Merge pull request #3508 from rancher/master

Merge master to staging
2026-05-19 11:25:15 +00:00 · 2021-09-12 13:05:06 -07:00
parent c60816babc 53d9ecec1f
commit a9b35d9d6e
191 changed files with 2576 additions and 437 deletions
@@ -39,6 +39,21 @@ In this section, you'll learn how to configure the K3s server.
 |  `--datastore-cafile` value | `K3S_DATASTORE_CAFILE` | TLS Certificate Authority file used to secure datastore backend communication       |
 |  `--datastore-certfile` value | `K3S_DATASTORE_CERTFILE`       | TLS certification file used to secure datastore backend communication      |
 |  `--datastore-keyfile` value  | `K3S_DATASTORE_KEYFILE`        | TLS key file used to secure datastore backend communication    |
+|  `--etcd-expose-metrics` | N/A | Expose etcd metrics to client interface. (Default false) |
+|  `--etcd-disable-snapshots` | N/A | Disable automatic etcd snapshots |
+|  `--etcd-snapshot-name` value | N/A | Set the base name of etcd snapshots. Default: etcd-snapshot-<unix-timestamp> (default: "etcd-snapshot") |
+|  `--etcd-snapshot-schedule-cron` value | N/A | Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *") |
+|  `--etcd-snapshot-retention` value | N/A | Number of snapshots to retain (Default: 5) |
+|  `--etcd-snapshot-dir` value | N/A | Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots) |
+|  `--etcd-s3` | N/A | Enable backup to S3 |
+|  `--etcd-s3-endpoint` value | N/A | S3 endpoint url (default: "s3.amazonaws.com") |
+|  `--etcd-s3-endpoint-ca` value | N/A |  S3 custom CA cert to connect to S3 endpoint |
+|  `--etcd-s3-skip-ssl-verify` | N/A |  Disables S3 SSL certificate validation |
+|  `--etcd-s3-access-key` value | `AWS_ACCESS_KEY_ID` | S3 access key |
+|  `--etcd-s3-secret-key` value | `AWS_SECRET_ACCESS_KEY` | S3 secret key |
+|  `--etcd-s3-bucket` value | N/A | S3 bucket name |
+|  `--etcd-s3-region` value | N/A | S3 region / bucket location (optional) (default: "us-east-1") |
+|  `--etcd-s3-folder` value | N/A | S3 folder |

 ### Cluster Options

@@ -66,6 +81,10 @@ K3s agent options are available as server options because the server has the age
 |   `--with-node-id`     |  N/A           | Append id to node name         | (agent/node) 
 |   `--node-label` value   | N/A         | Registering and starting kubelet with set of labels        | 
 |   `--node-taint` value    | N/A        | Registering kubelet with set of taints         |
+|   `--image-credential-provider-bin-dir` value | N/A |  The path to the directory where credential provider plugin binaries are located (default: "/var/lib/rancher/credentialprovider/bin") |
+|   `--image-credential-provider-config` value | N/A | The path to the credential provider plugin config file (default: "/var/lib/rancher/credentialprovider/config.yaml") |
+|   `--selinux` | `K3S_SELINUX` | Enable SELinux in containerd |
+|   `--lb-server-port` value | `K3S_LB_SERVER_PORT` | Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer. (default: 6444) |

 ### Agent Runtime

@@ -74,6 +93,7 @@ K3s agent options are available as server options because the server has the age
 |   `--docker`  |  N/A            |  Use docker instead of containerd            |     (agent/runtime) 
 |  `--container-runtime-endpoint` value  | N/A   | Disable embedded containerd and use alternative CRI implementation |
 |   `--pause-image` value    | "docker.io/rancher/pause:3.1"          | Customized pause image for containerd or Docker sandbox       |
+|   `--snapshotter` value | N/A |  Override default containerd snapshotter (default: "overlayfs") |
 |   `--private-registry` value  | "/etc/rancher/k3s/registries.yaml"         | Private registry configuration file     |

 ### Agent Networking
@@ -94,6 +114,7 @@ the agent options are there because the server has the agent process embedded wi

 | Flag | Default | Description |
 |------|---------|-------------|
+| `--debug` | N/A | Turn on debug logs |
 | `-v` value | 0  |  Number for the log level verbosity |
 | `--vmodule` value | N/A | Comma-separated list of pattern=N settings for file-filtered logging |
 | `--log value, -l` value  | N/A | Log to file |
@@ -122,6 +143,7 @@ the agent options are there because the server has the agent process embedded wi
 |------|---------|-------------|
 | `--cluster-cidr` value | "10.42.0.0/16"         |  Network CIDR to use for pod IPs        | 
 |  `--service-cidr` value | "10.43.0.0/16"         | Network CIDR to use for services IPs       |
+|  `--service-node-port-range` value | "30000-32767" | Port range to reserve for services with NodePort visibility |
 |  `--cluster-dns` value   | "10.43.0.10"         | Cluster IP for coredns service. Should be in your service-cidr range |
 |  `--cluster-domain` value  | "cluster.local"        | Cluster Domain       | 
 |  `--flannel-backend` value   | "vxlan"      | One of 'none', 'vxlan', 'ipsec', 'host-gw', or 'wireguard'       |
@@ -148,6 +170,7 @@ the agent options are there because the server has the agent process embedded wi
 |  `--disable` value    |  Do not deploy packaged components and delete any deployed components (valid items: coredns, servicelb, traefik,local-storage, metrics-server)            |
 |   `--disable-scheduler`  | Disable Kubernetes default scheduler            | 
 |   `--disable-cloud-controller`   | Disable k3s default cloud controller manager           | 
+|   `--disable-kube-proxy` | Disable running kube-proxy |
 |   `--disable-network-policy`  | Disable k3s default network policy controller            | 

 ### Customized Flags for Kubernetes Processes
@@ -190,6 +213,7 @@ USAGE:
   k3s server [OPTIONS]

 OPTIONS:
+   --config FILE, -c FILE                     (config) Load configuration from FILE (default: "/etc/rancher/k3s/config.yaml") [$K3S_CONFIG_FILE]                                                                                         --debug                                    (logging) Turn on debug logs [$K3S_DEBUG]
   -v value                                   (logging) Number for the log level verbosity (default: 0)
   --vmodule value                            (logging) Comma-separated list of pattern=N settings for file-filtered logging
   --log value, -l value                      (logging) Log to file
@@ -202,6 +226,7 @@ OPTIONS:
   --data-dir value, -d value                 (data) Folder to hold state default /var/lib/rancher/k3s or ${HOME}/.rancher/k3s if not root
   --cluster-cidr value                       (networking) Network CIDR to use for pod IPs (default: "10.42.0.0/16")
   --service-cidr value                       (networking) Network CIDR to use for services IPs (default: "10.43.0.0/16")
+   --service-node-port-range value            (networking) Port range to reserve for services with NodePort visibility (default: "30000-32767")
   --cluster-dns value                        (networking) Cluster IP for coredns service. Should be in your service-cidr range (default: 10.43.0.10)
   --cluster-domain value                     (networking) Cluster Domain (default: "cluster.local")
   --flannel-backend value                    (networking) One of 'none', 'vxlan', 'ipsec', 'host-gw', or 'wireguard' (default: "vxlan")
@@ -217,18 +242,37 @@ OPTIONS:
   --datastore-cafile value                   (db) TLS Certificate Authority file used to secure datastore backend communication [$K3S_DATASTORE_CAFILE]
   --datastore-certfile value                 (db) TLS certification file used to secure datastore backend communication [$K3S_DATASTORE_CERTFILE]
   --datastore-keyfile value                  (db) TLS key file used to secure datastore backend communication [$K3S_DATASTORE_KEYFILE]
+   --etcd-expose-metrics                      (db) Expose etcd metrics to client interface. (Default false)
+   --etcd-disable-snapshots                   (db) Disable automatic etcd snapshots
+   --etcd-snapshot-name value                 (db) Set the base name of etcd snapshots. Default: etcd-snapshot-<unix-timestamp> (default: "etcd-snapshot")
+   --etcd-snapshot-schedule-cron value        (db) Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *")
+   --etcd-snapshot-retention value            (db) Number of snapshots to retain Default: 5 (default: 5)
+   --etcd-snapshot-dir value                  (db) Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots)
+   --etcd-s3                                  (db) Enable backup to S3
+   --etcd-s3-endpoint value                   (db) S3 endpoint url (default: "s3.amazonaws.com")
+   --etcd-s3-endpoint-ca value                (db) S3 custom CA cert to connect to S3 endpoint
+   --etcd-s3-skip-ssl-verify                  (db) Disables S3 SSL certificate validation
+   --etcd-s3-access-key value                 (db) S3 access key [$AWS_ACCESS_KEY_ID]
+   --etcd-s3-secret-key value                 (db) S3 secret key [$AWS_SECRET_ACCESS_KEY]
+   --etcd-s3-bucket value                     (db) S3 bucket name
+   --etcd-s3-region value                     (db) S3 region / bucket location (optional) (default: "us-east-1")
+   --etcd-s3-folder value                     (db) S3 folder
   --default-local-storage-path value         (storage) Default local storage path for local provisioner storage class
   --disable value                            (components) Do not deploy packaged components and delete any deployed components (valid items: coredns, servicelb, traefik, local-storage, metrics-server)
   --disable-scheduler                        (components) Disable Kubernetes default scheduler
   --disable-cloud-controller                 (components) Disable k3s default cloud controller manager
+   --disable-kube-proxy                       (components) Disable running kube-proxy
   --disable-network-policy                   (components) Disable k3s default network policy controller
   --node-name value                          (agent/node) Node name [$K3S_NODE_NAME]
   --with-node-id                             (agent/node) Append id to node name
   --node-label value                         (agent/node) Registering and starting kubelet with set of labels
   --node-taint value                         (agent/node) Registering kubelet with set of taints
+   --image-credential-provider-bin-dir value  (agent/node) The path to the directory where credential provider plugin binaries are located (default: "/var/lib/rancher/credentialprovider/bin")
+   --image-credential-provider-config value   (agent/node) The path to the credential provider plugin config file (default: "/var/lib/rancher/credentialprovider/config.yaml")
   --docker                                   (agent/runtime) Use docker instead of containerd
   --container-runtime-endpoint value         (agent/runtime) Disable embedded containerd and use alternative CRI implementation
   --pause-image value                        (agent/runtime) Customized pause image for containerd or docker sandbox (default: "docker.io/rancher/pause:3.1")
+   --snapshotter value                        (agent/runtime) Override default containerd snapshotter (default: "overlayfs")
   --private-registry value                   (agent/runtime) Private registry configuration file (default: "/etc/rancher/k3s/registries.yaml")
   --node-ip value, -i value                  (agent/networking) IP address to advertise for node
   --node-external-ip value                   (agent/networking) External IP address to advertise for node
@@ -237,14 +281,19 @@ OPTIONS:
   --flannel-conf value                       (agent/networking) Override default flannel config file
   --kubelet-arg value                        (agent/flags) Customized flag for kubelet process
   --kube-proxy-arg value                     (agent/flags) Customized flag for kube-proxy process
+   --protect-kernel-defaults                  (agent/node) Kernel tuning behavior. If set, error if kernel tunables are different than kubelet defaults.
   --rootless                                 (experimental) Run rootless
   --agent-token value                        (experimental/cluster) Shared secret used to join agents to the cluster, but not servers [$K3S_AGENT_TOKEN]
   --agent-token-file value                   (experimental/cluster) File containing the agent secret [$K3S_AGENT_TOKEN_FILE]
   --server value, -s value                   (experimental/cluster) Server to connect to, used to join a cluster [$K3S_URL]
   --cluster-init                             (experimental/cluster) Initialize new cluster master [$K3S_CLUSTER_INIT]
   --cluster-reset                            (experimental/cluster) Forget all peers and become a single cluster new cluster master [$K3S_CLUSTER_RESET]
+   --cluster-reset-restore-path value         (db) Path to snapshot file to be restored
   --secrets-encryption                       (experimental) Enable Secret encryption at rest
+   --system-default-registry value            (image) Private registry to be used for all system images [$K3S_SYSTEM_DEFAULT_REGISTRY]
+   --selinux                                  (agent/node) Enable SELinux in containerd [$K3S_SELINUX]
+   --lb-server-port value                     (agent/node) Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer. (default: 6444) [$K3S_LB_SERVER_PORT]
   --no-flannel                               (deprecated) use --flannel-backend=none
   --no-deploy value                          (deprecated) Do not deploy packaged components (valid items: coredns, servicelb, traefik, local-storage, metrics-server)
   --cluster-secret value                     (deprecated) use --token [$K3S_CLUSTER_SECRET]
-```
+```
@@ -2040,7 +2040,7 @@ Where access to the Kubernetes API from a pod is required, a specific service ac
 The default service account should be configured such that it does not provide a service account token and does not have any explicit rights assignments.
 </details>

-**Result:** Fail. Currently requires operator intervention See the [Hardening Guide]({{<baseurl>}}/rancher/k3s/latest/en/security/hardening_guide) for details.
+**Result:** Fail. Currently requires operator intervention See the [Hardening Guide]({{<baseurl>}}/k3s/latest/en/security/hardening_guide) for details.

 **Audit:**
 For	each namespace in the cluster, review the rights assigned to the default service account and ensure that it has no roles or cluster roles bound to it apart from the defaults. Additionally ensure that the automountServiceAccountToken: false setting is in place for each default service account.
@@ -9,4 +9,6 @@ This section describes how to upgrade your K3s cluster.

 [Automated upgrades]({{< baseurl >}}/k3s/latest/en/upgrades/automated/) describes how to perform Kubernetes-native automated upgrades using Rancher's [system-upgrade-controller](https://github.com/rancher/system-upgrade-controller).

-> The experimental embedded Dqlite data store was deprecated in K3s v1.19.1. Please note that upgrades from experimental Dqlite to experimental embedded etcd are not supported. If you attempt an upgrade it will not succeed and data will be lost.
+> If Traefik is not disabled K3s versions 1.20 and earlier will have installed Traefik v1, while K3s versions 1.21 and later will install Traefik v2 if v1 is not already present.  To upgrade Traefik, please refer to the [Traefik documentation](https://doc.traefik.io/traefik/migration/v1-to-v2/) and use the [migration tool](https://github.com/traefik/traefik-migration-tool) to migrate from the older Traefik v1 to Traefik v2.
+
+> The experimental embedded Dqlite data store was deprecated in K3s v1.19.1. Please note that upgrades from experimental Dqlite to experimental embedded etcd are not supported. If you attempt an upgrade it will not succeed and data will be lost.
@@ -24,14 +24,19 @@ For more details on the design and architecture of the system-upgrade-controller
 - [system-upgrade-controller](https://github.com/rancher/system-upgrade-controller)
 - [k3s-upgrade](https://github.com/rancher/k3s-upgrade)

-To automate upgrades in this manner you must:
+To automate upgrades in this manner, you must do the following:

 1. Install the system-upgrade-controller into your cluster
 1. Configure plans

+>**Note:** Users can and should use Rancher to upgrade their K3s cluster if Rancher is managing it. 
+>
+> * If you choose to use Rancher to upgrade, the following steps below are taken care of for you.
+> * If you choose not to use Rancher to upgrade, you must use the following steps below to do so.
+

 ### Install the system-upgrade-controller
-The system-upgrade-controller can be installed as a deployment into your cluster. The deployment requires a service-account, clusterRoleBinding, and a configmap. To install these components, run the following command:
+ The system-upgrade-controller can be installed as a deployment into your cluster. The deployment requires a service-account, clusterRoleBinding, and a configmap. To install these components, run the following command:
 ```
 kubectl apply -f https://github.com/rancher/system-upgrade-controller/releases/download/v0.6.2/system-upgrade-controller.yaml
 ```
@@ -78,7 +83,7 @@ spec:
    args:
    - prepare
    - server-plan
-    image: rancher/k3s-upgrade:v1.17.4-k3s1
+    image: rancher/k3s-upgrade
  serviceAccountName: system-upgrade
  upgrade:
    image: rancher/k3s-upgrade
@@ -5,7 +5,7 @@ description: RancherOS is a simplified Linux distribution built from containers,
 weight: 1
 ---

-> RancherOS 1.x is currently in a maintain-only-as-essential mode. It is no longer being actively maintained at a code level other than addressing critical or security fixes. For more information about the support status of RancherOS, see [this page.](https://rancher.zendesk.com/hc/en-us/articles/360041771072-Could-you-help-us-understand-the-development-and-support-status-of-RancherOS-for-2020-and-beyond-)
+> RancherOS 1.x is currently in a maintain-only-as-essential mode. It is no longer being actively maintained at a code level other than addressing critical or security fixes. For more information about the support status of RancherOS, see [this page.](https://rancher.zendesk.com/hc/en-us/articles/360041771072-Could-you-help-us-understan[…]opment-and-support-status-of-RancherOS-for-2020-and-beyond-)

 RancherOS is the smallest, easiest way to run Docker in production.  Every process in RancherOS is a container managed by Docker. This includes system services such as `udev` and `syslog`.  Because it only includes the services necessary to run Docker, RancherOS is significantly smaller than most traditional operating systems. By removing unnecessary libraries and services, requirements for security patches and other maintenance are also reduced. This is possible because, with Docker, users typically package all necessary libraries into their containers.

@@ -3,9 +3,9 @@ title: Node Requirements for Rancher Managed Clusters
 weight: 1
 ---

-This page describes the requirements for the Rancher managed Kubernetes clusters where your apps and services will be installed. These downstream clusters should be separate from the cluster (or single node) running Rancher.
+This page describes the requirements for the Rancher managed Kubernetes clusters where your apps and services will be installed. These downstream clusters should be separate from the three-node cluster running Rancher.

-> If Rancher is installed on a high-availability Kubernetes cluster, the Rancher server cluster and downstream clusters have different requirements. For Rancher installation requirements, refer to the node requirements in the [installation section.]({{<baseurl>}}/rancher/v2.0-v2.4/en/installation/requirements/)
+> If Rancher is installed on a high-availability Kubernetes cluster, the Rancher server three-node cluster and downstream clusters have different requirements. For Rancher installation requirements, refer to the node requirements in the [installation section.]({{<baseurl>}}/rancher/v2.0-v2.4/en/installation/requirements/)

 Make sure the nodes for the Rancher server fulfill the following requirements:

@@ -12,14 +12,30 @@ aliases:
 The following options are available when using an ARM64 platform:

 - Running Rancher on ARM64 based node(s)
-  - Only [Docker Install]({{<baseurl>}}/rancher/v2.0-v2.4/en/installation/other-installation-methods/single-node-docker)
+  - Only for Docker Install. Please note that the following installation command replaces the examples found in the [Docker Install]({{<baseurl>}}/rancher/v2.0-v2.4/en/installation/other-installation-methods/single-node-docker) link:
+
+  ```
+  # In the last line `rancher/rancher:vX.Y.Z`, be certain to replace "X.Y.Z" with a released version in which ARM64 builds exist. For  example, if your matching version is v2.5.8, you would fill in this line with `rancher/rancher:v2.5.8`. 
+  docker run -d --restart=unless-stopped \
+    -p 80:80 -p 443:443 \
+    --privileged \
+    rancher/rancher:vX.Y.Z  
+  ```
+> **Note:** To check if your specific released version is compatible with the ARM64 architecture, you may navigate to your  
+> version's release notes in the following two ways:
+>
+> - Manually find your version using https://github.com/rancher/rancher/releases.
+> - Go directly to your version using the tag and the specific version number. If you plan to use v2.5.8, for example, you may 
+>   navigate to https://github.com/rancher/rancher/releases/tag/v2.5.8.   
+
 - Create custom cluster and adding ARM64 based node(s)
  - Kubernetes cluster version must be 1.12 or higher
  - CNI Network Provider must be [Flannel]({{<baseurl>}}/rancher/v2.0-v2.4/en/faq/networking/cni-providers/#flannel)
+
 - Importing clusters that contain ARM64 based nodes
  - Kubernetes cluster version must be 1.12 or higher

-Please see [Cluster Options]({{<baseurl>}}/rancher/v2.0-v2.4/en/cluster-provisioning/rke-clusters/options/) how to configure the cluster options.
+Please see [Cluster Options]({{<baseurl>}}/rancher/v2.0-v2.4/en/cluster-provisioning/rke-clusters/options/) for information on how to configure the cluster options.

 The following features are not tested:

@@ -39,7 +39,7 @@ You can obtain `<RANCHER_CONTAINER_TAG>` and `<RANCHER_CONTAINER_NAME>` by loggi

 ## Restoring Backups

-Using a [backup]({{<baseurl>}}/rancher/v2.5/en/backups/backups/single-node-backups/) that you created earlier, restore Rancher to its last known healthy state.
+Using a [backup]({{<baseurl>}}/rancher/v2.5/en/backups/docker-installs/docker-backups/) that you created earlier, restore Rancher to its last known healthy state.

 1. Using a remote Terminal connection, log into the node running your Rancher Server.

@@ -48,9 +48,9 @@ Using a [backup]({{<baseurl>}}/rancher/v2.5/en/backups/backups/single-node-backu
    ```
    docker stop <RANCHER_CONTAINER_NAME>
    ```
-1. Move the backup tarball that you created during completion of [Creating Backups—Docker Installs]({{<baseurl>}}/rancher/v2.5/en/backups/backups/single-node-backups/) onto your Rancher Server. Change to the directory that you moved it to. Enter `dir` to confirm that it's there.
+1. Move the backup tarball that you created during completion of [Creating Backups—Docker Installs]({{<baseurl>}}/rancher/v2.5/en/backups/docker-installs/docker-backups/) onto your Rancher Server. Change to the directory that you moved it to. Enter `dir` to confirm that it's there.

-    If you followed the naming convention we suggested in [Creating Backups—Docker Installs]({{<baseurl>}}/rancher/v2.5/en/backups/backups/single-node-backups/), it will have a name similar to  `rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz`.
+    If you followed the naming convention we suggested in [Creating Backups—Docker Installs]({{<baseurl>}}/rancher/v2.5/en/backups/docker-installs/docker-backups/), it will have a name similar to  `rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz`.

 1. Enter the following command to delete your current state data and replace it with your backup data, replacing the placeholders. Don't forget to close the quotes.

@@ -97,7 +97,7 @@ Sometimes it is useful to monitor workloads from the outside. For this, you can

 If you have a (micro)service architecture where multiple individual workloads within your cluster are communicating with each other, it is really important to have detailed metrics and traces about this traffic to understand how all these workloads are communicating with each other and where a problem or bottleneck may be.

-Of course you can monitor all this internal traffic in all your workloads and expose these metrics to Prometheus. But this can quickly become quite work intensive. Service Meshes like Istio, which can be installed with [a click](https://rancher.com/docs/rancher/v2.5/en/cluster-admin/tools/istio/) in Rancher, can do this automatically and provide rich telemetry about the traffic between all services.
+Of course you can monitor all this internal traffic in all your workloads and expose these metrics to Prometheus. But this can quickly become quite work intensive. Service Meshes like Istio, which can be installed with [a click]({{<baseurl>}}/rancher/v2.5/en/istio/) in Rancher, can do this automatically and provide rich telemetry about the traffic between all services.

 # Real User Monitoring

@@ -119,4 +119,4 @@ When setting up alerts, configure them for all the workloads that are critical t

 If an alert starts firing, but there is nothing you can do about it at the moment, it's also fine to silence the alert for a certain amount of time, so that you can look at it later.

-You can find more information on how to set up alerts and notification channels in the [Rancher Documentation]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/v2.5).
+You can find more information on how to set up alerts and notification channels in the [Rancher Documentation]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting).
@@ -36,5 +36,4 @@ However, metrics-driven capacity planning analysis should be the ultimate guidan

 Using Rancher, you can monitor the state and processes of your cluster nodes, Kubernetes components, and software deployments through integration with Prometheus, a leading open-source monitoring solution, and Grafana, which lets you visualize the metrics from Prometheus. 

-After you [enable monitoring]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/legacy/monitoring/cluster-monitoring/) in the cluster, you can set up [a notification channel]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/notifiers/) and [cluster alerts]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/alerts/) to let you know if your cluster is approaching its capacity. You can also use the Prometheus and Grafana monitoring framework to establish a baseline for key metrics as you scale.
-
+After you [enable monitoring]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting) in the cluster, you can set up [a notification channel]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/) and alerts to let you know if your cluster is approaching its capacity. You can also use the Prometheus and Grafana monitoring framework to establish a baseline for key metrics as you scale.
@@ -294,9 +294,9 @@ Alerts can be configured to be sent out for a scan that runs on a schedule.

 > **Prerequisite:** 
 >
-> Before enabling alerts for `rancher-cis-benchmark`, make sure to install the `rancher-monitoring` application and configure the Receivers and Routes. For more information, see [this section.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/v2.5/configuration/alertmanager/)
+> Before enabling alerts for `rancher-cis-benchmark`, make sure to install the `rancher-monitoring` application and configure the Receivers and Routes. For more information, see [this section.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration/alertmanager/)
 >
-> While configuring the routes for `rancher-cis-benchmark` alerts, you can specify the matching using the key-value pair `job: rancher-cis-scan`. An example route configuration is [here.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/v2.5/configuration/alertmanager/#example-route-config-for-cis-scan-alerts)
+> While configuring the routes for `rancher-cis-benchmark` alerts, you can specify the matching using the key-value pair `job: rancher-cis-scan`. An example route configuration is [here.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration/alertmanager/#example-route-config-for-cis-scan-alerts)

 While installing or upgrading the `rancher-cis-benchmark` application, set the following flag to `true` in the `values.yaml`:

@@ -321,9 +321,9 @@ The `rancher-cis-benchmark` application supports two types of alerts:

 > **Prerequisite:** 
 >
-> Before enabling alerts for `rancher-cis-benchmark`, make sure to install the `rancher-monitoring` application and configure the Receivers and Routes. For more information, see [this section.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/v2.5/configuration/alertmanager/)
+> Before enabling alerts for `rancher-cis-benchmark`, make sure to install the `rancher-monitoring` application and configure the Receivers and Routes. For more information, see [this section.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration/alertmanager/)
 >
-> While configuring the routes for `rancher-cis-benchmark` alerts, you can specify the matching using the key-value pair `job: rancher-cis-scan`. An example route configuration is [here.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/v2.5/configuration/alertmanager/#example-route-config-for-cis-scan-alerts)
+> While configuring the routes for `rancher-cis-benchmark` alerts, you can specify the matching using the key-value pair `job: rancher-cis-scan`. An example route configuration is [here.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration/alertmanager/#example-route-config-for-cis-scan-alerts)

 To configure alerts for a scan that runs on a schedule,

@@ -33,7 +33,7 @@ If Rancher Server uses a self-signed certificate, Rancher CLI prompts you to con

 ### Project Selection

-Before you can perform any commands, you must select a Rancher project to perform those commands against. To select a [project]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/) to work on, use the command `./rancher context switch`. When you enter this command, a list of available projects displays. Enter a number to choose your project.
+Before you can perform any commands, you must select a Rancher project to perform those commands against. To select a [project]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/) to work on, use the command `./rancher context switch`. When you enter this command, a list of available projects displays. Enter a number to choose your project.

 **Example: `./rancher context switch` Output**
 ```
@@ -62,13 +62,13 @@ The following commands are available for use in Rancher CLI.
 | `apps, [app]`  | Performs operations on catalog applications (i.e. individual [Helm charts](https://docs.helm.sh/developing_charts/) or Rancher charts.  |
 | `catalog`  | Performs operations on [catalogs]({{<baseurl>}}/rancher/v2.5/en/catalog/).  |
 | `clusters, [cluster]`  | Performs operations on your [clusters]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/).  |
-| `context`  | Switches between Rancher [projects]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/). For an example, see [Project Selection](#project-selection).  |
-| `inspect [OPTIONS] [RESOURCEID RESOURCENAME]`  | Displays details about [Kubernetes resources](https://kubernetes.io/docs/reference/kubectl/cheatsheet/#resource-types) or Rancher resources (i.e.: [projects]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/) and [workloads]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/workloads/)). Specify resources by name or ID.  |
+| `context`  | Switches between Rancher [projects]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/). For an example, see [Project Selection](#project-selection).  |
+| `inspect [OPTIONS] [RESOURCEID RESOURCENAME]`  | Displays details about [Kubernetes resources](https://kubernetes.io/docs/reference/kubectl/cheatsheet/#resource-types) or Rancher resources (i.e.: [projects]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/) and [workloads]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/workloads/)). Specify resources by name or ID.  |
 | `kubectl`  |Runs [kubectl commands](https://kubernetes.io/docs/reference/kubectl/overview/#operations).   |
 | `login, [l]`  | Logs into a Rancher Server. For an example, see [CLI Authentication](#cli-authentication).  |
 | `namespaces, [namespace]`  |Performs operations on namespaces.   |
 | `nodes, [node]`  |Performs operations on nodes.   |
-| `projects, [project]`  | Performs operations on [projects]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/).  |
+| `projects, [project]`  | Performs operations on [projects]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/).  |
 | `ps`  | Displays [workloads]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/workloads) in a project.  |
 | `settings, [setting]`  | Shows the current settings for your Rancher Server.  |
 | `ssh`  | Connects to one of your cluster nodes using the SSH protocol.  |
@@ -36,4 +36,3 @@ Rancher contains a variety of tools that aren't included in Kubernetes to assist
 - Istio Service Mesh
 - OPA Gatekeeper

-For more information, see [Tools]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/)
@@ -10,7 +10,7 @@ aliases:

 If you want to provide a user with access and permissions to _all_ projects, nodes, and resources within a cluster, assign the user a cluster membership.

->**Tip:** Want to provide a user with access to a _specific_ project within a cluster? See [Adding Project Members]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/project-members/) instead.
+>**Tip:** Want to provide a user with access to a _specific_ project within a cluster? See [Adding Project Members]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/project-members/) instead.

 There are two contexts where you can add cluster members:

@@ -42,7 +42,7 @@ You can assign the following resources directly to namespaces:
 - [Workloads]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/workloads/)
 - [Load Balancers/Ingress]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/load-balancers-and-ingress/)
 - [Service Discovery Records]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/service-discovery/)
- [Persistent Volume Claims]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/volumes-and-storage/persistent-volume-claims/)
+- [Persistent Volume Claims]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/volumes-and-storage/)
 - [Certificates]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/certificates/)
 - [ConfigMaps]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/configmaps/)
 - [Registries]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/registries/)
@@ -75,7 +75,7 @@ In the base version of Kubernetes, features like role-based access rights or clu

 You can use projects to perform actions such as:

- Assign users to a group of namespaces (i.e., [project membership]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/project-members)).
+- Assign users to a group of namespaces (i.e., [project membership]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/project-members)).
 - Assign users specific roles in a project. A role can be owner, member, read-only, or [custom]({{<baseurl>}}/rancher/v2.5/en/admin-settings/rbac/default-custom-roles/).
 - Assign resources to the project.
 - Assign Pod Security Policies.
@@ -165,12 +165,12 @@ To add members:

 ### 4. Optional: Add Resource Quotas

-Resource quotas limit the resources that a project (and its namespaces) can consume. For more information, see [Resource Quotas]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/resource-quotas).
+Resource quotas limit the resources that a project (and its namespaces) can consume. For more information, see [Resource Quotas]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/resource-quotas).

 To add a resource quota,

 1. Click **Add Quota**.
-1. Select a Resource Type. For more information, see [Resource Quotas.]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/resource-quotas/).
+1. Select a Resource Type. For more information, see [Resource Quotas.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/resource-quotas/).
 1. Enter values for the **Project Limit** and the **Namespace Default Limit**.
 1. **Optional:** Specify **Container Default Resource Limit**, which will be applied to every container started in the project. The parameter is recommended if you have CPU or Memory limits set by the Resource Quota. It can be overridden on per an individual namespace or a container level. For more information, see [Container Default Resource Limit]({{<baseurl>}}/rancher/v2.5/en/project-admin/resource-quotas/)
 1. Click **Create**.
@@ -5,7 +5,7 @@ aliases:
  - /rancher/v2.5/en/tasks/clusters/adding-storage/provisioning-storage/vsphere/
 ---

-To provide stateful workloads with vSphere storage, we recommend creating a vSphereVolume StorageClass. This practice dynamically provisions vSphere storage when workloads request volumes through a [persistent volume claim]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/volumes-and-storage/persistent-volume-claims/).
+To provide stateful workloads with vSphere storage, we recommend creating a vSphereVolume StorageClass. This practice dynamically provisions vSphere storage when workloads request volumes through a persistent volume claim.

 In order to dynamically provision storage in vSphere, the vSphere provider must be [enabled.]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/rke-clusters/cloud-providers/vsphere)

@@ -14,7 +14,7 @@ headless: true
 | [Managing Persistent Volumes and Storage Classes]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/volumes-and-storage/) | ✓ | ✓ | ✓ | ✓ |
 | [Managing Projects, Namespaces and Workloads]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/) | ✓ | ✓ | ✓ | ✓ |
 | [Using App Catalogs]({{<baseurl>}}/rancher/v2.5/en/catalog/) | ✓ | ✓ | ✓ | ✓ |
-| [Configuring Tools (Alerts, Notifiers, Logging, Monitoring, Istio)]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/) | ✓ | ✓ | ✓ | ✓ |
+| Configuring Tools (Alerts, Notifiers, Logging, Monitoring, Istio) | ✓ | ✓ | ✓ | ✓ |
 | [Running Security Scans]({{<baseurl>}}/rancher/v2.5/en/security/security-scan/) | ✓ | ✓ | ✓ | ✓ |
 | [Use existing configuration to create additional clusters]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/cloning-clusters/)| ✓ | ✓ |✓ | |
 | [Ability to rotate certificates]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/certificate-rotation/) | ✓ | ✓  | | |
@@ -25,7 +25,7 @@ headless: true

 1. Registered GKE and EKS clusters have the same options available as GKE and EKS clusters created from the Rancher UI. The  difference is that when a registered cluster is deleted from the Rancher UI, [it is not destroyed.]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/registered-clusters/#additional-features-for-registered-eks-and-gke-clusters)

-2. Cluster configuration options can't be edited for registered clusters, except for [K3s and RKE2 clusters.]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/imported-clusters/)
+2. Cluster configuration options can't be edited for registered clusters, except for [K3s and RKE2 clusters.]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/registered-clusters/)

 3. For registered cluster nodes, the Rancher UI exposes the ability to cordon, drain, and edit the node.

@@ -43,7 +43,7 @@ headless: true
 | [Managing Persistent Volumes and Storage Classes]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/volumes-and-storage/) | ✓ | ✓ | ✓ | ✓ |
 | [Managing Projects, Namespaces and Workloads]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/) | ✓ | ✓ | ✓ | ✓ |
 | [Using App Catalogs]({{<baseurl>}}/rancher/v2.5/en/catalog/) | ✓ | ✓ | ✓ | ✓ |
-| [Configuring Tools (Alerts, Notifiers, Logging, Monitoring, Istio)]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/) | ✓ | ✓ | ✓ | ✓ |
+| Configuring Tools (Alerts, Notifiers, Logging, Monitoring, Istio) | ✓ | ✓ | ✓ | ✓ |
 | [Running Security Scans]({{<baseurl>}}/rancher/v2.5/en/security/security-scan/) | ✓ | ✓ | ✓ | ✓ |
 | [Use existing configuration to create additional clusters]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/cloning-clusters/)| ✓ | ✓ |✓ | |
 | [Ability to rotate certificates]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/certificate-rotation/) | ✓ |  | ✓ | |
@@ -52,7 +52,7 @@ headless: true
 | [Configuring Pod Security Policies]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/pod-security-policy/) | ✓ | | ✓ | |
 | [Authorized Cluster Endpoint]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/rke-clusters/options/#authorized-cluster-endpoint) | ✓ | | |

-1. Cluster configuration options can't be edited for registered clusters, except for [K3s and RKE2 clusters.]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/imported-clusters/)
+1. Cluster configuration options can't be edited for registered clusters, except for [K3s and RKE2 clusters.]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/registered-clusters/)

 2. For registered cluster nodes, the Rancher UI exposes the ability to cordon, drain, and edit the node.

@@ -70,7 +70,7 @@ Use Rancher to set up and configure your Kubernetes cluster.
 1. Optional: Use **Member Roles** to configure user authorization for the cluster. Click **Add Member** to add users that can access the cluster. Use the **Role** drop-down to set permissions for each user.
 1. Optional: Add Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) or [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to the cluster.
 1. Enter your Google project ID and your Google cloud credentials.
-1. Fill out the rest of the form. For help, refer to the [GKE cluster configuration reference.](./config-reference)
+1. Fill out the rest of the form. For help, refer to the [GKE cluster configuration reference.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/editing-clusters/gke-config-reference)
 1. Click **Create.**

 **Result:** You have successfully deployed a GKE cluster.
@@ -3,9 +3,9 @@ title: Node Requirements for Rancher Managed Clusters
 weight: 1
 ---

-This page describes the requirements for the Rancher managed Kubernetes clusters where your apps and services will be installed. These downstream clusters should be separate from the cluster (or single node) running Rancher.
+This page describes the requirements for the Rancher managed Kubernetes clusters where your apps and services will be installed. These downstream clusters should be separate from the three-node cluster running Rancher.

-> If Rancher is installed on a high-availability Kubernetes cluster, the Rancher server cluster and downstream clusters have different requirements. For Rancher installation requirements, refer to the node requirements in the [installation section.]({{<baseurl>}}/rancher/v2.5/en/installation/requirements/)
+> If Rancher is installed on a high-availability Kubernetes cluster, the Rancher server three-node cluster and downstream clusters have different requirements. For Rancher installation requirements, refer to the node requirements in the [installation section.]({{<baseurl>}}/rancher/v2.5/en/installation/requirements/)

 Make sure the nodes for the Rancher server fulfill the following requirements:

@@ -97,7 +97,7 @@ Greater management capabilities are now available for [registered GKE clusters.]
 After registering a cluster, the cluster owner can:

 - [Manage cluster access]({{<baseurl>}}/rancher/v2.5/en/admin-settings/rbac/cluster-project-roles/) through role-based access control
- Enable [monitoring, alerts and notifiers]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/v2.5/)
+- Enable [monitoring, alerts and notifiers]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/)
 - Enable [logging]({{<baseurl>}}/rancher/v2.5/en/logging/v2.5/)
 - Enable [Istio]({{<baseurl>}}/rancher/v2.5/en/istio/v2.5/)
 - Use [pipelines]({{<baseurl>}}/rancher/v2.5/en/project-admin/pipelines/)
@@ -138,7 +138,7 @@ The capabilities for registered clusters are listed in the table on [this page.]
 After registering a cluster, the cluster owner can:

 - [Manage cluster access]({{<baseurl>}}/rancher/v2.5/en/admin-settings/rbac/cluster-project-roles/) through role-based access control
- Enable [monitoring, alerts and notifiers]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/v2.5/)
+- Enable [monitoring, alerts and notifiers]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/)
 - Enable [logging]({{<baseurl>}}/rancher/v2.5/en/logging/v2.5/)
 - Enable [Istio]({{<baseurl>}}/rancher/v2.5/en/istio/v2.5/)
 - Use [pipelines]({{<baseurl>}}/rancher/v2.5/en/project-admin/pipelines/)
@@ -83,7 +83,7 @@ To enable project network isolation as a cluster option, you will need to use Ca

 ### Kubernetes Cloud Providers

-You can configure a [Kubernetes cloud provider]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/rke-clusters/options/cloud-providers). If you want to use [volumes and storage]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/volumes-and-storage/) in Kubernetes, typically you must select the specific cloud provider in order to use it. For example, if you want to use Amazon EBS, you would need to select the `aws` cloud provider.
+You can configure a [Kubernetes cloud provider]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/rke-clusters/options/cloud-providers). If you want to use [volumes and storage]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/volumes-and-storage/) in Kubernetes, typically you must select the specific cloud provider in order to use it. For example, if you want to use Amazon EBS, you would need to select the `aws` cloud provider.

 >**Note:** If the cloud provider you want to use is not listed as an option, you will need to use the [config file option](#cluster-config-file) to configure the cloud provider. Please reference the [RKE cloud provider documentation]({{<baseurl>}}/rke/latest/en/config-options/cloud-providers/) on how to configure the cloud provider.

@@ -286,7 +286,7 @@ See [Docker Root Directory](#docker-root-directory).

 ### enable_cluster_monitoring

-Option to enable or disable [Cluster Monitoring]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/legacy/monitoring/cluster-monitoring/).
+Option to enable or disable [Cluster Monitoring]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/).

 ### enable_network_policy

@@ -5,5 +5,5 @@ weight: 1

 Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, or Kustomize or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy everything in the cluster. This gives you a high degree of control, consistency, and auditability. Fleet focuses not only on the ability to scale, but to give one a high degree of control and visibility to exactly what is installed on the cluster.

-![Architecture]({{<baseurl>}}/img/rancher/fleet-architecture.png)
+![Architecture]({{<baseurl>}}/img/rancher/fleet-architecture.svg)

@@ -31,7 +31,7 @@ As of Rancher 2.3.0, we support Windows Server 1809 containers. For details on h

 **Does Rancher support Istio?**

-As of Rancher 2.3.0, we support [Istio.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/)
+As of Rancher 2.3.0, we support [Istio.]({{<baseurl>}}/rancher/v2.5/en/istio/)

 Furthermore, Istio is implemented in our micro-PaaS "Rio", which works on Rancher 2.x along with any CNCF compliant Kubernetes cluster. You can read more about it [here](https://rio.io/)

@@ -25,7 +25,16 @@ A restore is performed by creating a Restore custom resource.
 > **Important**
 >
 > * Follow the instructions from this page for restoring rancher on the same cluster where it was backed up from. In order to migrate rancher to a new cluster, follow the steps to [migrate rancher.]({{<baseurl>}}/rancher/v2.5/en/backups/migrating-rancher)
-> * While restoring rancher on the same setup, the operator will scale down the rancher deployment when restore starts, and it will scale back up the deployment once restore completes. So Rancher will be unavailable during the restore.
+> * While restoring Rancher on the same setup, the Rancher deployment is manually scaled down before the restore starts, then the operator will scale it back up once the restore completes. So Rancher will be unavailable during the restore.
+
+### Scale the Rancher Deployment to 0
+
+1. From the **Global** view, hover over the **local** cluster.
+1. Under **Projects in local**, click on **System**.
+1. From the **cattle-system** namespace section, find the `rancher-hook` deployment.
+1. Select **&#8942; > Edit**.
+1. Change **Scalable deployment of _ pods** to `0`.
+1. Scroll to the bottom and click **Save**.

 ### Create the Restore Custom Resource

@@ -56,7 +65,7 @@ A restore is performed by creating a Restore custom resource.

 1. Click **Create.**

-**Result:** The rancher-operator scales down the rancher deployment during restore, and scales it back up once the restore completes. The resources are restored in this order:
+**Result:** The backup file is created and updated to the target storage location. The resources are restored in this order:

 1. Custom Resource Definitions (CRDs)
 2. Cluster-scoped resources
@@ -69,14 +78,25 @@ kubectl get pods -n cattle-resources-system
 kubectl logs -n cattle-resources-system -f
 ```

-### Roll back to the previous Rancher version
+### Roll back to a previous Rancher version

-Rancher can be rolled back using the Rancher UI.
+Rancher can be rolled back using the Helm CLI. To roll back to the previous version:

-1. In the Rancher UI, go to the local cluster. 
-1. Go to the System project.
-1. Edit Rancher deployment and modify image to version that you are rolling back to.
-1. Save changes made.
+```yaml
+helm rollback rancher -n cattle-system
+```
+
+If the previous revision is not the intended target, you can specify a revision to roll back to. To see the deployment history:
+
+```yaml
+helm history rancher -n cattle-system
+```
+
+When the target revision is determined, perform the rollback. This example will roll back to revision `3`:
+
+```yaml
+helm rollback rancher 3 -n cattle-system
+```

 # Rolling Back to Rancher v2.2-v2.4+

@@ -88,4 +108,4 @@ For information on how to roll back Rancher installed with Docker, refer to [thi

 # Rolling Back to Rancher v2.0-v2.1

-Rolling back to Rancher v2.0-v2.1 is no longer supported. The instructions for rolling back to these versions are preserved [here]({{<baseurl>}}/rancher/v2.0-v2.4/en/backups/restore/rke-restore/v2.0-v2.1) and are intended to be used only in cases where upgrading to Rancher v2.2+ is not feasible.
+Rolling back to Rancher v2.0-v2.1 is no longer supported. The instructions for rolling back to these versions are preserved [here]({{<baseurl>}}/rancher/v2.0-v2.4/en/backups/restore/rke-restore/v2.0-v2.1) and are intended to be used only in cases where upgrading to Rancher v2.2+ is not feasible.
@@ -11,7 +11,7 @@ aliases:

 This section describes how to set up your private registry so that when you install Rancher, Rancher will pull all the required images from this registry.

-By default, all images used to [provision Kubernetes clusters]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/) or launch any [tools]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/) in Rancher, e.g. monitoring, pipelines, alerts, are pulled from Docker Hub. In an air gapped installation of Rancher, you will need a private registry that is located somewhere accessible by your Rancher server. Then, you will load the registry with all the images.
+By default, all images used to [provision Kubernetes clusters]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/) or launch any tools in Rancher, e.g. monitoring and logging, are pulled from Docker Hub. In an air gapped installation of Rancher, you will need a private registry that is located somewhere accessible by your Rancher server. Then, you will load the registry with all the images.

 Populating the private registry with images is the same process for installing Rancher with Docker and for installing Rancher on a Kubernetes cluster.

@@ -6,7 +6,7 @@ aliases:
  - /rancher/v2.5/en/upgrades/rollbacks/single-node-rollbacks
 ---

-If a Rancher upgrade does not complete successfully, you'll have to roll back to your Rancher setup that you were using before [Docker Upgrade]({{<baseurl>}}/rancher/v2.5/en/upgrades/upgrades/single-node-upgrade). Rolling back restores:
+If a Rancher upgrade does not complete successfully, you'll have to roll back to your Rancher setup that you were using before [Docker Upgrade]({{<baseurl>}}/rancher/v2.5/en/installation/other-installation-methods/single-node-docker/single-node-upgrades). Rolling back restores:

 - Your previous version of Rancher.
 - Your data backup created before upgrade.
@@ -59,9 +59,9 @@ If you have issues upgrading Rancher, roll it back to its latest known healthy s
    ```
    You can obtain the name for your Rancher container by entering `docker ps`.

-1. Move the backup tarball that you created during completion of [Docker Upgrade]({{<baseurl>}}/rancher/v2.5/en/upgrades/upgrades/single-node-upgrade/) onto your Rancher Server. Change to the directory that you moved it to. Enter `dir` to confirm that it's there.
+1. Move the backup tarball that you created during completion of [Docker Upgrade]({{<baseurl>}}/rancher/v2.5/en/installation/other-installation-methods/single-node-docker/single-node-upgrades) onto your Rancher Server. Change to the directory that you moved it to. Enter `dir` to confirm that it's there.

-    If you followed the naming convention we suggested in [Docker Upgrade]({{<baseurl>}}/rancher/v2.5/en/upgrades/upgrades/single-node-upgrade/), it will have a name similar to  (`rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz`).
+    If you followed the naming convention we suggested in [Docker Upgrade]({{<baseurl>}}/rancher/v2.5/en/installation/other-installation-methods/single-node-docker/single-node-upgrades), it will have a name similar to  (`rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz`).

 1. Run the following command to replace the data in the `rancher-data` container with the data in the backup tarball, replacing the placeholder. Don't forget to close the quotes.

@@ -361,4 +361,4 @@ Remove the previous Rancher server container. If you only stop the previous Ranc

 # Rolling Back

-If your upgrade does not complete successfully, you can roll back Rancher server and its data back to its last healthy state. For more information, see [Docker Rollback]({{<baseurl>}}/rancher/v2.5/en/upgrades/rollbacks/single-node-rollbacks/).
+If your upgrade does not complete successfully, you can roll back Rancher server and its data back to its last healthy state. For more information, see [Docker Rollback]({{<baseurl>}}/rancher/v2.5/en/installation/other-installation-methods/single-node-docker/single-node-rollbacks).
@@ -223,7 +223,7 @@ Note: Registered clusters were called imported clusters before Rancher v2.5.

 {{% accordion label="Click to expand" %}}

-The following table depicts the port requirements for [registered clusters]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/imported-clusters/).
+The following table depicts the port requirements for [registered clusters]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/registered-clusters/).

 {{< ports-imported-hosted >}}

@@ -70,7 +70,7 @@ kubectl -n cattle-system logs -f rancher-84d886bdbb-s4s69 rancher-audit-log

 #### Shipping the Audit Log

-You can enable Rancher's built in log collection and shipping for the cluster to ship the audit and other services logs to a supported collection endpoint. See [Rancher Tools - Logging]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/logging) for details.
+You can enable Rancher's built in log collection and shipping for the cluster to ship the audit and other services logs to a supported collection endpoint. See [Logging]({{<baseurl>}}/rancher/v2.5/en/logging) for details.

 ## Audit Log Samples

@@ -12,7 +12,22 @@ aliases:
 The following options are available when using an ARM64 platform:

 - Running Rancher on ARM64 based node(s)
-  - Only [Docker Install]({{<baseurl>}}/rancher/v2.5/en/installation/other-installation-methods/single-node-docker)
+  - Only for Docker Install. Please note that the following installation command replaces the examples found in the [Docker Install]({{<baseurl>}}/rancher/v2.0-v2.4/en/installation/other-installation-methods/single-node-docker) link:
+
+  ```
+  # In the last line `rancher/rancher:vX.Y.Z`, be certain to replace "X.Y.Z" with a released version in which ARM64 builds exist. For  example, if your matching version is v2.5.8, you would fill in this line with `rancher/rancher:v2.5.8`. 
+  docker run -d --restart=unless-stopped \
+    -p 80:80 -p 443:443 \
+    --privileged \
+    rancher/rancher:vX.Y.Z  
+  ``` 
+> **Note:** To check if your specific released version is compatible with the ARM64 architecture, you may navigate to your  
+> version's release notes in the following two ways:
+>
+> - Manually find your version using https://github.com/rancher/rancher/releases.
+> - Go directly to your version using the tag and the specific version number. If you plan to use v2.5.8, for example, you may 
+>   navigate to https://github.com/rancher/rancher/releases/tag/v2.5.8. 
+
 - Create custom cluster and adding ARM64 based node(s)
  - Kubernetes cluster version must be 1.12 or higher
  - CNI Network Provider must be [Flannel]({{<baseurl>}}/rancher/v2.5/en/faq/networking/cni-providers/#flannel)
@@ -7,7 +7,7 @@ aliases:

 This feature enables a UI that lets you create, read, update and delete virtual services and destination rules, which are traffic management features of Istio.

-> **Prerequisite:** Turning on this feature does not enable Istio. A cluster administrator needs to [enable Istio for the cluster]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup) in order to use the feature.
+> **Prerequisite:** Turning on this feature does not enable Istio. A cluster administrator needs to [enable Istio for the cluster]({{<baseurl>}}/rancher/v2.5/en/istio/setup) in order to use the feature.

 To enable or disable this feature, refer to the instructions on [the main page about enabling experimental features.]({{<baseurl>}}/rancher/v2.5/en/installation/options/feature-flags/)

@@ -17,7 +17,7 @@ This core service mesh provides features that include but are not limited to the
 - **Security** with resources to authenticate and authorize traffic and users, mTLS included.
 - **Observability** of logs, metrics, and distributed traffic flows.

-After [setting up istio]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup) you can leverage Istio's control plane functionality through the Cluster Explorer, `kubectl`, or `istioctl`.
+After [setting up istio]({{<baseurl>}}/rancher/v2.5/en/istio/setup) you can leverage Istio's control plane functionality through the Cluster Explorer, `kubectl`, or `istioctl`.

 Istio needs to be set up by a `cluster-admin` before it can be used in a project.

@@ -65,13 +65,13 @@ Note that this is not a production-qualified deployment of Jaeger. This deployme

 # Prerequisites

-Before enabling Istio, we recommend that you confirm that your Rancher worker nodes have enough [CPU and memory]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/resources) to run all of the components of Istio.
+Before enabling Istio, we recommend that you confirm that your Rancher worker nodes have enough [CPU and memory]({{<baseurl>}}/rancher/v2.5/en/istio/resources) to run all of the components of Istio.

 If you are installing Istio on RKE2 cluster, some additional steps are required. For details, see [this section.](#additional-steps-for-installing-istio-on-an-rke2-cluster)

 # Setup Guide

-Refer to the [setup guide]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup) for instructions on how to set up Istio and use it in a project.
+Refer to the [setup guide]({{<baseurl>}}/rancher/v2.5/en/istio/setup) for instructions on how to set up Istio and use it in a project.

 # Remove Istio

@@ -87,7 +87,7 @@ Another option is to manually uninstall istio resources one at a time, but leave

 # Accessing Visualizations

-> By default, only cluster-admins have access to Kiali. For instructions on how to allow admin, edit or views roles to access them, see [this section.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/rbac/)
+> By default, only cluster-admins have access to Kiali. For instructions on how to allow admin, edit or views roles to access them, see [this section.]({{<baseurl>}}/rancher/v2.5/en/istio/rbac/)

 After Istio is set up in a cluster, Grafana, Prometheus,and Kiali are available in the Rancher UI. 

@@ -2,7 +2,7 @@
 title: Enable Istio with Pod Security Policies
 weight: 1
 aliases:
-  - /rancher/v2.5/en/cluster-admin/tools/istio/setup/enable-istio-in-cluster/enable-istio-with-psp
+  - /rancher/v2.5/en/istio/setup/enable-istio-in-cluster/enable-istio-with-psp
  - /rancher/v2.5/en/istio/legacy/setup/enable-istio-in-cluster/enable-istio-with-psp
  - /rancher/v2.5/en/istio/v2.5/setup/enable-istio-in-cluster/enable-istio-with-psp
  - /rancher/v2.5/en/istio/v2.5/configuration-reference/enable-istio-with-psp
@@ -102,7 +102,7 @@ Verify that the CNI is working by deploying a [sample application](https://istio

 ### 3. Install Istio

-Follow the [primary instructions]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/enable-istio-in-cluster/), adding a custom answer: `istio_cni.enabled: true`.
+Follow the [primary instructions]({{<baseurl>}}/rancher/v2.5/en/istio/setup/enable-istio-in-cluster/), adding a custom answer: `istio_cni.enabled: true`.

 After Istio has finished installing, the Apps page in System Projects should show both istio and `istio-cni` applications deployed successfully. Sidecar injection will now be functional.

@@ -3,7 +3,7 @@ title: Selectors and Scrape Configs
 weight: 2
 aliases:
  - /rancher/v2.5/en/istio/v2.5/configuration-reference/selectors-and-scrape
-  - /rancher/v2.5/en/cluster-admin/tools/istio/setup/node-selectors
+  - /rancher/v2.5/en/istio/setup/node-selectors
 ---

 The Monitoring app sets `prometheus.prometheusSpec.ignoreNamespaceSelectors=false`, which enables monitoring across all namespaces by default.
@@ -2,7 +2,7 @@
 title: Role-based Access Control
 weight: 3
 aliases:
-  - /rancher/v2.5/en/cluster-admin/tools/istio/rbac
+  - /rancher/v2.5/en/istio/rbac
  - /rancher/v2.5/en/istio/v2.5/rbac
 ---

@@ -1,7 +1,7 @@
 ---
 title: Release Notes
 aliases:
-  - /rancher/v2.5/en/cluster-admin/tools/istio/release-notes
+  - /rancher/v2.5/en/istio/release-notes
  - /rancher/v2.5/en/istio/v2.5/release-notes
 ---

@@ -4,7 +4,7 @@ weight: 1
 aliases:
  - /rancher/v2.5/en/project-admin/istio/configuring-resource-allocations/
  - /rancher/v2.5/en/project-admin/istio/config/
-  - /rancher/v2.5/en/cluster-admin/tools/istio/resources
+  - /rancher/v2.5/en/istio/resources
  - /rancher/v2.5/en/istio/v2.5/resources
 ---

@@ -2,7 +2,7 @@
 title: Setup Guide
 weight: 2
 aliases:
-  - /rancher/v2.5/en/cluster-admin/tools/istio/setup
+  - /rancher/v2.5/en/istio/setup
  - /rancher/v2.5/en/istio/v2.5/setup/
 ---

@@ -14,18 +14,18 @@ If you use Istio for traffic management, you will need to allow external traffic

 This guide assumes you have already [installed Rancher,]({{<baseurl>}}/rancher/v2.5/en/installation) and you have already [provisioned a separate Kubernetes cluster]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning) on which you will install Istio.

-The nodes in your cluster must meet the [CPU and memory requirements.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/resources/)
+The nodes in your cluster must meet the [CPU and memory requirements.]({{<baseurl>}}/rancher/v2.5/en/istio/resources/)

 The workloads and services that you want to be controlled by Istio must meet [Istio's requirements.](https://istio.io/docs/setup/additional-setup/requirements/)


 # Install

-> **Quick Setup** If you don't need external traffic to reach Istio, and you just want to set up Istio for monitoring and tracing traffic within the cluster, skip the steps for [setting up the Istio gateway]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/gateway) and [setting up Istio's components for traffic management.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/set-up-traffic-management)
+> **Quick Setup** If you don't need external traffic to reach Istio, and you just want to set up Istio for monitoring and tracing traffic within the cluster, skip the steps for [setting up the Istio gateway]({{<baseurl>}}/rancher/v2.5/en/istio/setup/gateway) and [setting up Istio's components for traffic management.]({{<baseurl>}}/rancher/v2.5/en/istio/setup/set-up-traffic-management)

-1. [Enable Istio in the cluster.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/enable-istio-in-cluster)
-1. [Enable Istio in all the namespaces where you want to use it.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/enable-istio-in-namespace)
-1. [Add deployments and services that have the Istio sidecar injected.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/deploy-workloads)
-1. [Set up the Istio gateway. ]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/gateway)
-1. [Set up Istio's components for traffic management.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/set-up-traffic-management)
+1. [Enable Istio in the cluster.]({{<baseurl>}}/rancher/v2.5/en/istio/setup/enable-istio-in-cluster)
+1. [Enable Istio in all the namespaces where you want to use it.]({{<baseurl>}}/rancher/v2.5/en/istio/setup/enable-istio-in-namespace)
+1. [Add deployments and services that have the Istio sidecar injected.]({{<baseurl>}}/rancher/v2.5/en/istio/setup/deploy-workloads)
+1. [Set up the Istio gateway. ]({{<baseurl>}}/rancher/v2.5/en/istio/setup/gateway)
+1. [Set up Istio's components for traffic management.]({{<baseurl>}}/rancher/v2.5/en/istio/setup/set-up-traffic-management)
 1. [Generate traffic and see Istio in action.]({{<baseurl>}}/rancher/v2.5/en/istio/v2.5/setup/view-traffic/ )
@@ -2,7 +2,7 @@
 title: 3. Add Deployments and Services with the Istio Sidecar
 weight: 4
 aliases:
-  - /rancher/v2.5/en/cluster-admin/tools/istio/setup/deploy-workloads
+  - /rancher/v2.5/en/istio/setup/deploy-workloads
  - /rancher/v2.5/en/istio/v2.5/setup/deploy-workloads
 ---

@@ -347,4 +347,4 @@ spec:
 ---
 ```

-### [Next: Set up the Istio Gateway]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/gateway)
+### [Next: Set up the Istio Gateway]({{<baseurl>}}/rancher/v2.5/en/istio/setup/gateway)
@@ -2,7 +2,7 @@
 title: 1. Enable Istio in the Cluster
 weight: 1
 aliases:
-  - /rancher/v2.5/en/cluster-admin/tools/istio/setup/enable-istio-in-cluster
+  - /rancher/v2.5/en/istio/setup/enable-istio-in-cluster
  - /rancher/v2.5/en/istio/v2.5/setup/enable-istio-in-cluster
 ---

@@ -16,7 +16,7 @@ aliases:
 1. From the **Cluster Explorer**, navigate to available **Charts** in **Apps & Marketplace** 
 1. Select the Istio chart from the rancher provided charts
 1. If you have not already installed your own monitoring app, you will be prompted to install the rancher-monitoring app. Optional: Set your Selector or Scrape config options on rancher-monitoring app install. 
-1. Optional: Configure member access and [resource limits]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/resources/) for the Istio components. Ensure you have enough resources on your worker nodes to enable Istio.
+1. Optional: Configure member access and [resource limits]({{<baseurl>}}/rancher/v2.5/en/istio/resources/) for the Istio components. Ensure you have enough resources on your worker nodes to enable Istio.
 1. Optional: Make additional configuration changes to values.yaml if needed.
 1. Optional: Add additional resources or configuration via the [overlay file.]({{<baseurl>}}/rancher/v2.5/en/istio/v2.5/configuration-reference/#overlay-file)
 1. Click **Install**.
@@ -2,7 +2,7 @@
 title: 2. Enable Istio in a Namespace
 weight: 2
 aliases:
-  - /rancher/v2.5/en/cluster-admin/tools/istio/setup/enable-istio-in-namespace
+  - /rancher/v2.5/en/istio/setup/enable-istio-in-namespace
  - /rancher/v2.5/en/istio/v2.5/setup/enable-istio-in-namespace
 ---

@@ -41,4 +41,4 @@ To add the annotation to a workload,
 > **NOTE:** If you are having issues with a Job you deployed not completing, you will need to add this annotation to your pod using the provided steps. Since Istio Sidecars run indefinitely, a Job cannot be considered complete even after its task has completed. 


-### [Next: Select the Nodes ]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/node-selectors)
+### [Next: Select the Nodes ]({{<baseurl>}}/rancher/v2.5/en/istio/setup/node-selectors)
@@ -2,7 +2,7 @@
 title: 4. Set up the Istio Gateway
 weight: 5
 aliases:
-  - /rancher/v2.5/en/cluster-admin/tools/istio/setup/gateway
+  - /rancher/v2.5/en/istio/setup/gateway
  - /rancher/v2.5/en/istio/v2.5/setup/gateway
 ---

@@ -140,4 +140,4 @@ In the gateway resource, the selector refers to Istio's default ingress controll
 1. Scroll down to the `istio-system` namespace. 
 1. Within `istio-system`, there is a workload named `istio-ingressgateway`. Click the name of this workload and go to the **Labels and Annotations** section. You should see that it has the key `istio` and the value `ingressgateway`. This confirms that the selector in the Gateway resource matches Istio's default ingress controller.

-### [Next: Set up Istio's Components for Traffic Management]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/set-up-traffic-management)
+### [Next: Set up Istio's Components for Traffic Management]({{<baseurl>}}/rancher/v2.5/en/istio/setup/set-up-traffic-management)
@@ -2,7 +2,7 @@
 title: 5. Set up Istio's Components for Traffic Management
 weight: 6
 aliases:
-  - /rancher/v2.5/en/cluster-admin/tools/istio/setup/set-up-traffic-management
+  - /rancher/v2.5/en/istio/setup/set-up-traffic-management
  - /rancher/v2.5/en/istio/v2.5/setup/set-up-traffic-management
 ---

@@ -74,4 +74,4 @@ spec:

 **Result:** When you generate traffic to this service (for example, by refreshing the ingress gateway URL), the Kiali traffic graph will reflect that traffic to the `reviews` service is divided evenly between `v1` and `v3`.

-### [Next: Generate and View Traffic]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/setup/view-traffic)
+### [Next: Generate and View Traffic]({{<baseurl>}}/rancher/v2.5/en/istio/setup/view-traffic)
@@ -2,7 +2,7 @@
 title: 6. Generate and View Traffic
 weight: 7
 aliases:
-  - /rancher/v2.5/en/cluster-admin/tools/istio/setup/view-traffic
+  - /rancher/v2.5/en/istio/setup/view-traffic
  - /rancher/v2.5/en/istio/setup/view-traffic
  - /rancher/v2.5/en/istio/v2.5/setup/view-traffic
 ---
@@ -12,7 +12,7 @@ aliases:

 The [Banzai Cloud Logging operator](https://banzaicloud.com/docs/one-eye/logging-operator/) now powers Rancher's logging solution in place of the former, in-house solution.

-For an overview of the changes in v2.5, see [this section.](/{{<baseurl>}}/rancher/v2.5/en/logging/architecture/#changes-in-rancher-v2-5) For information about migrating from Logging V1, see [this page.](./migrating)
+For an overview of the changes in v2.5, see [this section.]({{<baseurl>}}/rancher/v2.5/en/logging/architecture/#changes-in-rancher-v2-5) For information about migrating from Logging V1, see [this page.](./migrating)

 - [Enabling Logging](#enabling-logging)
 - [Uninstall Logging](#uninstall-logging)
@@ -3,10 +3,6 @@ title: Monitoring and Alerting
 shortTitle: Monitoring/Alerting
 description: Prometheus lets you view metrics from your different Rancher and Kubernetes objects. Learn about the scope of monitoring and how to enable cluster monitoring
 weight: 13
-aliases:
-  - /rancher/v2.5/en/dashboard/monitoring-alerting
-  - /rancher/v2.5/en/dashboard/notifiers
-  - /rancher/v2.5/en/cluster-admin/tools/monitoring/
 ---

 Using the `rancher-monitoring` application, you can quickly deploy leading open-source monitoring and alerting solutions onto your cluster.
@@ -55,7 +51,7 @@ These default exporters automatically scrape metrics for CPU and memory from all

 ### Default Alerts

-The monitoring application deploys some alerts by default. To see the default alerts, go to the [Alertmanager UI](./dashboard/accessing-the-alertmanager-ui) and click **Expand all groups.**
+The monitoring application deploys some alerts by default. To see the default alerts, go to the [Alertmanager UI](./dashboards/#alertmanager-ui) and click **Expand all groups.**

 ### Components Exposed in the Rancher UI

@@ -84,7 +80,7 @@ For information on configuring access to monitoring, see [this page.](./rbac)
 - [ServiceMonitor and PodMonitor](./configuration/servicemonitor-podmonitor)
 - [Receiver](./configuration/receiver)
 - [Route](./configuration/route)
- [PrometheusRule](./configuration/advanced/prometheusrule)
+- [PrometheusRule](./configuration/advanced/prometheusrules)
 - [Prometheus](./configuration/advanced/prometheus)
 - [Alertmanager](./configuration/advanced/alertmanager)

@@ -108,6 +104,4 @@ For more details on how to upgrade wins on existing Windows hosts, refer to the

 There is a [known issue](https://github.com/rancher/rancher/issues/28787#issuecomment-693611821) that K3s clusters require more default memory. If you are enabling monitoring on a K3s cluster, we recommend setting `prometheus.prometheusSpec.resources.memory.limit` to 2500 Mi and `prometheus.prometheusSpec.resources.memory.request` to 1750 Mi.

-For tips on debugging high memory usage, see [this page.](./memory-usage)
-
-It is common that as the amount of metrics and deployments being monitors grows, Prometheus's memory and CPU needs outgrow the limits initially placed on them.  If you see Prometheus commonly crashing, try increasing the allocated memory and setting alerts for when resource usage of Monitoring pods approaches limits placed on them.
+For tips on debugging high memory usage, see [this page.](./guides/memory-usage)
@@ -2,7 +2,7 @@
 title: Configuration
 weight: 5
 aliases:
-  - /rancher/v2.5/en/monitoring-alerting/v2.5/configuration
+  - /rancher/v2.5/en/monitoring-alerting/configuration
 ---

 This page captures some of the most important options for configuring Monitoring V2 in the Rancher UI.
@@ -2,7 +2,7 @@
 title: Prometheus Configuration
 weight: 1
 aliases:
-  - /rancher/v2.5/en/monitoring-alerting/v2.5/configuration/prometheusrules
+  - /rancher/v2.5/en/monitoring-alerting/configuration/prometheusrules
  - /rancher/v2.5/en/monitoring-alerting/configuration/prometheusrules
  - /rancher/v2.5/en/monitoring-alerting/configuration/advanced/prometheusrules
 ---
@@ -5,8 +5,7 @@ weight: 3

 A PrometheusRule defines a group of Prometheus alerting and/or recording rules.

-> This section assumes familiarity with how monitoring components work together. For more information about Alertmanager, see [this section.](../how-monitoring-works/#how-alertmanager-works)
-
+> This section assumes familiarity with how monitoring components work together. For more information, see [this section.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/how-monitoring-works)

 ### Creating PrometheusRules in the Rancher UI

@@ -21,4 +21,4 @@ An example PrometheusRule is on [this page.](https://github.com/prometheus-opera

 ### Alertmanager Config

-For an example configuration, refer to [this section.](./alertmanager/#example-alertmanager-config)
+For an example configuration, refer to [this section.](../advanced/alertmanager/#example-alertmanager-config)
@@ -3,7 +3,7 @@ title: Receiver Configuration
 shortTitle: Receivers
 weight: 1
 aliases:
-  - /rancher/v2.5/en/monitoring-alerting/v2.5/configuration/alertmanager
+  - /rancher/v2.5/en/monitoring-alerting/configuration/alertmanager
  - rancher/v2.5/en/monitoring-alerting/legacy/notifiers/
  - /rancher/v2.5/en/cluster-admin/tools/notifiers
  - /rancher/v2.5/en/cluster-admin/tools/alerts
@@ -10,7 +10,7 @@ When a Route is changed, the Prometheus Operator regenerates the Alertmanager cu

 For more information about configuring routes, refer to the [official Alertmanager documentation.](https://www.prometheus.io/docs/alerting/latest/configuration/#route)

-> This section assumes familiarity with how monitoring components work together. For more information about Alertmanager, see [this section.](../../how-monitoring-works/#3-how-alertmanager-works)
+> This section assumes familiarity with how monitoring components work together. For more information, see [this section.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/how-monitoring-works)

 - [Route Restrictions](#route-restrictions)
 - [Route Configuration](#route-configuration)
@@ -4,8 +4,8 @@ weight: 6
 aliases:
  - /rancher/v2.5/en/project-admin/tools/monitoring/expression
  - /rancher/v2.5/en/cluster-admin/tools/monitoring/expression
-  - /rancher/v2.5/en/monitoring-alerting/legacy/monitoring/cluster-monitoring/expression
-  - /rancher/v2.5/en/monitoring-alerting/v2.5/configuration/expression
+  - /rancher/v2.5/en/monitoring-alerting/expression
+  - /rancher/v2.5/en/monitoring-alerting/configuration/expression
  - /rancher/v2.5/en/monitoring/alerting/configuration/expression
 ---

@@ -12,7 +12,7 @@ You can enable monitoring with or without SSL.
 # Requirements

 - Make sure that you are allowing traffic on port 9796 for each of your nodes because Prometheus will scrape metrics from here.
- Make sure your cluster fulfills the resource requirements. The cluster should have at least 1950Mi memory available, 2700m CPU, and 50Gi storage. A breakdown of the resource limits and requests is [here.](./configuration/helm-chart-options/#setting-resource-limits-and-requests)
+- Make sure your cluster fulfills the resource requirements. The cluster should have at least 1950Mi memory available, 2700m CPU, and 50Gi storage. A breakdown of the resource limits and requests is [here.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration/helm-chart-options/#configuring-resource-limits-and-requests)
 - When installing monitoring on an RKE cluster using RancherOS or Flatcar Linux nodes, change the etcd node certificate directory to `/opt/rke/etc/kubernetes/ssl`.

 > **Note:** If you want to set up Alertmanager, Grafana or Ingress, it has to be done with the settings on the Helm chart deployment. It's problematic to create Ingress outside the deployment.
@@ -21,7 +21,7 @@ You can enable monitoring with or without SSL.

 The resource requests and limits can be configured when installing `rancher-monitoring`.  To configure Prometheus resources from the Rancher UI, click **Apps & Marketplace > Monitoring** in the upper left corner.

-For more information about the default limits, see [this page.](./configuration/helm-chart-options/#setting-resource-limits-and-requests)
+For more information about the default limits, see [this page.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration/helm-chart-options/#configuring-resource-limits-and-requests)

 # Install the Monitoring Application

@@ -33,7 +33,7 @@ For more information about the default limits, see [this page.](./configuration/
 1. In the Rancher UI, go to the cluster where you want to install monitoring and click **Cluster Explorer.**
 1. Click **Apps.**
 1. Click the `rancher-monitoring` app.
-1. Optional: Click **Chart Options** and configure alerting, Prometheus and Grafana. For help, refer to the [configuration reference.](./configuration)
+1. Optional: Click **Chart Options** and configure alerting, Prometheus and Grafana. For help, refer to the [configuration reference.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration/helm-chart-options/)
 1. Scroll to the bottom of the Helm chart README and click **Install.**

 **Result:** The monitoring app is deployed in the `cattle-monitoring-system` namespace.
@@ -69,7 +69,7 @@ Then **Cert File Path** would be set to `/etc/alertmanager/secrets/cert.pem`.
 1. In the Rancher UI, go to the cluster where you want to install monitoring and click **Cluster Explorer.**
 1. Click **Apps.**
 1. Click the `rancher-monitoring` app.
-1. Optional: Click **Chart Options** and configure alerting, Prometheus and Grafana. For help, refer to the [configuration reference.](./configuration)
+1. Optional: Click **Chart Options** and configure alerting, Prometheus and Grafana. For help, refer to the [configuration reference.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration/helm-chart-options/)
 1. Scroll to the bottom of the Helm chart README and click **Install.**

 **Result:** The monitoring app is deployed in the `cattle-monitoring-system` namespace.
@@ -2,7 +2,7 @@
 title: Migrating to Rancher v2.5 Monitoring
 weight: 9
 aliases:
-  - /rancher/v2.5/en/monitoring-alerting/v2.5/migrating
+  - /rancher/v2.5/en/monitoring-alerting/migrating
 ---

 If you previously enabled Monitoring, Alerting, or Notifiers in Rancher before v2.5, there is no automatic upgrade path for switching to the new monitoring/alerting solution. Before deploying the new monitoring solution via Cluster Explore, you will need to disable and remove all existing custom alerts, notifiers and monitoring installations for the whole cluster and in all projects.
@@ -34,7 +34,7 @@ Unlike in Monitoring & Alerting V1, both features are packaged in a single Helm

 Monitoring V2 can only be configured on the cluster level. Project-level monitoring and alerting is no longer supported.

-For more information on how to configure Monitoring & Alerting V2, see [this page.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/v2.5/configuration)
+For more information on how to configure Monitoring & Alerting V2, see [this page.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration)

 # Changes to Role-based Access Control

@@ -128,11 +128,11 @@ or add the Prometheus Rule through the Cluster Explorer

 {{< img "/img/rancher/monitoring/migration/alert_2.4_to_2.5_target.png" "">}}

-For more details on how to configure PrometheusRules in Monitoring V2 see [Monitoring Configuration]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/v2.5/configuration#prometheusrules).
+For more details on how to configure PrometheusRules in Monitoring V2 see [Monitoring Configuration]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration#prometheusrules).

 ### Migrating Notifiers

-There is no direct equivalent for how notifiers work in Monitoring V1. Instead you have to replicate the desired setup with [Routes and Receivers]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/v2.5/configuration#alertmanager-config) in Monitoring V2.
+There is no direct equivalent for how notifiers work in Monitoring V1. Instead you have to replicate the desired setup with [Routes and Receivers]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/configuration#alertmanager-config) in Monitoring V2.


 ### Migrating for RKE Template Users
@@ -2,7 +2,7 @@
 title: Persistent Grafana Dashboards
 weight: 6
 aliases:
-  - /rancher/v2.5/en/monitoring-alerting/v2.5/persist-grafana
+  - /rancher/v2.5/en/monitoring-alerting/persist-grafana
 ---

 To allow the Grafana dashboard to persist after the Grafana instance restarts, add the dashboard configuration JSON into a ConfigMap. ConfigMaps also allow the dashboards to be deployed with a GitOps or CD based approach. This allows the dashboard to be put under version control.
@@ -101,7 +101,7 @@ While the Rancher UI forms only allow editing a routing tree that is two levels

 By editing the forms in the Rancher UI, you can set up a Receiver resource with all the information Alertmanager needs to send alerts to your notification system.

-By editing custom YAML in the Alertmanager or Receiver configuration, you can also send alerts to multiple notification systems. For more information, see the section on configuring [Receivers.](./configuration/receiver/#configuring-multiple-receivers)
+By editing custom YAML in the Alertmanager or Receiver configuration, you can also send alerts to multiple notification systems. For more information, see the section on configuring [Receivers.](../configuration/receiver/#configuring-multiple-receivers)

 # 4. Monitoring V2 Specific Components

@@ -154,7 +154,7 @@ When the monitoring application is installed, you will be able to edit the follo
 | Route | Configuration block (part of Alertmanager) | Add identifying information to make alerts more meaningful and direct them to individual teams. Automatically updates the Alertmanager custom resource. |
 | PrometheusRule | Custom resource | For more advanced use cases, you may want to define what Prometheus metrics or time series database queries should result in alerts being fired.  Automatically updates the Prometheus custom resource. |
 | Alertmanager | Custom resource | Edit this custom resource only if you need more advanced configuration options beyond what the Rancher UI exposes in the Routes and Receivers sections. For example, you might want to edit this resource to add a routing tree with more than two levels. |
-| Prometheus | Custom resource | Edit this custom resource only if you need more advanced configuration beyond what can be configured using  ServiceMonitors, PodMonitors, or [Rancher monitoring Helm chart options.](./configuration/helm-chart-options) |
+| Prometheus | Custom resource | Edit this custom resource only if you need more advanced configuration beyond what can be configured using  ServiceMonitors, PodMonitors, or [Rancher monitoring Helm chart options.](../configuration/helm-chart-options) |

 # 5. Scraping and Exposing Metrics

@@ -4,7 +4,7 @@ shortTitle: RBAC
 weight: 2
 aliases:
  - /rancher/v2.5/en/cluster-admin/tools/monitoring/rbac
-  - /rancher/v2.5/en/monitoring-alerting/v2.5/rbac
+  - /rancher/v2.5/en/monitoring-alerting/rbac
  - /rancher/v2.5/en/monitoring-alerting/grafana
 ---
 This section describes the expectations for RBAC for Rancher Monitoring.
@@ -39,7 +39,7 @@ The Rancher API server is built on top of an embedded Kubernetes API server and
 - **Catalog management:** Rancher provides the ability to use a [catalog of Helm charts]({{<baseurl>}}/rancher/v2.5/en/catalog/) that make it easy to repeatedly deploy applications.
 - **Managing projects:** A project is a group of multiple namespaces and access control policies within a cluster. A project is a Rancher concept, not a Kubernetes concept, which allows you manage multiple namespaces as a group and perform Kubernetes operations in them. The Rancher UI provides features for [project administration]({{<baseurl>}}/rancher/v2.5/en/project-admin/) and for [managing applications within projects.]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/)
 - **Pipelines:** Setting up a [pipeline]({{<baseurl>}}/rancher/v2.5/en/project-admin/pipelines/) can help developers deliver new software as quickly and efficiently as possible. Within Rancher, you can configure pipelines for each of your Rancher projects.
- **Istio:** Our [integration with Istio]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/istio/) is designed so that a Rancher operator, such as an administrator or cluster owner, can deliver Istio to developers. Then developers can use Istio to enforce security policies, troubleshoot problems, or manage traffic for green/blue deployments, canary deployments, or A/B testing.
+- **Istio:** Our [integration with Istio]({{<baseurl>}}/rancher/v2.5/en/istio/) is designed so that a Rancher operator, such as an administrator or cluster owner, can deliver Istio to developers. Then developers can use Istio to enforce security policies, troubleshoot problems, or manage traffic for green/blue deployments, canary deployments, or A/B testing.

 ### Working with Cloud Infrastructure

@@ -303,7 +303,7 @@ timeout: 30

 # Notifications

-You can enable notifications to any [notifiers]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/notifiers/) based on the build status of a pipeline. Before enabling notifications, Rancher recommends [setting up notifiers]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/legacy/notifiers/) so it will be easy to add recipients immediately.
+You can enable notifications to any notifiers based on the build status of a pipeline. Before enabling notifications, Rancher recommends [setting up notifiers]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/legacy/notifiers/) so it will be easy to add recipients immediately.

 ### Configuring Notifications by UI

@@ -311,7 +311,7 @@ You can enable notifications to any [notifiers]({{<baseurl>}}/rancher/v2.5/en/cl

 1. Select the conditions for the notification. You can select to get a notification for the following statuses: `Failed`, `Success`, `Changed`. For example, if you want to receive notifications when an execution fails, select **Failed**.

-1. If you don't have any existing [notifiers]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/notifiers), Rancher will provide a warning that no notifiers are set up and provide a link to be able to go to the notifiers page. Follow the [instructions]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/legacy/notifiers/) to add a notifier. If you  already have notifiers, you can add them to the notification by clicking the **Add Recipient** button.
+1. If you don't have any existing notifiers, Rancher will provide a warning that no notifiers are set up and provide a link to be able to go to the notifiers page. Follow the [instructions]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting/legacy/notifiers/) to add a notifier. If you  already have notifiers, you can add them to the notification by clicking the **Add Recipient** button.

    > **Note:** Notifiers are configured at a cluster level and require a different level of permissions.

@@ -12,7 +12,6 @@ Resources that you can assign directly to namespaces include:
 - [Workloads]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/workloads/)
 - [Load Balancers/Ingress]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/load-balancers-and-ingress/)
 - [Service Discovery Records]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/service-discovery/)
- [Persistent Volume Claims]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/volumes-and-storage/persistent-volume-claims/)
 - [Certificates]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/certificates/)
 - [ConfigMaps]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/configmaps/)
 - [Registries]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/registries/)
@@ -35,7 +34,7 @@ Create a new namespace to isolate apps and resources in a project.

 1. From the main menu, select **Namespace**. The click **Add Namespace**.

-1. **Optional:** If your project has [Resource Quotas]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/resource-quotas) in effect, you can override the default resource **Limits** (which places a cap on the resources that the namespace can consume).  
+1. **Optional:** If your project has [Resource Quotas]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/resource-quotas) in effect, you can override the default resource **Limits** (which places a cap on the resources that the namespace can consume).  

 1. Enter a **Name** and then click **Create**.

@@ -54,7 +53,7 @@ Cluster admins and members may occasionally need to move a namespace to another
    >**Notes:**
    >
    >- Don't move the namespaces in the `System` project. Moving these namespaces can adversely affect cluster networking.
-    >- You cannot move a namespace into a project that already has a [resource quota]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/resource-quotas/) configured.
+    >- You cannot move a namespace into a project that already has a [resource quota]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/resource-quotas/) configured.
    >- If you move a namespace from a project that has a quota set to a project with no quota set, the quota is removed from the namespace.

 1. Choose a new project for the new namespace and then click **Move**. Alternatively, you can remove the namespace from all projects by selecting **None**.
@@ -65,4 +64,4 @@ Cluster admins and members may occasionally need to move a namespace to another

 You can always override the namespace default limit to provide a specific namespace with access to more (or less) project resources.

-For more information, see how to [edit namespace resource quotas]({{<baseurl>}}/rancher/v2.5/en/project-admin//resource-quotas/override-namespace-default/).
+For more information, see how to [edit namespace resource quotas]({{<baseurl>}}/rancher/v2.5/en/project-admin/resource-quotas/override-namespace-default/).
@@ -3,7 +3,7 @@ title: Adding Users to Projects
 weight: 2505
 aliases:
  - /rancher/v2.5/en/tasks/projects/add-project-members/
-  - /rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/project-members/
+  - /rancher/v2.5/en/cluster-admin/projects-and-namespaces/project-members/
 ---

 If you want to provide a user with access and permissions to _specific_ projects and resources within a cluster, assign the user a project membership.
@@ -14,7 +14,7 @@ You can add members to a project as it is created, or add them to an existing pr

 ### Adding Members to a New Project

-You can add members to a project as you create it (recommended if possible). For details on creating a new project, refer to the [cluster administration section.]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/)
+You can add members to a project as you create it (recommended if possible). For details on creating a new project, refer to the [cluster administration section.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/)

 ### Adding Members to an Existing Project

@@ -2,7 +2,7 @@
 title: Project Resource Quotas
 weight: 2515
 aliases:
-  - /rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/resource-quotas 
+  - /rancher/v2.5/en/cluster-admin/projects-and-namespaces/resource-quotas 
 ---

 In situations where several teams share a cluster, one team may overconsume the resources available: CPU, memory, storage, services, Kubernetes objects like pods or secrets, and so on.  To prevent this overconsumption, you can apply a _resource quota_, which is a Rancher feature that limits the resources available to a project or namespace.
@@ -15,7 +15,7 @@ Resource quotas in Rancher include the same functionality as the [native version

 ### Applying Resource Quotas to Existing Projects

-Edit [resource quotas]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/resource-quotas) when:
+Edit [resource quotas]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/resource-quotas) when:

 - You want to limit the resources that a project and its namespaces can use.
 - You want to scale the resources available to a project up or down when a research quota is already in effect.
@@ -9,7 +9,7 @@ To avoid setting these limits on each and every container during workload creati

 ### Editing the Container Default Resource Limit

-Edit [container default resource limit]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/resource-quotas/) when:
+Edit [container default resource limit]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/resource-quotas/) when:

 - You have a CPU or Memory resource quota set on a project, and want to supply the corresponding default values for a container.
 - You want to edit the default container resource limit.
@@ -5,16 +5,16 @@ weight: 2

 Although the **Namespace Default Limit** propagates from the project to each namespace when created, in some cases, you may need to increase (or decrease) the quotas for a specific namespace. In this situation, you can override the default limits by editing the namespace.

-In the diagram below, the Rancher administrator has a resource quota in effect for their project. However, the administrator wants to override the namespace limits for `Namespace 3` so that it has more resources available. Therefore, the administrator [raises the namespace limits]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/) for `Namespace 3` so that the namespace can access more resources.
+In the diagram below, the Rancher administrator has a resource quota in effect for their project. However, the administrator wants to override the namespace limits for `Namespace 3` so that it has more resources available. Therefore, the administrator [raises the namespace limits]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/) for `Namespace 3` so that the namespace can access more resources.

 <sup>Namespace Default Limit Override</sup>
 ![Namespace Default Limit Override]({{<baseurl>}}/img/rancher/rancher-resource-quota-override.svg)

-How to: [Editing Namespace Resource Quotas]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/)
+How to: [Editing Namespace Resource Quotas]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/)

 ### Editing Namespace Resource Quotas

-If there is a [resource quota]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/resource-quotas) configured for a project, you can override the namespace default limit to provide a specific namespace with access to more (or less) project resources.
+If there is a [resource quota]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/resource-quotas) configured for a project, you can override the namespace default limit to provide a specific namespace with access to more (or less) project resources.

 1. From the **Global** view, open the cluster that contains the namespace for which you want to edit the resource quota.

@@ -24,7 +24,7 @@ If there is a [resource quota]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/proj

 1. Edit the Resource Quota **Limits**.  These limits determine the resources available to the namespace. The limits must be set within the configured project limits.

-    For more information about each **Resource Type**, see [Resource Quotas]({{<baseurl>}}/rancher/v2.5/en/k8s-in-rancher/projects-and-namespaces/resource-quotas/).
+    For more information about each **Resource Type**, see [Resource Quotas]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/projects-and-namespaces/resource-quotas/).

    >**Note:**
    >
@@ -14,11 +14,11 @@ Rancher contains a variety of tools that aren't included in Kubernetes to assist

 ## Notifiers and Alerts

-Notifiers and alerts are two features that work together to inform you of events in the Rancher system.
+Notifiers and alerts are two features that work together to inform you of events in the Rancher system. Before they can be enabled, the monitoring application must be installed.

-[Notifiers]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/notifiers) are services that inform you of alert events. You can configure notifiers to send alert notifications to staff best suited to take corrective action. Notifications can be sent with Slack, email, PagerDuty, WeChat, and webhooks.
+Notifiers are services that inform you of alert events. You can configure notifiers to send alert notifications to staff best suited to take corrective action. Notifications can be sent with Slack, email, PagerDuty, WeChat, and webhooks.

-[Alerts]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/alerts) are rules that trigger those notifications. Before you can receive alerts, you must configure one or more notifier in Rancher. The scope for alerts can be set at either the cluster or project level.
+Alerts are rules that trigger those notifications. Before you can receive alerts, you must configure one or more notifier in Rancher. The scope for alerts can be set at either the cluster or project level.

 ## Logging

@@ -32,8 +32,8 @@ Logging is helpful because it allows you to:

 Rancher can integrate with Elasticsearch, splunk, kafka, syslog, and fluentd.

-For details, refer to the [logging section.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/logging)
+For details, refer to the [logging section.]({{<baseurl>}}/rancher/v2.5/en/logging)

 ## Monitoring

-Using Rancher, you can monitor the state and processes of your cluster nodes, Kubernetes components, and software deployments through integration with [Prometheus](https://prometheus.io/), a leading open-source monitoring solution. For details, refer to the [monitoring section.]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/tools/monitoring)
+Using Rancher, you can monitor the state and processes of your cluster nodes, Kubernetes components, and software deployments through integration with [Prometheus](https://prometheus.io/), a leading open-source monitoring solution. For details, refer to the [monitoring section.]({{<baseurl>}}/rancher/v2.5/en/monitoring-alerting)
@@ -18,4 +18,4 @@ Rancher is committed to informing the community of security issues in our produc
 | [CVE-2019-12274](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12274) | Nodes using the built-in node drivers using a file path option allows the machine to read arbitrary files including sensitive ones from inside the Rancher server container. | 5 Jun 2019  |  [Rancher v2.2.4](https://github.com/rancher/rancher/releases/tag/v2.2.4), [Rancher v2.1.10](https://github.com/rancher/rancher/releases/tag/v2.1.10) and [Rancher v2.0.15](https://github.com/rancher/rancher/releases/tag/v2.0.15)  |
 | [CVE-2019-11202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11202) | The default admin, that is shipped with Rancher, will be re-created upon restart of Rancher despite being explicitly deleted. | 16 Apr 2019  |  [Rancher v2.2.2](https://github.com/rancher/rancher/releases/tag/v2.2.2), [Rancher v2.1.9](https://github.com/rancher/rancher/releases/tag/v2.1.9) and [Rancher v2.0.14](https://github.com/rancher/rancher/releases/tag/v2.0.14)  |
 | [CVE-2019-6287](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6287) | Project members continue to get access to namespaces from projects that they were removed from if they were added to more than one project. | 29 Jan 2019  |  [Rancher v2.1.6](https://github.com/rancher/rancher/releases/tag/v2.1.6) and [Rancher v2.0.11](https://github.com/rancher/rancher/releases/tag/v2.0.11)  |
-| [CVE-2018-20321](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20321) |  Any project member with access to the `default` namespace can mount the `netes-default` service account in a pod and then use that pod to execute administrative privileged commands against the Kubernetes cluster.  | 29 Jan 2019 | [Rancher v2.1.6](https://github.com/rancher/rancher/releases/tag/v2.1.6) and [Rancher v2.0.11](https://github.com/rancher/rancher/releases/tag/v2.0.11) - Rolling back from these versions or greater have specific [instructions]({{<baseurl>}}/rancher/v2.5/en/upgrades/rollbacks/).  |
+| [CVE-2018-20321](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20321) |  Any project member with access to the `default` namespace can mount the `netes-default` service account in a pod and then use that pod to execute administrative privileged commands against the Kubernetes cluster.  | 29 Jan 2019 | [Rancher v2.1.6](https://github.com/rancher/rancher/releases/tag/v2.1.6) and [Rancher v2.0.11](https://github.com/rancher/rancher/releases/tag/v2.0.11) - Rolling back from these versions or greater have specific [instructions]({{<baseurl>}}/rancher/v2.5/en/installation/install-rancher-on-k8s/rollbacks).  |
@@ -81,7 +81,7 @@ The following are the options for the stats command:

 # Remove

->**Warning:** This command will remove data from your etcd nodes. Make sure you have created a [backup of etcd]({{<baseurl>}}/rancher/v2.5/en/backups/backups) before executing the command.
+>**Warning:** This command will remove data from your etcd nodes. Make sure you have created a [backup of etcd]({{<baseurl>}}/rancher/v2.5/en/backups/rancher-backups) before executing the command.

 When you install Rancher on a Kubernetes cluster, it will create Kubernetes resources to run and to store configuration data. If you want to remove Rancher from your cluster, you can use the `remove` subcommand to remove the Kubernetes resources. When you use the `remove` subcommand, the following resources will be removed:

@@ -101,7 +101,7 @@ When you install Rancher on a Kubernetes cluster, it will create Kubernetes reso

 When you run the command below, all the resources listed [above](#remove) will be removed from the cluster.

->**Warning:** This command will remove data from your etcd nodes. Make sure you have created a [backup of etcd]({{<baseurl>}}/rancher/v2.5/en/backups/backups) before executing the command.
+>**Warning:** This command will remove data from your etcd nodes. Make sure you have created a [backup of etcd]({{<baseurl>}}/rancher/v2.5/en/backups/rancher-backups) before executing the command.

 ```
 ./system-tools remove --kubeconfig <KUBECONFIG> --namespace <NAMESPACE>
@@ -47,4 +47,4 @@ For more information on how metadata works and how to configure metadata config,

 ## Enabling Experimental Features

-Rancher includes some features that are experimental and disabled by default. Feature flags were introduced to allow you to try these features. For more information, refer to the section about [feature flags.]({{<baseurl>}}/rancher/v2.6/en/installation/options/feature-flags/)
+Rancher includes some features that are experimental and disabled by default. Feature flags were introduced to allow you to try these features. For more information, refer to the section about [feature flags.]({{<baseurl>}}/rancher/v2.6/en/installation/resources/feature-flags/)
@@ -84,7 +84,7 @@ Using the Unique ID of the service account key, register it as an Oauth Client u
 1. Get the Unique ID of the key you just created. If it's not displayed in the list of keys right next to the one you created, you will have to enable it. To enable it, click **Unique ID** and click **OK**. This will add a **Unique ID** column to the list of service account keys. Save the one listed for the service account you created. NOTE: This is a numeric key, not to be confused with the alphanumeric field **Key ID**.

 	![Service account Unique ID]({{<baseurl>}}/img/rancher/Google-Select-UniqueID-column.png)
-1. Go to the [**Manage OAuth Client Access** page.](https://admin.google.com/AdminHome?chromeless=1#OGX:ManageOauthClients)
+1. Go to the [**Domain-wide Delegation** page.](https://admin.google.com/ac/owl/domainwidedelegation)
 1. Add the Unique ID obtained in the previous step in the **Client Name** field.
 1. In the **One or More API Scopes** field, add the following scopes:
 	```
@@ -9,6 +9,8 @@ Cluster templates encompass both Kubernetes configuration and node pool configur
 - [RKE2 Cluster Template](#rke2-cluster-template)
 - [Adding a Cluster Template to Rancher](#adding-a-cluster-template-to-rancher)
 - [Creating a Cluster from a Cluster Template](#creating-a-cluster-from-a-cluster-template)
+- [Updating a Cluster Created from a Cluster Template](#updating-a-cluster-created-from-a-cluster-template)
+- [Deploying Clusters from a Template with Fleet](#deploying-clusters-from-a-template-with-fleet)
 - [Uninstalling Cluster Templates](#uninstalling-cluster-templates)
 - [Configuration Options](#configuration-options)

@@ -32,11 +34,16 @@ The example repository for an RKE2 cluster template is [here](https://github.com

 # Adding a Cluster Template to Rancher

-> **Prerequisite:** You will need permission to configure a Helm chart repository in Rancher.
+In this section, you'll learn how to add the cluster template to the `local` cluster's chart repo list. The result is that Rancher will include the cluster template as an option when users install new Kubernetes clusters.
+
+> **Prerequisites:**
+> 
+> - You will need permission to install Helm charts on the `local` Kubernetes cluster that Rancher is installed on.
+> - In order for the chart to appear in the form for creating new clusters, the chart must have the annotation `catalog.cattle.io/type: cluster-template`.

 1. Go to a cluster template example repository. Rancher's examples are in [this GitHub repository.](https://github.com/rancher/cluster-template-examples) As of Rancher v2.6.0, we provide an RKE2 cluster template and add to more in the future.
 1. Fork the repository.
-1. Optional: Edit the cluster options by editing the `values.yaml` file. For help editing the file, see the cluster template's Helm chart README. Note that in order for the chart to appear in the form for creating new clusters, the chart must have the annotation `catalog.cattle.io/type: cluster-template`.
+1. Optional: Edit the cluster options by editing the `values.yaml` file. For help editing the file, see the cluster template's Helm chart README.
 1. Add the chart repository to Rancher. Click **☰ > Cluster Management**.
 1. Go to the `local` cluster and click **Explore.**
 1. In the left navigation bar, click **Apps & Marketplace > Chart Repositories.**
@@ -54,15 +61,36 @@ The example repository for an RKE2 cluster template is [here](https://github.com
 > **Prerequisites:**
 >
 > - You will need permission to provision new Kubernetes clusters.
-> - You will need permission to install Helm charts on the `local` Kubernetes cluster that the Rancher management server is installed on.
-> -  In order to use a template as part of continuous delivery/GitOps, the cluster template needs to be deployed in the `fleet-local` namespace of the `local` cluster.
+> - You will need cloud credentials for provisioning infrastructure using the template.
 > - In order to show in the form for creating new clusters, the cluster template's Helm chart must have the `catalog.cattle.io/type: cluster-template` annotation.

+1. Click **☰ > Cluster Management**.
+1. On the **Clusters** page, click **Create.**
+1. Click the name of your cluster template.
+1. Finish installing the Helm chart.
+
+**Result:** After Rancher provisions the new cluster, it is managed in the same way as any other Rancher-launched Kubernetes cluster. You can configure any options through the UI if the cluster template has options for the user to choose from.
+
+# Updating a Cluster Created from a Cluster Template
+
+You can update any clusters using a template from the **Apps & Marketplace > Installed Apps** page, given there is a new version of a template being used by those clusters.
+
+# Deploying Clusters from a Template with Fleet
+
+> **Prerequisites:**
+>
+> - You will need permission to provision new Kubernetes clusters.
+> - You will need cloud credentials for provisioning infrastructure using the template.
+> - In order to show in the form for creating new clusters, the cluster template's Helm chart must have the `catalog.cattle.io/type:cluster-template` annotation.
+> - In order to use a template as part of continuous delivery/GitOps, the cluster template needs to be deployed in the `fleet-local` namespace of the `local` cluster.
+> - All values must be set in the `values.yaml` of the template.
+> - Fleet repositories must follow the guidelines on [this page.](http://fleet.rancher.io/gitrepo-structure/) For RKE2 cluster templates, that means a `fleet.yaml` file must be added to the repository.
+
 1. Click **☰ > Cluster Management**.
 1. On the **Clusters** page, click **Create.**
 1. Click **Create Cluster from Template.**

-**Result:** After Rancher provisions the new cluster, it is managed in the same way as any other Rancher-launched Kubernetes cluster.
+**Result:** After Rancher provisions the new cluster, it is managed by Fleet.

 # Uninstalling Cluster Templates

@@ -73,6 +101,8 @@ The example repository for an RKE2 cluster template is [here](https://github.com

 **Result:** The cluster template is uninstalled. This action does not affect clusters created with the cluster template.

+An admin with access to the `local` cluster can also remove a cluster deployed via cluster templates through the **Apps & Marketplace > Installed Apps** page.
+
 # Configuration Options

 Cluster templates are flexible enough that they can be used to configure all of the following options:
@@ -9,7 +9,7 @@ There are two main ways to set up private registries in Rancher: by setting up t

 This section is about configuring the global default private registry, and focuses on how to configure the registry from the Rancher UI after Rancher is installed.

-For instructions on setting up a private registry with command line options during the installation of Rancher, refer to the [air gapped Docker installation]({{<baseurl>}}/rancher/v2.6/en/installation/air-gap-single-node) or [air gapped Kubernetes installation]({{<baseurl>}}/rancher/v2.6/en/installation/air-gap-high-availability) instructions.
+For instructions on setting up a private registry with command line options during the installation of Rancher, refer to the [air gapped installation guide]({{<baseurl>}}/rancher/v2.6/en/installation/other-installation-methods/air-gap).

 If your private registry requires credentials, it cannot be used as the default registry. There is no global way to set up a private registry with authorization for every Rancher-provisioned cluster. Therefore, if you want a Rancher-provisioned cluster to pull images from a private registry with credentials, you will have to [pass in the registry credentials through the advanced cluster options](#setting-a-private-registry-with-credentials-when-deploying-a-cluster) every time you create a new cluster.

@@ -102,7 +102,7 @@ You can [save the configuration of an existing cluster as an RKE template.]({{<b

 RKE templates are designed to standardize Kubernetes and Rancher settings. If you want to standardize your infrastructure as well, one option is to use RKE templates [in conjunction with other tools]({{<baseurl>}}/rancher/v2.6/en/admin-settings/rke-templates/rke-templates-and-hardware).

-Another option is to use [cluster templates,](../../cluster-templates) which include node pool configuration options, but don't provide configuration enforcement. For details on the differences between cluster templates and RKE templates, see [this page.](../../cluster-templates/template-differences)
+Another option is to use [cluster templates,]({{<baseurl>}}/rancher/v2.6/en/admin-settings/cluster-templates) which include node pool configuration options, but don't provide configuration enforcement.

 # YAML Customization

@@ -3,7 +3,7 @@ title: Backing up Rancher
 weight: 1
 ---

-In this section, you'll learn how to back up Rancher running on any Kubernetes cluster. To backup Rancher installed with Docker, refer the instructions for [single node backups]({{<baseurl>}}/rancher/v2.6/en/backups/v2.5/docker-installs/docker-backups)
+In this section, you'll learn how to back up Rancher running on any Kubernetes cluster. To backup Rancher installed with Docker, refer the instructions for [single node backups]({{<baseurl>}}/rancher/v2.6/en/backups/docker-installs/docker-backups)

 The backup-restore operator needs to be installed in the local cluster, and only backs up the Rancher app. The backup and restore operations are performed only in the local Kubernetes cluster.

@@ -26,7 +26,7 @@ You can choose to not have any operator-level storage location configured. If yo

 | Parameter | Description |
 | -------------- | -------------- |
-| Credential Secret | Choose the credentials for S3 from your secrets in Rancher. [Example]({{<baseurl>}}/rancher/v2.6/en/backups/v2.5/examples/#example-credential-secret-for-storing-backups-in-s3). |
+| Credential Secret | Choose the credentials for S3 from your secrets in Rancher. [Example]({{<baseurl>}}/rancher/v2.6/en/backups/examples/#example-credential-secret-for-storing-backups-in-s3). |
 | Bucket Name | Enter the name of the [S3 bucket](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html) where the backups will be stored. Default: `rancherbackups`. |
 | Region | The [AWS region](https://aws.amazon.com/about-aws/global-infrastructure/regions_az/) where the S3 bucket is located. |
 | Folder | The [folder in the S3 bucket](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/using-folders.html) where the backups will be stored. |
@@ -4,7 +4,6 @@ shortTitle: Backups
 weight: 3
 ---

-
 After completing your Docker installation of Rancher, we recommend creating backups of it on a regular basis. Having a recent backup will let you recover quickly from an unexpected disaster.

 ## Before You Start
@@ -68,4 +67,4 @@ This procedure creates a backup that you can restore if Rancher encounters a dis
    docker start <RANCHER_CONTAINER_NAME>
    ```

-**Result:** A backup tarball of your Rancher Server data is created. See [Restoring Backups: Docker Installs]({{<baseurl>}}/rancher/v2.6/en/backups/restorations/single-node-restoration) if you need to restore backup data.
+**Result:** A backup tarball of your Rancher Server data is created. See [Restoring Backups: Docker Installs]({{<baseurl>}}/rancher/v2.6/en/backups/docker-installs/docker-restores) if you need to restore backup data.
@@ -35,7 +35,7 @@ You can obtain `<RANCHER_CONTAINER_TAG>` and `<RANCHER_CONTAINER_NAME>` by loggi

 ## Restoring Backups

-Using a [backup]({{<baseurl>}}/rancher/v2.6/en/backups/backups/single-node-backups/) that you created earlier, restore Rancher to its last known healthy state.
+Using a [backup]({{<baseurl>}}/rancher/v2.6/en/backups/docker-installs/docker-backups) that you created earlier, restore Rancher to its last known healthy state.

 1. Using a remote Terminal connection, log into the node running your Rancher Server.

@@ -44,9 +44,9 @@ Using a [backup]({{<baseurl>}}/rancher/v2.6/en/backups/backups/single-node-backu
    ```
    docker stop <RANCHER_CONTAINER_NAME>
    ```
-1. Move the backup tarball that you created during completion of [Creating Backups—Docker Installs]({{<baseurl>}}/rancher/v2.6/en/backups/backups/single-node-backups/) onto your Rancher Server. Change to the directory that you moved it to. Enter `dir` to confirm that it's there.
+1. Move the backup tarball that you created during completion of [Creating Backups—Docker Installs]({{<baseurl>}}/rancher/v2.6/en/backups/docker-installs/docker-backups) onto your Rancher Server. Change to the directory that you moved it to. Enter `dir` to confirm that it's there.

-    If you followed the naming convention we suggested in [Creating Backups—Docker Installs]({{<baseurl>}}/rancher/v2.6/en/backups/backups/single-node-backups/), it will have a name similar to  `rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz`.
+    If you followed the naming convention we suggested in [Creating Backups—Docker Installs]({{<baseurl>}}/rancher/v2.6/en/backups/docker-installs/docker-backups/), it will have a name similar to  `rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz`.

 1. Enter the following command to delete your current state data and replace it with your backup data, replacing the placeholders. Don't forget to close the quotes.

@@ -95,7 +95,7 @@ Sometimes it is useful to monitor workloads from the outside. For this, you can

 If you have a (micro)service architecture where multiple individual workloads within your cluster are communicating with each other, it is really important to have detailed metrics and traces about this traffic to understand how all these workloads are communicating with each other and where a problem or bottleneck may be.

-Of course you can monitor all this internal traffic in all your workloads and expose these metrics to Prometheus. But this can quickly become quite work intensive. Service Meshes like Istio, which can be installed with [a click](https://rancher.com/docs/rancher/v2.6/en/cluster-admin/tools/istio/) in Rancher, can do this automatically and provide rich telemetry about the traffic between all services.
+Of course you can monitor all this internal traffic in all your workloads and expose these metrics to Prometheus. But this can quickly become quite work intensive. Service Meshes like Istio, which can be installed with [a click](https://rancher.com/docs/rancher/v2.6/en/istio/) in Rancher, can do this automatically and provide rich telemetry about the traffic between all services.

 # Real User Monitoring

@@ -103,7 +103,7 @@ Monitoring the availability and performance of all your internal workloads is vi

 # Security Monitoring

-In addition to monitoring workloads to detect performance, availability or scalability problems, the cluster and the workloads running into it should also be monitored for potential security problems. A good starting point is to frequently run and alert on [CIS Scans]({{<baseurl>}}/rancher/v2.6/en/cis-scans/v2.5/) which check if the cluster is configured according to security best practices.
+In addition to monitoring workloads to detect performance, availability or scalability problems, the cluster and the workloads running into it should also be monitored for potential security problems. A good starting point is to frequently run and alert on [CIS Scans]({{<baseurl>}}/rancher/v2.6/en/cis-scans/) which check if the cluster is configured according to security best practices.

 For the workloads, you can have a look at Kubernetes and Container security solutions like [Falko](https://falco.org/), [Aqua Kubernetes Security](https://www.aquasec.com/solutions/kubernetes-container-security/), [SysDig](https://sysdig.com/).

@@ -117,4 +117,4 @@ When setting up alerts, configure them for all the workloads that are critical t

 If an alert starts firing, but there is nothing you can do about it at the moment, it's also fine to silence the alert for a certain amount of time, so that you can look at it later.

-You can find more information on how to set up alerts and notification channels in the [Rancher Documentation]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/v2.5).
+You can find more information on how to set up alerts and notification channels in the [Rancher Documentation]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting).
@@ -33,5 +33,5 @@ However, metrics-driven capacity planning analysis should be the ultimate guidan

 Using Rancher, you can monitor the state and processes of your cluster nodes, Kubernetes components, and software deployments through integration with Prometheus, a leading open-source monitoring solution, and Grafana, which lets you visualize the metrics from Prometheus. 

-After you [enable monitoring]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/legacy/monitoring/cluster-monitoring/) in the cluster, you can set up [a notification channel]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/tools/notifiers/) and [cluster alerts]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/tools/alerts/) to let you know if your cluster is approaching its capacity. You can also use the Prometheus and Grafana monitoring framework to establish a baseline for key metrics as you scale.
+After you [enable monitoring]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting) in the cluster, you can set up alerts to let you know if your cluster is approaching its capacity. You can also use the Prometheus and Grafana monitoring framework to establish a baseline for key metrics as you scale.

@@ -232,9 +232,9 @@ Alerts can be configured to be sent out for a scan that runs on a schedule.

 > **Prerequisite:** 
 >
-> Before enabling alerts for `rancher-cis-benchmark`, make sure to install the `rancher-monitoring` application and configure the Receivers and Routes. For more information, see [this section.]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/v2.5/configuration/alertmanager/)
+> Before enabling alerts for `rancher-cis-benchmark`, make sure to install the `rancher-monitoring` application and configure the Receivers and Routes. For more information, see [this section.]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/configuration)
 >
-> While configuring the routes for `rancher-cis-benchmark` alerts, you can specify the matching using the key-value pair `job: rancher-cis-scan`. An example route configuration is [here.]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/v2.5/configuration/alertmanager/#example-route-config-for-cis-scan-alerts)
+> While configuring the routes for `rancher-cis-benchmark` alerts, you can specify the matching using the key-value pair `job: rancher-cis-scan`. An example route configuration is [here.]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/configuration/receiver/#example-route-config-for-cis-scan-alerts)

 While installing or upgrading the `rancher-cis-benchmark` Helm chart, set the following flag to `true` in the `values.yaml`:

@@ -258,9 +258,9 @@ The CIS Benchmark application supports two types of alerts:

 > **Prerequisite:** 
 >
-> Before enabling alerts for `rancher-cis-benchmark`, make sure to install the `rancher-monitoring` application and configure the Receivers and Routes. For more information, see [this section.]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/v2.5/configuration/alertmanager/)
+> Before enabling alerts for `rancher-cis-benchmark`, make sure to install the `rancher-monitoring` application and configure the Receivers and Routes. For more information, see [this section.]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/configuration)
 >
-> While configuring the routes for `rancher-cis-benchmark` alerts, you can specify the matching using the key-value pair `job: rancher-cis-scan`. An example route configuration is [here.]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/v2.5/configuration/alertmanager/#example-route-config-for-cis-scan-alerts)
+> While configuring the routes for `rancher-cis-benchmark` alerts, you can specify the matching using the key-value pair `job: rancher-cis-scan`. An example route configuration is [here.]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/configuration/receiver/#example-route-config-for-cis-scan-alerts)

 To configure alerts for a scan that runs on a schedule,

@@ -31,7 +31,7 @@ If Rancher Server uses a self-signed certificate, Rancher CLI prompts you to con

 ### Project Selection

-Before you can perform any commands, you must select a Rancher project to perform those commands against. To select a [project]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/projects-and-namespaces/) to work on, use the command `./rancher context switch`. When you enter this command, a list of available projects displays. Enter a number to choose your project.
+Before you can perform any commands, you must select a Rancher project to perform those commands against. To select a [project]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/projects-and-namespaces/) to work on, use the command `./rancher context switch`. When you enter this command, a list of available projects displays. Enter a number to choose your project.

 **Example: `./rancher context switch` Output**
 ```
@@ -58,15 +58,15 @@ The following commands are available for use in Rancher CLI.
 | Command  | Result  |
 |---|---|
 | `apps, [app]`  | Performs operations on catalog applications (i.e. individual [Helm charts](https://docs.helm.sh/developing_charts/) or Rancher charts.  |
-| `catalog`  | Performs operations on [catalogs]({{<baseurl>}}/rancher/v2.6/en/catalog/).  |
+| `catalog`  | Performs operations on [catalogs]({{<baseurl>}}/rancher/v2.6/en/helm-charts/).  |
 | `clusters, [cluster]`  | Performs operations on your [clusters]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/).  |
-| `context`  | Switches between Rancher [projects]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/projects-and-namespaces/). For an example, see [Project Selection](#project-selection).  |
-| `inspect [OPTIONS] [RESOURCEID RESOURCENAME]`  | Displays details about [Kubernetes resources](https://kubernetes.io/docs/reference/kubectl/cheatsheet/#resource-types) or Rancher resources (i.e.: [projects]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/projects-and-namespaces/) and [workloads]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/workloads/)). Specify resources by name or ID.  |
+| `context`  | Switches between Rancher [projects]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/projects-and-namespaces/). For an example, see [Project Selection](#project-selection).  |
+| `inspect [OPTIONS] [RESOURCEID RESOURCENAME]`  | Displays details about [Kubernetes resources](https://kubernetes.io/docs/reference/kubectl/cheatsheet/#resource-types) or Rancher resources (i.e.: [projects]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/projects-and-namespaces/) and [workloads]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/workloads/)). Specify resources by name or ID.  |
 | `kubectl`  |Runs [kubectl commands](https://kubernetes.io/docs/reference/kubectl/overview/#operations).   |
 | `login, [l]`  | Logs into a Rancher Server. For an example, see [CLI Authentication](#cli-authentication).  |
 | `namespaces, [namespace]`  |Performs operations on namespaces.   |
 | `nodes, [node]`  |Performs operations on nodes.   |
-| `projects, [project]`  | Performs operations on [projects]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/projects-and-namespaces/).  |
+| `projects, [project]`  | Performs operations on [projects]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/projects-and-namespaces/).  |
 | `ps`  | Displays [workloads]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/workloads) in a project.  |
 | `settings, [setting]`  | Shows the current settings for your Rancher Server.  |
 | `ssh`  | Connects to one of your cluster nodes using the SSH protocol.  |
@@ -30,4 +30,4 @@ Rancher contains a variety of tools that aren't included in Kubernetes to assist
 - Istio Service Mesh
 - OPA Gatekeeper

-For more information, see [Tools]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/tools/)
+Tools can be installed through **Apps & Marketplace.**
@@ -20,7 +20,7 @@ Rancher provides an intuitive user interface for interacting with your clusters.

 You can use the Kubernetes command-line tool, [kubectl](https://kubernetes.io/docs/reference/kubectl/overview/), to manage   your clusters. You have two options for using kubectl:

- **Rancher kubectl shell:** Interact with your clusters by launching a kubectl shell available in the Rancher UI. This option requires no configuration actions on your part. For more information, see [Accessing Clusters with kubectl Shell]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/kubectl/).
+- **Rancher kubectl shell:** Interact with your clusters by launching a kubectl shell available in the Rancher UI. This option requires no configuration actions on your part. For more information, see [Accessing Clusters with kubectl Shell]({{<baseurl>}}/rancher/v2.6/en/cluster-access/kubectl/).
 - **Terminal remote connection:** You can also interact with your clusters by installing [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) on your local desktop and then copying the cluster's kubeconfig file to your local `~/.kube/config` directory. For more information, see [Accessing Clusters with kubectl and a kubeconfig File](./kubectl/).

 ### Rancher CLI
@@ -13,7 +13,7 @@ This kubeconfig file and its contents are specific to the cluster you are viewin

 After you download the kubeconfig file, you will be able to use the kubeconfig file and its Kubernetes [contexts](https://kubernetes.io/docs/reference/kubectl/cheatsheet/#kubectl-context-and-configuration) to access your downstream cluster.

-If admins have [enforced TTL on kubeconfig tokens]({{<baseurl>}}/rancher/v2.6/en/api/api-tokens/#setting-ttl-on-kubeconfig-tokens), the kubeconfig file requires [rancher cli](../cli) to be present in your PATH. 
+If admins have [enforced TTL on kubeconfig tokens]({{<baseurl>}}/rancher/v2.6/en/api/api-tokens/#setting-ttl-on-kubeconfig-tokens), the kubeconfig file requires [rancher cli]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/cluster-access/ace) to be present in your PATH. 


 ### Two Authentication Methods for RKE Clusters
@@ -5,7 +5,7 @@ weight: 2020

 If you want to provide a user with access and permissions to _all_ projects, nodes, and resources within a cluster, assign the user a cluster membership.

->**Tip:** Want to provide a user with access to a _specific_ project within a cluster? See [Adding Project Members]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/projects-and-namespaces/project-members/) instead.
+>**Tip:** Want to provide a user with access to a _specific_ project within a cluster? See [Adding Project Members]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/projects-and-namespaces/project-members/) instead.

 There are two contexts where you can add cluster members:

@@ -19,7 +19,7 @@ Rancher can configure member roles for AKS clusters in the same way as any other

 # Cloud Credentials

-> The configuration information in this section assumes you have already set up a service principal for Rancher. For step-by-step instructions for how to set up the service principal, see [this section.]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-cluster/aks/#prerequisites-in-microsoft-azure)
+> The configuration information in this section assumes you have already set up a service principal for Rancher. For step-by-step instructions for how to set up the service principal, see [this section.]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/aks/#prerequisites-in-microsoft-azure)

 ### Tenant ID

@@ -169,6 +169,8 @@ The first way to ensure that Rancher is running on the same [NAT](https://docs.m

 The second way is to run a command to register the cluster with Rancher. Once the cluster is provisioned, you can run the displayed command anywhere you can connect to the cluster’s Kubernetes API. This command is displayed in a pop-up when you provision an AKS cluster with a private API endpoint enabled.

+> **Note:** Please be aware that when registering an existing AKS cluster, the cluster might take some time, possibly hours, to appear in the `Cluster To register` dropdown list. This outcome will be based on region.
+
 For more information about connecting to an AKS private cluster, see the [AKS documentation.](https://docs.microsoft.com/en-us/azure/aks/private-clusters#options-for-connecting-to-the-private-cluster)

 # Node Pools
@@ -110,7 +110,7 @@ Project network isolation is available if you are using any RKE network plugin t

 ### Kubernetes Cloud Providers

-You can configure a [Kubernetes cloud provider]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/options/cloud-providers). If you want to use dynamically provisioned [volumes and storage]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/volumes-and-storage/) in Kubernetes, typically you must select the specific cloud provider in order to use it. For example, if you want to use Amazon EBS, you would need to select the `aws` cloud provider.
+You can configure a [Kubernetes cloud provider]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/cloud-providers). If you want to use dynamically provisioned [volumes and storage]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/volumes-and-storage/) in Kubernetes, typically you must select the specific cloud provider in order to use it. For example, if you want to use Amazon EBS, you would need to select the `aws` cloud provider.

 >**Note:** If the cloud provider you want to use is not listed as an option, you will need to use the [config file option](#cluster-config-file) to configure the cloud provider. Please reference the [RKE cloud provider documentation]({{<baseurl>}}/rke/latest/en/config-options/cloud-providers/) on how to configure the cloud provider.

@@ -127,7 +127,9 @@ The private registry configuration option tells Rancher where to pull the [syste
 - **System images** are components needed to maintain the Kubernetes cluster.
 - **Add-ons** are used to deploy several cluster components, including network plug-ins, the ingress controller, the DNS provider, or the metrics server.

-See the [RKE documentation on private registries]({{<baseurl>}}/rke/latest/en/config-options/private-registries/) for more information on the private registry for components applied during the provisioning of the cluster.
+For more information on setting up a private registry for components applied during the provisioning of the cluster, see the [RKE documentation on private registries]({{<baseurl>}}/rke/latest/en/config-options/private-registries/). 
+
+Rancher v2.6 introduced the ability to configure [ECR registries for RKE clusters]({{<baseurl>}}/rke/latest/en/config-options/private-registries/#amazon-elastic-container-registry-ecr-private-registry-setup).

 ### Authorized Cluster Endpoint

@@ -321,7 +323,7 @@ See [Docker Root Directory](#docker-root-directory).

 ### enable_cluster_monitoring

-Option to enable or disable [Cluster Monitoring]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/legacy/monitoring/cluster-monitoring/).
+Option to enable or disable [Cluster Monitoring]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/).

 ### enable_network_policy

@@ -41,7 +41,7 @@ For more details on the different networking providers and how to configure them

 #### Cloud Provider

-You can configure a [Kubernetes cloud provider]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/options/cloud-providers). If you want to use dynamically provisioned [volumes and storage]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/volumes-and-storage/) in Kubernetes, typically you must select the specific cloud provider in order to use it. For example, if you want to use Amazon EBS, you would need to select the `aws` cloud provider.
+You can configure a [Kubernetes cloud provider]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/cloud-providers). If you want to use dynamically provisioned [volumes and storage]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/volumes-and-storage/) in Kubernetes, typically you must select the specific cloud provider in order to use it. For example, if you want to use Amazon EBS, you would need to select the `aws` cloud provider.

 >**Note:** If the cloud provider you want to use is not listed as an option, you will need to use the [config file option](#cluster-config-file) to configure the cloud provider. Please reference [this documentation]({{<baseurl>}}/rke/latest/en/config-options/cloud-providers/) on how to configure the cloud provider.

@@ -5,7 +5,7 @@ weight: 2030

 After you launch a Kubernetes cluster in Rancher, you can manage individual nodes from the cluster's **Node** tab. Depending on the [option used]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/) to provision the cluster, there are different node options available.

-> If you want to manage the _cluster_ and not individual nodes, see [Editing Clusters]({{< baseurl >}}/rancher/v2.6/en/k8s-in-rancher/editing-clusters).
+> If you want to manage the _cluster_ and not individual nodes, see [Editing Clusters]({{< baseurl >}}/rancher/v2.6/en/cluster-admin/editing-clusters).

 This section covers the following topics:

@@ -70,7 +70,7 @@ In the base version of Kubernetes, features like role-based access rights or clu

 You can use projects to perform actions such as:

- Assign users to a group of namespaces (i.e., [project membership]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/projects-and-namespaces/project-members)).
+- Assign users to a group of namespaces (i.e., [project membership]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/projects-and-namespaces/project-members)).
 - Assign users specific roles in a project. A role can be owner, member, read-only, or [custom]({{<baseurl>}}/rancher/v2.6/en/admin-settings/rbac/default-custom-roles/).
 - Assign resources to the project.
 - Assign Pod Security Policies.
@@ -160,12 +160,12 @@ To add members:

 ### 4. Optional: Add Resource Quotas

-Resource quotas limit the resources that a project (and its namespaces) can consume. For more information, see [Resource Quotas]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/projects-and-namespaces/resource-quotas).
+Resource quotas limit the resources that a project (and its namespaces) can consume. For more information, see [Resource Quotas]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/projects-and-namespaces/resource-quotas).

 To add a resource quota,

 1. In the **Resource Quotas** tab, click **Add Resource**.
-1. Select a **Resource Type**. For more information, see [Resource Quotas.]({{<baseurl>}}/rancher/v2.6/en/k8s-in-rancher/projects-and-namespaces/resource-quotas/).
+1. Select a **Resource Type**. For more information, see [Resource Quotas.]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/projects-and-namespaces/resource-quotas/).
 1. Enter values for the **Project Limit** and the **Namespace Default Limit**.
 1. **Optional:** Specify **Container Default Resource Limit**, which will be applied to every container started in the project. The parameter is recommended if you have CPU or Memory limits set by the Resource Quota. It can be overridden on per an individual namespace or a container level. For more information, see [Container Default Resource Limit]({{<baseurl>}}/rancher/v2.6/en/project-admin/resource-quotas/)
 1. Click **Create**.
@@ -74,7 +74,7 @@ If the group of etcd nodes loses quorum, the Kubernetes cluster will report a fa

 5. Run the revised command.

-6. After the single nodes is up and running, Rancher recommends adding additional etcd nodes to your cluster. If you have a [custom cluster]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/custom-nodes) and you want to reuse an old node, you are required to [clean up the nodes]({{<baseurl>}}/rancher/v2.6/en/faq/cleaning-cluster-nodes/) before attempting to add them back into a cluster.  
+6. After the single nodes is up and running, Rancher recommends adding additional etcd nodes to your cluster. If you have a [custom cluster]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/custom-nodes) and you want to reuse an old node, you are required to [clean up the nodes]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/cleaning-cluster-nodes/) before attempting to add them back into a cluster.  

 # Enabling Snapshot Features for Clusters Created Before Rancher v2.2.0

@@ -13,7 +13,7 @@ To set up persistent storage, the `Manage Volumes` [role]({{<baseurl>}}/rancher/

 If you are provisioning storage for a cluster hosted in the cloud, the storage and cluster hosts must have the same cloud provider.

-For provisioning new storage with Rancher, the cloud provider must be enabled. For details on enabling cloud providers, refer to [this page.]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/options/cloud-providers/)
+For provisioning new storage with Rancher, the cloud provider must be enabled. For details on enabling cloud providers, refer to [this page.]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/cloud-providers/)

 For attaching existing persistent storage to a cluster, the cloud provider does not need to be enabled.

@@ -20,7 +20,7 @@ To provision new storage for your workloads, follow these steps:

 - To set up persistent storage, the `Manage Volumes` [role]({{<baseurl>}}/rancher/v2.6/en/admin-settings/rbac/cluster-project-roles/#project-role-reference) is required.
 - If you are provisioning storage for a cluster hosted in the cloud, the storage and cluster hosts must have the same cloud provider.
- The cloud provider must be enabled. For details on enabling cloud providers, refer to [this page.]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/options/cloud-providers/)
+- The cloud provider must be enabled. For details on enabling cloud providers, refer to [this page.]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/cloud-providers/)
 - Make sure your storage provisioner is available to be enabled.

 The following storage provisioners are enabled by default:
@@ -37,7 +37,7 @@ Local | `local`
 Network File System | `nfs`
 hostPath | `host-path`

-To use a storage provisioner that is not on the above list, you will need to use a [feature flag to enable unsupported storage drivers.]({{<baseurl>}}/rancher/v2.6/en/installation/options/feature-flags/enable-not-default-storage-drivers/)
+To use a storage provisioner that is not on the above list, you will need to use a [feature flag to enable unsupported storage drivers.]({{<baseurl>}}/rancher/v2.6/en/installation/resources/feature-flags/enable-not-default-storage-drivers/)

 ### 1. Add a storage class and configure it to use your storage

@@ -11,18 +11,18 @@ headless: true
 | [Managing Nodes]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/nodes) | ✓ | ✓ | ✓ | ✓<sup>3</sup> |
 | [Managing Persistent Volumes and Storage Classes]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/volumes-and-storage/) | ✓ | ✓ | ✓ | ✓ |
 | [Managing Projects, Namespaces and Workloads]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/projects-and-namespaces/) | ✓ | ✓ | ✓ | ✓ |
-| [Using App Catalogs]({{<baseurl>}}/rancher/v2.6/en/catalog/) | ✓ | ✓ | ✓ | ✓ |
-| [Configuring Tools (Alerts, Notifiers, Logging, Monitoring, Istio)]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/tools/) | ✓ | ✓ | ✓ | ✓ |
+| [Using App Catalogs]({{<baseurl>}}/rancher/v2.6/en/helm-charts/) | ✓ | ✓ | ✓ | ✓ |
+| Configuring Tools (Alerts, Notifiers, Logging, Monitoring, Istio) | ✓ | ✓ | ✓ | ✓ |
 | [Running Security Scans]({{<baseurl>}}/rancher/v2.6/en/security/security-scan/) | ✓ | ✓ | ✓ | ✓ |
 | [Use existing configuration to create additional clusters]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/cloning-clusters/)| ✓ | ✓ | ✓ | |
 | [Ability to rotate certificates]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/certificate-rotation/) | ✓ | ✓  |  | |
-| [Ability to [backup]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/backing-up-etcd/) and [restore]({{<baseurl>}}/rancher/v2.5/en/cluster-admin/restoring-etcd/) Rancher-launched clusters | ✓ | ✓ |  | ✓<sup>4</sup> |
+| [Ability to [backup]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/backing-up-etcd/) and [restore]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/restoring-etcd/) Rancher-launched clusters | ✓ | ✓ |  | ✓<sup>4</sup> |
 | [Cleaning Kubernetes components when clusters are no longer reachable from Rancher]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/cleaning-cluster-nodes/) | ✓ | | | |
 | [Configuring Pod Security Policies]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/pod-security-policy/) | ✓ | ✓ |  ||

-1. Registered GKE and EKS clusters have the same options available as GKE and EKS clusters created from the Rancher UI. The  difference is that when a registered cluster is deleted from the Rancher UI, [it is not destroyed.]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/registered-clusters/#additional-features-for-registered-eks-and-gke-clusters)
+1. Registered GKE and EKS clusters have the same options available as GKE and EKS clusters created from the Rancher UI. The  difference is that when a registered cluster is deleted from the Rancher UI, it is not destroyed.

-2. Cluster configuration options can't be edited for registered clusters, except for [K3s and RKE2 clusters.]({{<baseurl>}}/rancher/v2.5/en/cluster-provisioning/imported-clusters/)
+2. Cluster configuration options can't be edited for registered clusters, except for [K3s and RKE2 clusters.]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/registered-clusters/)

 3. For registered cluster nodes, the Rancher UI exposes the ability to cordon, drain, and edit the node.

@@ -144,6 +144,8 @@ The first way to ensure that Rancher is running on the same [NAT](https://docs.m

 The second way is to run a command to register the cluster with Rancher. Once the cluster is provisioned, you can run the displayed command anywhere you can connect to the cluster’s Kubernetes API. This command is displayed in a pop-up when you provision an AKS cluster with a private API endpoint enabled.

+> **Note:** Please be aware that when registering an existing AKS cluster, the cluster might take some time, possibly hours, to appear in the `Cluster To register` dropdown list. This outcome will be based on region. 
+
 For more information about connecting to an AKS private cluster, see the [AKS documentation.](https://docs.microsoft.com/en-us/azure/aks/private-clusters#options-for-connecting-to-the-private-cluster)

 # Syncing
@@ -64,7 +64,7 @@ Use Rancher to set up and configure your Kubernetes cluster.
 1. Optional: Use **Member Roles** to configure user authorization for the cluster. Click **Add Member** to add users that can access the cluster. Use the **Role** drop-down to set permissions for each user.
 1. Optional: Add Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) or [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to the cluster.
 1. Enter your Google project ID and your Google cloud credentials.
-1. Fill out the rest of the form. For help, refer to the [GKE cluster configuration reference.](./config-reference)
+1. Fill out the rest of the form. For help, refer to the [GKE cluster configuration reference.]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/editing-clusters/gke-config-reference)
 1. Click **Create**.

 **Result:** You have successfully deployed a GKE cluster.
@@ -3,9 +3,9 @@ title: Node Requirements for Rancher Managed Clusters
 weight: 1
 ---

-This page describes the requirements for the Rancher managed Kubernetes clusters where your apps and services will be installed. These downstream clusters should be separate from the cluster (or single node) running Rancher.
+This page describes the requirements for the Rancher managed Kubernetes clusters where your apps and services will be installed. These downstream clusters should be separate from the three-node cluster running Rancher.

-> If Rancher is installed on a high-availability Kubernetes cluster, the Rancher server cluster and downstream clusters have different requirements. For Rancher installation requirements, refer to the node requirements in the [installation section.]({{<baseurl>}}/rancher/v2.6/en/installation/requirements/)
+> If Rancher is installed on a high-availability Kubernetes cluster, the Rancher server three-node cluster and downstream clusters have different requirements. For Rancher installation requirements, refer to the node requirements in the [installation section.]({{<baseurl>}}/rancher/v2.6/en/installation/requirements/)

 Make sure the nodes for the Rancher server fulfill the following requirements:

@@ -22,7 +22,7 @@ For details on which OS and Docker versions were tested with each Rancher versio

 All supported operating systems are 64-bit x86.

-If you plan to use ARM64, see [Running on ARM64 (Experimental).]({{<baseurl>}}/rancher/v2.6/en/installation/options/arm64-platform/)
+If you plan to use ARM64, see [Running on ARM64 (Experimental).]({{<baseurl>}}/rancher/v2.6/en/installation/resources/advanced/arm64-platform/)

 For information on how to install Docker, refer to the official [Docker documentation.](https://docs.docker.com/)

@@ -47,4 +47,4 @@ number of nodes for each Kubernetes role, refer to the section on [recommended a
 ### Networking

 * Minimize network latency. Rancher recommends minimizing latency between the etcd nodes. The default setting for `heartbeat-interval` is `500`, and the default setting for `election-timeout` is `5000`. These [settings for etcd tuning](https://coreos.com/etcd/docs/latest/tuning.html) allow etcd to run in most networks (except really high latency networks).
-* Cluster nodes should be located within a single region. Most cloud providers provide multiple availability zones within a region, which can be used to create higher availability for your cluster. Using multiple availability zones is fine for nodes with any role. If you are using [Kubernetes Cloud Provider]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/options/cloud-providers/) resources, consult the documentation for any restrictions (i.e. zone storage restrictions).
+* Cluster nodes should be located within a single region. Most cloud providers provide multiple availability zones within a region, which can be used to create higher availability for your cluster. Using multiple availability zones is fine for nodes with any role. If you are using [Kubernetes Cloud Provider]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/cloud-providers/) resources, consult the documentation for any restrictions (i.e. zone storage restrictions).
@@ -86,9 +86,9 @@ The control that Rancher has to manage a registered cluster depends on the type
 After registering a cluster, the cluster owner can:

 - [Manage cluster access]({{<baseurl>}}/rancher/v2.6/en/admin-settings/rbac/cluster-project-roles/) through role-based access control
- Enable [monitoring, alerts and notifiers]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/v2.5/)
- Enable [logging]({{<baseurl>}}/rancher/v2.6/en/logging/v2.5/)
- Enable [Istio]({{<baseurl>}}/rancher/v2.6/en/istio/v2.5/)
+- Enable [monitoring, alerts and notifiers]({{<baseurl>}}/rancher/v2.6/en/monitoring-alerting/)
+- Enable [logging]({{<baseurl>}}/rancher/v2.6/en/logging/)
+- Enable [Istio]({{<baseurl>}}/rancher/v2.6/en/istio/)
 - Use [pipelines]({{<baseurl>}}/rancher/v2.6/en/project-admin/pipelines/)
 - Manage projects and workloads

@@ -51,6 +51,6 @@ For more information, refer to the section on [launching Kubernetes on new nodes

 In this scenario, you want to install Kubernetes on bare-metal servers, on-prem virtual machines, or virtual machines that already exist in a cloud provider. With this option, you will run a Rancher agent Docker container on the machine.

-If you want to reuse a node from a previous custom cluster, [clean the node]({{<baseurl>}}/rancher/v2.6/en/admin-settings/removing-rancher/rancher-cluster-nodes/) before using it in a cluster again. If you reuse a node that hasn't been cleaned, cluster provisioning may fail.
+If you want to reuse a node from a previous custom cluster, [clean the node]({{<baseurl>}}/rancher/v2.6/en/cluster-admin/cleaning-cluster-nodes/) before using it in a cluster again. If you reuse a node that hasn't been cleaned, cluster provisioning may fail.

 For more information, refer to the section on [custom nodes.]({{<baseurl>}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/custom-nodes/)
--- a/Show More
+++ b/Show More