select either ***Public and Private***,
+or ***Limited Access***.
 
 ![add-authorized-github-service.png](images/add-authorized-github-service.png)
 
-The "Public and Private" option is the easiest to use, as it grants the Docker
+The ***Public and Private*** option is the easiest to use, as it grants the Docker
 Hub full access to all of your repositories. GitHub also allows you to grant
 access to repositories belonging to your GitHub organizations.
 
-If you choose "Limited Access", Docker Hub only gets permission to access your
+If you choose ***Limited Access***, Docker Hub only gets permission to access your
 public data and public repositories.
 
 Follow the onscreen instructions to authorize and link your GitHub account to
@@ -43,30 +42,30 @@ which to create the Automatic Build.
 You can review and revoke Docker Hub's access by visiting the
 [GitHub User's Applications settings](https://github.com/settings/applications).
 
-> **Note**: If you delete the GitHub account linkage that is used for one of your
-> automated build repositories, the previously built images are still available.
+> **Note**: If you delete the connection to the GitHub account that is used for one of your
+> automated build repositories, previously built images are still available.
 > If you re-link to that GitHub account later, the automated build can be started
-> using the "Start Build" button on the Hub, or if the webhook on the GitHub repository
+> using the **Start Build** button on the Hub, or if the webhook on the GitHub repository
 > still exists, it is triggered by any subsequent commits.
 
-## Auto builds and limited linked GitHub accounts.
+## Auto builds and limited linked GitHub accounts
 
-If you selected to link your GitHub account with only a "Limited Access" link,
-then after creating your automated build, you need to either manually
-trigger a Docker Hub build using the "Start a Build" button, or add the GitHub
-webhook manually, as described in [GitHub Service
-Hooks](github.md#github-service-hooks). This only works for repositories
-under the user account, and adding an automated build to a public GitHub
-organization using a "Limited Access" link is not possible.
+If you chose ***Limited Access*** for your Github account connection, after creating your automated build,
+you will need to either:
+* Manually trigger a Docker Hub build using the **Start a Build** button, or 
+* Add the GitHub webhook manually, as described in [GitHub Webhook](github.md#github-webhook). 
+
+This only works for repositories under the user account, and adding an automated build to a public GitHub
+organization using a ***Limited Access*** link is not possible.
 
 ## Changing the GitHub user link
 
 If you want to remove, or change the level of linking between your GitHub
-account and the Docker Hub, you need to do this in two places.
+account and the Docker Hub, you need to make the change in two places.
 
-First, remove the "Linked Account" from your Docker Hub "Settings". Then go to
-your GitHub account's Personal settings, and in the "Applications" section,
-"Revoke access".
+First, remove the **Linked Account** from your Docker Hub **Settings**. Then go to
+your GitHub account's Personal settings, and in the **Applications** section,
+***Revoke access***.
 
 You can now re-link your account at any time.
 
@@ -76,20 +75,20 @@ GitHub organizations and private repositories forked from organizations are
 made available to auto build using the "Docker Hub Registry" application, which
 needs to be added to the organization - and then applies to all users.
 
-To check, or request access, go to your GitHub user's "Setting" page, select the
-"Applications" section from the left side bar, then click the "View" button for
+To check, or request access, go to your GitHub **Settings** page, select the
+**Applications** section from the left side bar, then click the **View** button for
 "Docker Hub Registry".
 
 ![Check User access to GitHub](images/gh-check-user-org-dh-app-access.png)
 
-The organization's administrators may need to go to the Organization's "Third
-party access" screen in "Settings" to grant or deny access to the Docker Hub
+The organization's administrators may need to go to the Organization's **Third
+party access** screen in **Settings** to grant or deny access to the Docker Hub
 Registry application. This change applies to all organization members.
 
 ![Check Docker Hub application access to Organization](images/gh-check-admin-org-dh-app-access.png)
 
 More detailed access controls to specific users and GitHub repositories can be
-managed using the GitHub "People and Teams" interfaces.
+managed using the GitHub **People and Teams** interfaces.
 
 ## Creating an Automated Build
 
@@ -178,26 +177,36 @@ build.
   </tbody>
 </table>
 
-## GitHub service hooks
+## GitHub webhook
 
-A GitHub Service hook allows GitHub to notify the Docker Hub when something has
+A GitHub webhook allows GitHub to notify the Docker Hub when something has
 been committed to a given git repository.
 
-When you create an Automated Build from a GitHub user that has full "Public and
-Private" linking, a Service Hook should get automatically added to your GitHub
+When you create an Automated Build from a GitHub user that has full **Public and
+Private** linking, a Service Hook should get automatically added to your GitHub
 repository.
 
-If your GitHub account link to the Docker Hub is "Limited Access", then you
-need to add the Service Hook manually.
+If your GitHub account link to the Docker Hub is **Limited Access**, then you
+need to add the webhook manually.
+
+To add, confirm, or modify the webhook, log in to GitHub, then navigate to
+the repository. Within the repository,  select **Settings > Webhooks**.
+You must have admin privileges on the repository to view or modify
+this setting. Click **Add webhook**, and use the following settings:
+
+
+| Field | Value |
+| ------|------ |
+| Payload URL | https://registry.hub.docker.com/hooks/github |
+| Content type | application/json |
+| Which events would you like to trigger this webhook? | Just the push event |
+| Active | checked |
+
+The image below shows the **Webhooks/Add webhook** form with the above settings reflected:
 
-To add, confirm, or modify the service hook, log in to GitHub, then navigate to
-the repository, click "Settings" (the gear), then select "Webhooks & Services".
-You must have Administrator privileges on the repository to view or modify
-this setting.
+![github-webhook-add](images/github-webhook-add.png)
 
-The image below shows the "Docker" Service Hook.
+If configured correctly, you'll see this in the **Webhooks** view
+![github-webhook](images/github-webhook.png)
 
-![bitbucket-hooks](images/github-side-hook.png)
 
-If you add the "Docker" service manually, make sure the "Active" checkbox is
-selected and click the "Update service" button to save your changes.

ee/get-support.md

@@ -18,8 +18,11 @@ If you're unable to submit a new case using the support page, fill in the
 company email address.
 
 Docker Support engineers may ask you to provide a UCP support dump, which is an
-archive that contains UCP system logs and diagnostic information. To obtain a
-support dump:
+archive that contains UCP system logs and diagnostic information. If a node is not joined to the cluster and healthy, the support dump from the web UI will not contain logs from the unhealthy node. For unhealthy nodes use the CLI to get a support dump.
+
+## Use the Web UI to get a support dump
+
+To get the support dump from the Web UI:
 
 1. Log into the UCP web UI with an administrator account.
 2. In the top-left menu, click your username and choose

ee/ucp/admin/configure/external-auth/index.md

@@ -141,6 +141,8 @@ Click **Yes** to enable integrating UCP users and teams with LDAP servers.
 | No simple pagination  | If your LDAP server doesn't support pagination.                                                                                                                           |
 | Just-In-Time User Provisioning | Whether to create user accounts only when users log in for the first time. The default value of `true` is recommended. If you upgraded from UCP 2.0.x, the default is `false`. |
 
+> **Note:** LDAP connections using certificates created with TLS v1.2 do not currently advertise support for sha512WithRSAEncryption in the TLS handshake which leads to issues establishing connections with some clients. Support for advertising sha512WithRSAEncryption will be added in UCP 3.1.0.  
+
 ![](../../../images/ldap-integration-1.png){: .with-border}
 
 Click **Confirm** to add your LDAP domain.