aaronlehmann
diff --git a/‎access-ucp/index.md
+7 b/‎access-ucp/index.md
+7
diff --git a/‎applications/index.md
+7 b/‎applications/index.md
+7
diff --git a/‎configuration/index.md
+8 b/‎configuration/index.md
+8
diff --git a/‎high-availability/backups-and-disaster-recovery.md
+31-28 b/‎high-availability/backups-and-disaster-recovery.md
+31-28
diff --git a/‎high-availability/index.md
+8 b/‎high-availability/index.md
+8
diff --git a/‎index.md
+12 b/‎index.md
+12
diff --git a/‎installation/index.md
+12 b/‎installation/index.md
+12
diff --git a/‎installation/install-production.md
+47-35 b/‎installation/install-production.md
+47-35
@@ -9,3 +9,10 @@ identifier="mn_ucp_access"
 weight=31
 +++
 <![end-metadata]-->
+
+# Access UCP
+
+This section includes the following topics:
+
+* [Web-based access](web-based-access.md)
+* [CLI-based access](cli-based-access.md)
@@ -9,3 +9,10 @@ identifier="mn_ucp_applications"
 weight=80
 +++
 <![end-metadata]-->
+
+# UCP applications
+
+This section includes the following topics:
+
+* [Deploy an app from the UI](deploy-app-ui.md)
+* [Deploy an app from the CLI](deploy-app-cli.md)
@@ -9,3 +9,11 @@ identifier="mn_ucp_configuration"
 weight=50
 +++
 <![end-metadata]-->
+
+# UCP configuration
+
+This section includes the following topics:
+
+* [Set up container networking](multi-host-networking.md)
+* [Integrate with Docker Trusted Registry](dtr-integration.md)
+* [Configure UCP logging](configure-logs.md)
@@ -20,13 +20,7 @@ The next step is creating a backup policy and disaster recovery plan.
 
 ## Backup policy
 
-Docker UCP nodes persist data using [named volumes](../architecture.md):
-
-* Controller nodes persist cluster configurations, certificates, and keys
-used to issue certificates and user bundles. This data is replicated on every
-controller node in the cluster.
-* Nodes are stateless. They only store certificates for mutual TLS, that
-can be regenerated.
+Docker UCP nodes persist data using [named volumes](../architecture.md).
 
 As part of your backup policy you should regularly create backups of the
 controller nodes. Since the nodes used for running user containers don't
@@ -46,19 +40,7 @@ To have minimal impact on your business, you should:
 * Configure UCP for high availability. This allows load-balancing user requests
 across multiple UCP controller nodes.
 
-## Backup UCP data
-
-To learn about the options available on the `docker/ucp backup` command, you can
-check the reference documentation, or run:
-
-```bash
-$ docker run --rm docker/ucp backup --help
-```
-
-When creating a backup, the resulting tar archive contains sensitive information
-like private keys. To ensure this information is kept private you should run
-the backup command with the `--passphrase` option. This encrypts
-the backup with a passphrase of your choice.
+## Backup command
 
 The example below shows how to create a backup of a UCP controller node:
 
@@ -68,14 +50,6 @@ $ docker run --rm -i --name ucp \
   -v /var/run/docker.sock:/var/run/docker.sock \
   docker/ucp --interactive --passphrase "secret" > /tmp/backup.tar
 
-Do you want proceed with the backup? (y/n):
-$ y
-
-INFO[0000] Temporarily Stopping local UCP containers to ensure a consistent backup
-INFO[0000] Beginning backup
-INFO[0001] Backup completed successfully
-INFO[0002] Resuming stopped UCP containers
-
 # Decrypt the backup and list its contents
 $ gpg --decrypt /tmp/backup.tar | tar --list
 
@@ -89,6 +63,35 @@ Enter passphrase: secret
 # output snipped
 ```
 
+## Restore command
+
+The example below shows how to restore a UCP controller node from an existing
+backup:
+
+```bash
+$ docker run --rm -i --name ucp \
+  -v /var/run/docker.sock:/var/run/docker.sock  \
+  docker/ucp restore -i < backup.tar
+```
+
+
+## Restore your cluster
+
+Configuring UCP to have multiple controller nodes allows you tolerate a certain
+amount of node failures. If multiple nodes fail at the same time, causing the
+cluster to go down, you can use an existing backup to recover.
+
+As an example, if you have a cluster with three controller nodes, A, B, and C,
+and your most recent backup was of node A:
+
+1. Stop controllers B and C with the `stop` command,
+2. Restore controller A,
+3. Uninstall UCP from controllers B and C,
+4. Join nodes B and C to the cluster.
+
+You should now have your cluster up and running.
+
+
 ## Where to go next
 
 * [Set up high availability](set-up-high-availability.md)
 
@@ -9,3 +9,11 @@ identifier="mn_ucp_high_availability"
 weight=60
 +++
 <![end-metadata]-->
+
+# Configure UCP for high availability
+
+This section includes the following topics:
+
+* [Set up high availability](set-up-high-availability.md)
+* [Replicate CAs for high availability](replicate-cas.md)
+* [Backups and disaster recovery](backups-and-disaster-recovery.md)
@@ -15,3 +15,15 @@ solution from Docker. You install it behind your firewall, and it helps you
 manage your whole cluster from a single place.
 
 The UCP documentation includes the following topics:
+
+* [Universal Control Plane overview](overview.md)
+* [Evaluate UCP in a sandbox](install-sandbox.md)
+* [Architecture](architecture.md)
+* [Installation](installation/system-requirements.md)
+* [Access UCP](access-ucp/web-based-access.md)
+* [Configuration](configuration/multi-host-networking.md)
+* [Monitor and troubleshoot](monitor/monitor-ucp.md)
+* [High availability](high-availability/set-up-high-availability.md)
+* [User management](user-management/manage-users.md)
+* [Applications](applications/deploy-app-ui.md)
+* [Release notes](release_notes.md)
@@ -9,3 +9,15 @@ identifier="mn_ucp_installation"
 weight=30
 +++
 <![end-metadata]-->
+
+# Install UCP
+
+This section includes the following topics:
+
+* [System requirements](system-requirements.md)
+* [Plan a production installation](plan-production-install.md)
+* [Install UCP for production](install-production.md)
+* [Install offline](install-offline.md)
+* [License UCP](license.md)
+* [Upgrade UCP](upgrade.md)
+* [Uninstall UCP](uninstall.md)
@@ -16,19 +16,21 @@ weight=20
 Docker Universal Control Plane (UCP) is a containerized application that can be
 installed on-premises or on a cloud infrastructure.
 
+## Step 1: Validate the system requirements
+
 The first step in installing UCP, is ensuring your
 infrastructure has all the [requirements UCP needs to run](system-requirements).
-Once that is done, use these instructions to install UCP.
 
-## Step 1: Install CS Docker on all nodes
+
+## Step 2: Install CS Docker on all nodes
 
 UCP requires you to install Docker CS Engine 1.10 or above on all nodes of
 your UCP cluster.
 
 For each node that you want to add to the UCP cluster, install the CS Docker
 Engine.
 
-## Step 2: Customize named volumes
+## Step 3: Customize named volumes
 
 This step is optional.
 
@@ -40,7 +42,9 @@ If the volumes don't exist, when installing UCP they are
 created with the default volume driver and flags.
 
 
-## Step 3: Customize the CA used
+## Step 4: Customize the CA used
+
+This step is optional.
 
 The UCP cluster uses TLS to secure all communications. Two Certificate
 Authorities (CA) are used for this:
@@ -69,15 +73,11 @@ If you want to use your own certificates:
     | key.pem  | Your UCP controller private key.                               |
 
 
-## Step 4: Install the UCP controller
+## Step 5: Install the UCP controller
 
 To install UCP you use the `docker/ucp` image. This image has commands to
 install, configure, and backup UCP. To find what commands and options are
-available, check the [reference documentation](../reference/install.md), or run:
-
-```bash
-$ docker run --rm -it docker/ucp --help
-```
+available, check the [reference documentation](../reference/install.md).
 
 To install UCP:
 
@@ -91,47 +91,59 @@ To install UCP:
 
     ```bash
     $ docker run --rm -it --name ucp \
-      -v /var/run/docker.sock:/var/run/docker.sock
-      docker/ucp install -i
+      -v /var/run/docker.sock:/var/run/docker.sock \
+      docker/ucp install -i \
+      --host-address <$UCP_PUBLIC_IP>
     ```
 
-    If you are using server certificates signed by an external CA, include
-    the `--external-server-cert` option at the end of the command.
+    Where:
+
+    * i, specify to run the install command interactively,
+    * host-address, is the public IP where users or a load balancer can access
+    UCP,
+    * Also, include the `--external-server-cert` flag if you're using server
+    certificates signed by an external CA.
+
+    </br>
+    When installing Docker UCP, overlay networking is automatically configured
+    for you. If you are running Docker CS Engine 1.10, or have custom
+    configurations on your Docker CS Engine, you need to restart the Docker
+    daemon at this point.
+
 
 3. Check that the UCP web application is running.
 
     In your browser, navigate to the address where you've installed UCP.
-    If you're not using your own certificates, your browser warns that UCP is
+    If you're not using an external CA, your browser warns that UCP is
     an unsafe site.
 
     ![](../images/login.png)
 
-## Step 5: License your installation
+## Step 6: License your installation
 
 Now that your UCP controller is installed, you need to license it.
 [Learn how to license your installation](license.md).
 
-## Step 6: Backup the controller CAs
+## Step 7: Backup the controller CAs
+
+This step is optional.
 
-Docker UCP has support for high-availability. For an highly available
-installation, you add more controller nodes to the UCP cluster. The controller
-nodes are replicas of each other.
+For an highly available installation, you can add more controller nodes to
+the UCP cluster. The controller nodes are replicas of each other.
 [Learn more about high-availability](../high-availability/set-up-high-availability.md).
 
-When configuring UCP for high-availability, you need to ensure the CAs running
-on each UCP controller node are interchangeable. This is done by using the same
-certificates and keys for every CA on the cluster.
+For this, you need to make the CAs on each controller node, use the same
+root certificates and keys.
 [Learn how to replicate the CAs for high availability](../high-availability/replicate-cas.md).
 
-## Step 7: Add controller replicas to the UCP cluster
 
-To add more controller nodes to the cluster, use the
-`docker/ucp join --replica` command. To find what commands and options are
-available, check the [reference documentation](../reference/join.md), or run:
+## Step 8: Add controller replicas to the UCP cluster
+
+This step is optional.
 
-```bash
-$ docker run --rm -it docker/ucp join --help
-```
+For an highly available installation, you can add more controller nodes to
+the UCP cluster. For that, use the `docker/ucp join --replica` command.
+[Learn more about the join command](../reference/join.md).
 
 For each node that you want to install as a controller replica:
 
@@ -146,13 +158,13 @@ For each node that you want to install as a controller replica:
     ```bash
     $ docker run --rm -it --name ucp \
       -v /var/run/docker.sock:/var/run/docker.sock \
-      docker/ucp join -i --replica
+      docker/ucp join -i \
+      --replica
     ```
 
 3. Repeat steps 1 and 2 on the other nodes you want to set up as replicas.
+Make sure you set up 3, 5, or 7 controllers.
 
-    For high availability, make sure to set up 3, 5, or 7 controller nodes.
-    [Learn more about high-availability](../high-availability/set-up-high-availability.md).
 
 4. Check the cluster state.
 
@@ -161,7 +173,7 @@ For each node that you want to install as a controller replica:
     ![UCP nodes page](../images/replica-nodes.png)
 
 
-## Step 8: Add more nodes to the UCP cluster
+## Step 9: Add more nodes to the UCP cluster
 
 Now you can add additional nodes to your UCP cluster. These are the nodes that
 will be running your containers.
@@ -186,7 +198,7 @@ For each node that you want to add to your UCP cluster:
 
     ![UCP nodes page](../images/nodes-page.png)
 
-## Step 9. Download an admin user bundle
+## Step 10. Download a client certificate bundle
 
 To validate that your cluster is correctly configured, you should try accessing
 the cluster with the Docker CLI client. For this, you'll need to get a client