Fix order of headings (#1465)

* Fix 'title out of sequence' errors fixed Dockershim.md * fixed deprecated-features.md * fixed install-and-configure-kubectl.md * fixed rancher-is-no-longer-needed.md * fixed security.md * fixed technical-items.md + spacing, duplicate section, admonitions * fixed telemetry.md * fixed upgrades.md * fixed upgrade-kubernetes-without-upgrading-rancher.md * fixed air-gapped-upgrades.md * fixed dockershim.md * fixed docker-install-commands.md * fixed install-kubernetes.md * fixed infrastructure-private-registry.md * fixed install-rancher-ha * fixed manage-namespaces and tune-etcd-for-large-installs.md * fixed cis-scans/configuration-reference.md * fixed custom-benchmark.md * fixed supportconfig.md * fixed harvester/overview.md * fixed logging-architecture.md * fixed logging-helm-chart-options.md + rm'd unnecessary annotation title * fixed taints-and-tolerances.md * fixed longhorn/overview.md * fixed neuvector/overview.md * fixed monitoring-and-alerting * fixed rancher-cli.md * fixed cluster-configuration.md * fixed monitoring-v2-configuration/examples.md * fixed servicemonitors-and-podmonitors.md * fixed other-troubleshooting-tips/dns.md
rancher · Sep 18, 2024 · c869ea6 · c869ea6
1 parent 9f8e1a7
commit c869ea6
Show file tree

Hide file tree

Showing 191 changed files with 1,056 additions and 1,132 deletions.
diff --git a/docs/faq/deprecated-features.md b/docs/faq/deprecated-features.md
@@ -6,11 +6,11 @@ title: Deprecated Features in Rancher
   <link rel="canonical" href="https://ranchermanager.docs.rancher.com/faq/deprecated-features"/>
 </head>
 
-### What is Rancher's deprecation policy?
+## What is Rancher's deprecation policy?
 
 We have published our official deprecation policy in the support [terms of service](https://rancher.com/support-maintenance-terms).
 
-### Where can I find out which features have been deprecated in Rancher?
+## Where can I find out which features have been deprecated in Rancher?
 
 Rancher will publish deprecated features as part of the [release notes](https://github.com/rancher/rancher/releases) for Rancher found on GitHub. Please consult the following patch releases for deprecated features:
 
@@ -19,6 +19,6 @@ Rancher will publish deprecated features as part of the [release notes](https://
 | [2.9.1](https://github.com/rancher/rancher/releases/tag/v2.9.1) | Aug 26, 2024 |
 | [2.9.0](https://github.com/rancher/rancher/releases/tag/v2.9.0) | Jul 31, 2024 |
 
-### What can I expect when a feature is marked for deprecation?
+## What can I expect when a feature is marked for deprecation?
 
 In the release where functionality is marked as "Deprecated", it will still be available and supported allowing upgrades to follow the usual procedure. Once upgraded, users/admins should start planning to move away from the deprecated functionality before upgrading to the release it marked as removed. The recommendation for new deployments is to not use the deprecated feature.
diff --git a/docs/faq/dockershim.md b/docs/faq/dockershim.md
@@ -18,7 +18,7 @@ enable_cri_dockerd: true
 
 For users looking to use another container runtime, Rancher has the edge-focused K3s and datacenter-focused RKE2 Kubernetes distributions that use containerd as the default runtime. Imported RKE2 and K3s Kubernetes clusters can then be upgraded and managed through Rancher even after the removal of in-tree Dockershim in Kubernetes 1.24.
 
-### FAQ
+## FAQ
 
 <br/>
 

diff --git a/docs/faq/install-and-configure-kubectl.md b/docs/faq/install-and-configure-kubectl.md
@@ -8,11 +8,11 @@ title: Installing and Configuring kubectl
 
 `kubectl` is a CLI utility for running commands against Kubernetes clusters. It's required for many maintenance and administrative tasks in Rancher 2.x.
 
-### Installation
+## Installation
 
 See [kubectl Installation](https://kubernetes.io/docs/tasks/tools/install-kubectl/) for installation on your operating system.
 
-### Configuration
+## Configuration
 
 When you create a Kubernetes cluster with RKE, RKE creates a `kube_config_cluster.yml` in the local directory that contains credentials to connect to your new cluster with tools like `kubectl` or `helm`.
 

diff --git a/docs/faq/rancher-is-no-longer-needed.md b/docs/faq/rancher-is-no-longer-needed.md
@@ -9,19 +9,19 @@ title: Rancher is No Longer Needed
 This page is intended to answer questions about what happens if you don't want Rancher anymore, if you don't want a cluster to be managed by Rancher anymore, or if the Rancher server is deleted.
 
 
-### If the Rancher server is deleted, what happens to the workloads in my downstream clusters?
+## If the Rancher server is deleted, what happens to the workloads in my downstream clusters?
 
 If Rancher is ever deleted or unrecoverable, all workloads in the downstream Kubernetes clusters managed by Rancher will continue to function as normal.
 
-### If the Rancher server is deleted, how do I access my downstream clusters?
+## If the Rancher server is deleted, how do I access my downstream clusters?
 
 The capability to access a downstream cluster without Rancher depends on the type of cluster and the way that the cluster was created. To summarize:
 
 - **Registered clusters:** The cluster will be unaffected and you can access the cluster using the same methods that you did before the cluster was registered into Rancher.
 - **Hosted Kubernetes clusters:** If you created the cluster in a cloud-hosted Kubernetes provider such as EKS, GKE, or AKS, you can continue to manage the cluster using your provider's cloud credentials.
 - **RKE clusters:** To access an [RKE cluster,](../how-to-guides/new-user-guides/launch-kubernetes-with-rancher/launch-kubernetes-with-rancher.md) the cluster must have the [authorized cluster endpoint](../reference-guides/rancher-manager-architecture/communicating-with-downstream-user-clusters.md#4-authorized-cluster-endpoint) enabled, and you must have already downloaded the cluster's kubeconfig file from the Rancher UI. (The authorized cluster endpoint is enabled by default for RKE clusters.) With this endpoint, you can access your cluster with kubectl directly instead of communicating through the Rancher server's [authentication proxy.](../reference-guides/rancher-manager-architecture/communicating-with-downstream-user-clusters.md#1-the-authentication-proxy) For instructions on how to configure kubectl to use the authorized cluster endpoint, refer to the section about directly accessing clusters with [kubectl and the kubeconfig file.](../how-to-guides/new-user-guides/manage-clusters/access-clusters/use-kubectl-and-kubeconfig.md#authenticating-directly-with-a-downstream-cluster) These clusters will use a snapshot of the authentication as it was configured when Rancher was removed.
 
-### What if I don't want Rancher anymore?
+## What if I don't want Rancher anymore?
 
 :::note
 
@@ -44,7 +44,7 @@ If you installed Rancher with Docker, you can uninstall Rancher by removing the
 
 Imported clusters will not be affected by Rancher being removed. For other types of clusters, refer to the section on [accessing downstream clusters when Rancher is removed.](#if-the-rancher-server-is-deleted-how-do-i-access-my-downstream-clusters)
 
-### What if I don't want my registered cluster managed by Rancher?
+## What if I don't want my registered cluster managed by Rancher?
 
 If a registered cluster is deleted from the Rancher UI, the cluster is detached from Rancher, leaving it intact and accessible by the same methods that were used to access it before it was registered in Rancher.
 
@@ -56,7 +56,7 @@ To detach the cluster,
 
 **Result:** The registered cluster is detached from Rancher and functions normally outside of Rancher.
 
-### What if I don't want my RKE cluster or hosted Kubernetes cluster managed by Rancher?
+## What if I don't want my RKE cluster or hosted Kubernetes cluster managed by Rancher?
 
 At this time, there is no functionality to detach these clusters from Rancher. In this context, "detach" is defined as the ability to remove Rancher components from the cluster and manage access to the cluster independently of Rancher.
 

diff --git a/docs/faq/security.md b/docs/faq/security.md
@@ -1,21 +1,20 @@
 ---
 title: Security FAQ
-
 ---
 
 <head>
   <link rel="canonical" href="https://ranchermanager.docs.rancher.com/faq/security"/>
 </head>
 
-### Is there a Hardening Guide?
+## Is there a Hardening Guide?
 
 The Hardening Guide is located in the main [Security](../reference-guides/rancher-security/rancher-security.md) section.
 
-### Have hardened Rancher Kubernetes clusters been evaluated by the CIS Kubernetes Benchmark? Where can I find the results?
+## Have hardened Rancher Kubernetes clusters been evaluated by the CIS Kubernetes Benchmark? Where can I find the results?
 
 We have run the CIS Kubernetes benchmark against a hardened Rancher Kubernetes cluster.  The results of that assessment can be found in the main [Security](../reference-guides/rancher-security/rancher-security.md) section.
 
-### How does Rancher verify communication with downstream clusters, and what are some associated security concerns?
+## How does Rancher verify communication with downstream clusters, and what are some associated security concerns?
 
 Communication between the Rancher server and downstream clusters is performed through agents. Rancher uses either a registered certificate authority (CA) bundle or the local trust store to verify communication between Rancher agents and the Rancher server. Using a CA bundle for verification is more strict, as only the certificates based on that bundle are trusted. If TLS verification for a explicit CA bundle fails, Rancher may fall back to using the local trust store for verifying future communication. Any CA within the local trust store can then be used to generate a valid certificate.
 

diff --git a/docs/faq/technical-items.md b/docs/faq/technical-items.md
@@ -6,27 +6,29 @@ title: Technical FAQ
   <link rel="canonical" href="https://ranchermanager.docs.rancher.com/faq/technical-items"/>
 </head>
 
-### How can I reset the administrator password?
+## How can I reset the administrator password?
+
+Docker install:
 
-Docker Install:
 ```
 $ docker exec -ti <container_id> reset-password
 New password for default administrator (user-xxxxx):
 <new_password>
 ```
 
 Kubernetes install (Helm):
+
 ```
 $ KUBECONFIG=./kube_config_cluster.yml
 $ kubectl --kubeconfig $KUBECONFIG -n cattle-system exec $(kubectl --kubeconfig $KUBECONFIG -n cattle-system get pods -l app=rancher --no-headers | head -1 | awk '{ print $1 }') -c rancher -- reset-password
 New password for default administrator (user-xxxxx):
 <new_password>
 ```
 
+## I deleted/deactivated the last admin, how can I fix it?
 
+Docker install:
 
-### I deleted/deactivated the last admin, how can I fix it?
-Docker Install:
 ```
 $ docker exec -ti <container_id> ensure-default-admin
 New default administrator (user-xxxxx)
@@ -35,38 +37,40 @@ New password for default administrator (user-xxxxx):
 ```
 
 Kubernetes install (Helm):
+
 ```
 $ KUBECONFIG=./kube_config_cluster.yml
 $ kubectl --kubeconfig $KUBECONFIG -n cattle-system exec $(kubectl --kubeconfig $KUBECONFIG -n cattle-system get pods -l app=rancher | grep '1/1' | head -1 | awk '{ print $1 }') -- ensure-default-admin
 New password for default administrator (user-xxxxx):
 <new_password>
 ```
-### How can I enable debug logging?
+
+## How can I enable debug logging?
 
 See [Troubleshooting: Logging](../troubleshooting/other-troubleshooting-tips/logging.md)
 
-### My ClusterIP does not respond to ping
+## My ClusterIP does not respond to ping
 
 ClusterIP is a virtual IP, which will not respond to ping. Best way to test if the ClusterIP is configured correctly, is by using `curl` to access the IP and port to see if it responds.
 
-### Where can I manage Node Templates?
+## Where can I manage Node Templates?
 
 Node Templates can be accessed by opening your account menu (top right) and selecting `Node Templates`.
 
-### Why is my Layer-4 Load Balancer in `Pending` state?
+## Why is my Layer-4 Load Balancer in `Pending` state?
 
 The Layer-4 Load Balancer is created as `type: LoadBalancer`. In Kubernetes, this needs a cloud provider or controller that can satisfy these requests, otherwise these will be in `Pending` state forever. More information can be found on [Cloud Providers](../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/set-up-cloud-providers.md) or [Create External Load Balancer](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/)
 
-### Where is the state of Rancher stored?
+## Where is the state of Rancher stored?
 
 - Docker Install: in the embedded etcd of the `rancher/rancher` container, located at `/var/lib/rancher`.
 - Kubernetes install: in the etcd of the RKE cluster created to run Rancher.
 
-### How are the supported Docker versions determined?
+## How are the supported Docker versions determined?
 
 We follow the validated Docker versions for upstream Kubernetes releases. The validated versions can be found under [External Dependencies](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.10.md#external-dependencies) in the Kubernetes release CHANGELOG.md.
 
-### How can I access nodes created by Rancher?
+## How can I access nodes created by Rancher?
 
 SSH keys to access the nodes created by Rancher can be downloaded via the **Nodes** view. Choose the node which you want to access and click on the vertical ⋮ button at the end of the row, and choose **Download Keys** as shown in the picture below.
 
@@ -78,26 +82,26 @@ Unzip the downloaded zip file, and use the file `id_rsa` to connect to you host.
 $ ssh -i id_rsa user@ip_of_node
 ```
 
-### How can I automate task X in Rancher?
+## How can I automate task X in Rancher?
 
 The UI consists of static files, and works based on responses of the API. That means every action/task that you can execute in the UI, can be automated via the API. There are 2 ways to do this:
 
 * Visit `https://your_rancher_ip/v3` and browse the API options.
 * Capture the API calls when using the UI (Most commonly used for this is [Chrome Developer Tools](https://developers.google.com/web/tools/chrome-devtools/#network) but you can use anything you like)
 
-### The IP address of a node changed, how can I recover?
+## The IP address of a node changed, how can I recover?
 
 A node is required to have a static IP configured (or a reserved IP via DHCP). If the IP of a node has changed, you will have to remove it from the cluster and readd it. After it is removed, Rancher will update the cluster to the correct state. If the cluster is no longer in `Provisioning` state, the node is removed from the cluster.
 
 When the IP address of the node changed, Rancher lost connection to the node, so it will be unable to clean the node properly. See [Cleaning cluster nodes](../how-to-guides/new-user-guides/manage-clusters/clean-cluster-nodes.md) to clean the node.
 
 When the node is removed from the cluster, and the node is cleaned, you can readd the node to the cluster.
 
-### How can I add more arguments/binds/environment variables to Kubernetes components in a Rancher Launched Kubernetes cluster?
+## How can I add more arguments/binds/environment variables to Kubernetes components in a Rancher Launched Kubernetes cluster?
 
 You can add more arguments/binds/environment variables via the [Config File](../reference-guides/cluster-configuration/rancher-server-configuration/rke1-cluster-configuration.md#rke-cluster-config-file-reference) option in Cluster Options. For more information, see the [Extra Args, Extra Binds, and Extra Environment Variables](https://rancher.com/docs/rke/latest/en/config-options/services/services-extras/) in the RKE documentation or browse the [Example Cluster.ymls](https://rancher.com/docs/rke/latest/en/example-yamls/).
 
-### How do I check if my certificate chain is valid?
+## How do I check if my certificate chain is valid?
 
 Use the `openssl verify` command to validate your certificate chain:
 
@@ -138,7 +142,7 @@ subject= /C=GB/ST=England/O=Alice Ltd/CN=rancher.yourdomain.com
 issuer= /C=GB/ST=England/O=Alice Ltd/CN=Alice Intermediate CA
 ```
 
-### How do I check `Common Name` and `Subject Alternative Names` in my server certificate?
+## How do I check `Common Name` and `Subject Alternative Names` in my server certificate?
 
 Although technically an entry in `Subject Alternative Names` is required, having the hostname in both `Common Name` and as entry in `Subject Alternative Names` gives you maximum compatibility with older browser/applications.
 
@@ -156,7 +160,7 @@ openssl x509 -noout -in cert.pem -text | grep DNS
                 DNS:rancher.my.org
 ```
 
-### Why does it take 5+ minutes for a pod to be rescheduled when a node has failed?
+## Why does it take 5+ minutes for a pod to be rescheduled when a node has failed?
 
 This is due to a combination of the following default Kubernetes settings:
 
@@ -175,6 +179,6 @@ In Kubernetes v1.13, the `TaintBasedEvictions` feature is enabled by default. Se
   * `default-not-ready-toleration-seconds`: Indicates the tolerationSeconds of the toleration for notReady:NoExecute that is added by default to every pod that does not already have such a toleration.
   * `default-unreachable-toleration-seconds`: Indicates the tolerationSeconds of the toleration for unreachable:NoExecute that is added by default to every pod that does not already have such a toleration.
 
-### Can I use keyboard shortcuts in the UI?
+## Can I use keyboard shortcuts in the UI?
 
 Yes, most parts of the UI can be reached using keyboard shortcuts. For an overview of the available shortcuts, press `?` anywhere in the UI.
diff --git a/docs/faq/telemetry.md b/docs/faq/telemetry.md
@@ -6,11 +6,11 @@ title: Telemetry FAQ
   <link rel="canonical" href="https://ranchermanager.docs.rancher.com/faq/telemetry"/>
 </head>
 
-### What is Telemetry?
+## What is Telemetry?
 
 Telemetry collects aggregate information about the size of Rancher installations, versions of components used, and which features are used.  This information is used by Rancher Labs to help make the product better and is not shared with third-parties.
 
-### What information is collected?
+## What information is collected?
 
 No specific identifying information like usernames, passwords, or the names or addresses of user resources will ever be collected.
 
@@ -24,12 +24,12 @@ The primary things collected include:
   - The image name & version of Rancher that is running.
   - A unique randomly-generated identifier for this installation.
 
-### Can I see the information that is being sent?
+## Can I see the information that is being sent?
 
 If Telemetry is enabled, you can go to `https://<your rancher server>/v1-telemetry` in your installation to see the current data.
 
 If Telemetry is not enabled, the process that collects the data is not running, so there is nothing being collected to look at.
 
-### How do I turn it on or off?
+## How do I turn it on or off?
 
 After initial setup, an administrator can go to the `Settings` page in the `Global` section of the UI and click Edit to change the `telemetry-opt` setting to either `in` or `out`.
diff --git a/...tion-and-upgrade/install-upgrade-on-a-kubernetes-cluster/air-gapped-upgrades.md b/...tion-and-upgrade/install-upgrade-on-a-kubernetes-cluster/air-gapped-upgrades.md
@@ -12,7 +12,7 @@ These instructions assume you have already followed the instructions for a Kuber
 
 :::
 
-### Rancher Helm Upgrade Options
+## Rancher Helm Upgrade Options
 
 To upgrade with Helm, apply the same options that you used when installing Rancher. Refer to the reference table below to replace each placeholder. Rancher needs to be configured to use the private registry in order to provision any Rancher launched Kubernetes clusters or Rancher tools.
 

diff --git a/...ed/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/upgrades.md b/...ed/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/upgrades.md
@@ -49,7 +49,6 @@ For [air-gapped installs only,](../other-installation-methods/air-gapped-helm-cl
 
 Follow the steps to upgrade Rancher server:
 
-
 ### 1. Back up Your Kubernetes Cluster that is Running Rancher Server
 
 Use the [backup application](../../../how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher.md) to back up Rancher.
@@ -119,7 +118,6 @@ If you are installing Rancher in an air-gapped environment, skip the rest of thi
 
 :::
 
-
 Get the values, which were passed with `--set`, from the current Rancher Helm chart that is installed.
 
 ```

diff --git a/...etting-started/installation-and-upgrade/installation-requirements/dockershim.md b/...etting-started/installation-and-upgrade/installation-requirements/dockershim.md
@@ -22,7 +22,7 @@ Starting with version 1.24, the above defaults to true.
 
 For users looking to use another container runtime, Rancher has the edge-focused K3s and datacenter-focused RKE2 Kubernetes distributions that use containerd as the default runtime. Imported RKE2 and K3s Kubernetes clusters can then be upgraded and managed through Rancher going forward.
 
-### FAQ
+## FAQ
 
 <br/>
 

diff --git a/...her-installation-methods/air-gapped-helm-cli-install/docker-install-commands.md b/...her-installation-methods/air-gapped-helm-cli-install/docker-install-commands.md
@@ -28,7 +28,7 @@ For security purposes, SSL (Secure Sockets Layer) is required when using Rancher
 
 Choose from the following options:
 
-### Option A: Default Self-Signed Certificate
+## Option A: Default Self-Signed Certificate
 
 <details id="option-a">
   <summary>Click to expand</summary>
@@ -55,7 +55,7 @@ docker run -d --restart=unless-stopped \
 
 </details>
 
-### Option B: Bring Your Own Certificate: Self-Signed
+## Option B: Bring Your Own Certificate: Self-Signed
 
 <details id="option-b">
   <summary>Click to expand</summary>
@@ -98,7 +98,7 @@ docker run -d --restart=unless-stopped \
 
 </details>
 
-### Option C: Bring Your Own Certificate: Signed by Recognized CA
+## Option C: Bring Your Own Certificate: Signed by Recognized CA
 
 <details id="option-c">
   <summary>Click to expand</summary>
@@ -143,8 +143,6 @@ docker run -d --restart=unless-stopped \
 
 </details>
 
-
-
 :::note
 
 If you don't intend to send telemetry data, opt out [telemetry](../../../../faq/telemetry.md) during the initial login.