From ed7de99b58a82e3849b5f3a5b698b4aea4777759 Mon Sep 17 00:00:00 2001
From: Ron Stone <ronald.stone@windriver.com>
Date: Wed, 19 Jun 2024 12:19:14 +0000
Subject: [PATCH] OS related links

Refactoor linking for DS use.

Change-Id: I6de5813fb7df5741e13d34163545d2402a4fd6c5
Signed-off-by: Ron Stone <ronald.stone@windriver.com>
---
 .../_includes/installation-prereqs.rest       |  162 +-
 .../_stx-related-links/aio_duplex_extend.rln  |    0
 .../installation-prereqs.rln                  |   15 +
 doc/source/_vendor/rl-strings.txt             |  744 ++++
 doc/source/_vendor/vendor_strings.txt         |    3 +-
 .../backup/openstack/back-up-openstack.rst    |    4 +-
 .../openstack-backup-considerations.rst       |    4 +-
 .../contributor/doc_contribute_guide.rst      |    2 +
 .../openstack/data-networks-overview.rst      |   20 +-
 .../datanet/openstack/dynamic-vxlan.rst       |    6 +-
 doc/source/datanet/openstack/static-vxlan.rst |    6 +-
 .../aio_duplex_install_kubernetes.rst         | 3139 ++++++++---------
 .../aio_simplex_install_kubernetes.rst        |   28 +-
 ...rapping-from-a-private-docker-registry.rst |    6 +-
 .../controller_storage_install_kubernetes.rst |   22 +-
 .../dedicated_storage_install_kubernetes.rst  |   22 +-
 .../rook_storage_install_kubernetes.rst       |   23 +-
 .../aio_simplex_install_kubernetes.txt        |   13 +-
 .../release/virtual/rook_storage.rst          |    2 +
 ...ute-nodes-to-an-existing-duplex-system.rst |    7 +-
 .../starlingx-hardware-requirements.rst       |    3 +
 ...stall-rest-api-and-horizon-certificate.rst |   12 +-
 .../security/openstack/use-local-clis.rst     |    8 +-
 .../shared/_includes/aio_duplex_extend.rest   |    4 +-
 .../aio_duplex_install_kubernetes.rest        |    3 +-
 .../aio_simplex_install_kubernetes.rest       |    5 +-
 .../alarm-messages-overview-9d087b0170cf.rest |    5 +-
 ...controller_storage_install_kubernetes.rest |    2 +-
 .../dedicated_storage_install_kubernetes.rest |    2 +-
 .../shared/_includes/desc_aio_duplex.txt      |    5 +-
 .../shared/_includes/desc_aio_simplex.txt     |    2 +-
 .../_includes/desc_controller_storage.txt     |    2 +-
 .../_includes/desc_dedicated_storage.txt      |    2 +-
 .../shared/_includes/desc_rook_storage.txt    |    2 +-
 .../inc-install-software-on-controller.rest   |    7 +-
 ...oller-0-virt-controller-storage-start.rest |    9 +-
 ...l-bootstrap-sys-controller-0-standard.rest |    7 +-
 .../incl-config-controller-0-storage.rest     |   11 +-
 ...-controller-0-virt-controller-storage.rest |    3 +-
 .../_includes/incl-config-controller-1.rest   |    2 +-
 .../_includes/installation-prereqs.rest       |    5 +-
 ...servers-for-installation-91baad307173.rest |  167 +-
 ...umber-dimensioning-for-storage-cluster.rst |   10 +-
 ...management-storage-on-controller-hosts.rst |    6 +-
 .../openstack/replacing-a-nova-local-disk.rst |    6 +-
 ...he-storage-type-for-vm-ephemeral-disks.rst |    5 +-
 ...nd-management-storage-on-storage-hosts.rst |    7 +-
 ...anagement-storage-related-cli-commands.rst |    6 +-
 mk-link-subs.sh                               |   60 +
 49 files changed, 2792 insertions(+), 1804 deletions(-)
 create mode 100644 doc/source/_stx-related-links/aio_duplex_extend.rln
 create mode 100644 doc/source/_stx-related-links/installation-prereqs.rln
 create mode 100644 doc/source/_vendor/rl-strings.txt
 create mode 100755 mk-link-subs.sh

diff --git a/doc/source/_includes/installation-prereqs.rest b/doc/source/_includes/installation-prereqs.rest
index 4c9448bc1..01b74c93f 100644
--- a/doc/source/_includes/installation-prereqs.rest
+++ b/doc/source/_includes/installation-prereqs.rest
@@ -1,3 +1,161 @@
-.. begin-vdr-additional-prereqs
-.. end-vdr-additional-prereqs
 
+.. _installation-prereqs:
+
+
+==========================
+Installation Prerequisites
+==========================
+
+.. begin-install-prereqs
+
+Several pre-requisites must be completed prior to starting the |prod|
+installation.
+
+Before attempting to install |prod|, ensure that you have the following:
+
+
+-   The |prod-long| host installer ISO image file.
+
+-   The ``update-iso.sh`` script.
+
+    .. include:: /_includes/installation-prereqs.rest
+       :start-after: begin-vdr-additional-prereqs
+       :end-before: end-vdr-additional-prereqs
+
+-   *Optionally*, if required, update the ISO image to modify installation boot
+    parameters, automatically select boot menu options and/or add a kickstart
+    file to automatically perform configurations such as configuring the initial
+    IP Interface for bootstrapping.
+
+    Use the ``update-iso.sh`` script from |dnload-loc|. The script syntax and
+    options are:
+
+    .. code-block::
+
+        update-iso.sh --initial-password <password> -i <input bootimage.iso> -o <output bootimage.iso>
+            [ -a <ks-addon.cfg> ] [ -p param=value ]
+            [ -d <default menu option> ] [ -t <menu timeout> ]
+            -i <file>: Specify input ISO file
+            -o <file>: Specify output ISO file
+            -a <file>: Specify ks-addon.cfg file
+            --initial-password <password>: Specify the initial login password for sysadmin user
+            -p <p=v>:  Specify boot parameter
+
+            Example:
+                -p instdev=/dev/disk/by-path/pci-0000:00:0d.0-ata-1.0
+
+            -d <default menu option>:
+                Specify default boot menu option:
+                0 - Standard Controller, Serial Console
+                1 - Standard Controller, Graphical Console
+                2 - AIO, Serial Console
+                3 - AIO, Graphical Console
+                4 - AIO Low-latency, Serial Console
+                5 - AIO Low-latency, Graphical Console
+                NULL - Clear default selection
+            -t <menu timeout>:
+                Specify boot menu timeout, in seconds
+
+    The following example ``ks-addon.cfg`` file, used with the ``-a`` option,
+    sets up an initial IP interface at boot time by defining a |VLAN| on an
+    Ethernet interface with with ``static`` assigned |VLAN| addresses:
+
+    .. code-block::
+
+        #### start ks-addon.cfg
+        RAW_DEV=enp24s0f0
+        OAM_VLAN=103
+        MGMT_VLAN=163
+
+        cat << EOF > ${IMAGE_ROOTFS}/etc/network/interfaces.d/auto
+        auto ${RAW_DEV} lo vlan${OAM_VLAN} vlan${MGMT_VLAN}
+
+        EOF
+
+        cat << EOF > ${IMAGE_ROOTFS}/etc/network/interfaces.d/ifcfg-${RAW_DEV}
+        iface ${RAW_DEV} inet manual
+        mtu 9000
+        post-up echo 0 > /proc/sys/net/ipv6/conf/${RAW_DEV}/autoconf;\
+        echo 0 > /proc/sys/net/ipv6/conf/${RAW_DEV}/accept_ra;\
+        echo 0 > /proc/sys/net/ipv6/conf/${RAW_DEV}/accept_redirects
+        EOF
+
+        cat << EOF > ${IMAGE_ROOTFS}/etc/network/interfaces.d/ifcfg-vlan${OAM_VLAN}
+        iface vlan${OAM_VLAN} inet6 static
+        vlan-raw-device ${RAW_DEV}
+        address <__address__>
+        netmask 64
+        gateway <__address__>
+        mtu 1500
+        post-up /usr/sbin/ip link set dev vlan${OAM_VLAN} mtu 1500;\
+        echo 0 > /proc/sys/net/ipv6/conf/vlan${OAM_VLAN}/autoconf;\
+        echo 0 > /proc/sys/net/ipv6/conf/vlan${OAM_VLAN}/accept_ra;\
+        echo 0 > /proc/sys/net/ipv6/conf/vlan${OAM_VLAN}/accept_redirects
+        pre-up /sbin/modprobe -q 8021q
+        EOF
+
+        cat << EOF > ${IMAGE_ROOTFS}/etc/network/interfaces.d/ifcfg-vlan${MGMT_VLAN}
+        iface vlan${MGMT_VLAN} inet6 static
+        vlan-raw-device ${RAW_DEV}
+        address <__address__>
+        netmask 64
+        mtu 1500
+        post-up /usr/local/bin/tc_setup.sh vlan${MGMT_VLAN} mgmt 10000 > /dev/null;\
+        /usr/sbin/ip link set dev vlan${MGMT_VLAN} mtu 1500;\
+        echo 0 > /proc/sys/net/ipv6/conf/vlan${MGMT_VLAN}/autoconf;\
+        echo 0 > /proc/sys/net/ipv6/conf/vlan${MGMT_VLAN}/accept_ra;\
+        echo 0 > /proc/sys/net/ipv6/conf/vlan${MGMT_VLAN}/accept_redirects
+        pre-up /sbin/modprobe -q 8021q
+        EOF
+
+        #### end ks-addon.cfg
+
+    After updating the ISO image, create a bootable USB with the ISO or put the
+    ISO on a PXEBOOT server. See the next bullet for details.
+
+-   A mechanism for boot installation of the |prod-long| host installer ISO
+    downloaded from |dnload-loc|. This can be either:
+
+    -   a bootable USB drive with the |prod-long| host installer ISO. See
+        |bootable_usb|.
+
+    -   the ISO image on a |PXE| boot server on the same network as the server
+        that will be used as the initial controller-0. See
+        |pxe-boot-controller-0-d5da025c2524|.
+
+
+-   For all controller or AIO controller servers, |OAM| Network connectivity to:
+
+    -   the |BMC| ports of all nodes
+
+    -   An external DNS Server. This is required for accessing |org| Docker
+        Registry as discussed below.
+
+    -   A Docker Registry(s) containing the Docker images for the |prod| load
+        accessible via the |OAM| Network.
+
+    You can use one of the following options:
+
+    .. only:: partner
+
+       -   The |org| Docker Registry. This is the default option.
+
+    .. only:: starlingx
+
+       -   The public open source registries (i.e. docker.io, k8s.gcr.io,
+           ghcr.io, gcr.io, quay.io). This is the default option.
+
+    -   A private Docker Registry populated with the docker images from the
+        |reg-string|.
+
+        .. only:: partner
+
+           .. include:: /_includes/bootstrapping-from-a-private-docker-registry.rest
+
+
+-   A record of the IP addresses allocated for the public interfaces for your
+    deployment (that is IP addresses for the |OAM| Network and |SRIOV| Data
+    Networks).
+
+
+.. end-install-prereqs
diff --git a/doc/source/_stx-related-links/aio_duplex_extend.rln b/doc/source/_stx-related-links/aio_duplex_extend.rln
new file mode 100644
index 000000000..e69de29bb
diff --git a/doc/source/_stx-related-links/installation-prereqs.rln b/doc/source/_stx-related-links/installation-prereqs.rln
new file mode 100644
index 000000000..ccb0a1fa0
--- /dev/null
+++ b/doc/source/_stx-related-links/installation-prereqs.rln
@@ -0,0 +1,15 @@
+.. begin-rls
+.. end-rls
+
+.. begin-pxe-boot-controller-0-d5da025c2524
+
+See Appendix :ref:`pxe-boot-controller-0-d5da025c2524` for details.
+
+.. end-pxe-boot-controller-0-d5da025c2524
+
+.. begin-bootable_usb
+
+Refer to |bootable_usb| for instructions on how to create a bootable USB
+with the StarlingX ISO on your system.
+
+.. end-bootable_usb
diff --git a/doc/source/_vendor/rl-strings.txt b/doc/source/_vendor/rl-strings.txt
new file mode 100644
index 000000000..86cb81870
--- /dev/null
+++ b/doc/source/_vendor/rl-strings.txt
@@ -0,0 +1,744 @@
+.. |nvme_config| replace:: :ref:`NVME Configuration <nvme_config>`
+.. |bootable_usb| replace:: :ref:`Create Bootable USB <bootable_usb>`
+.. |configure-dedicated-and-shared-cpu-pools-on-hosts| replace:: :ref:`Configure Nova's Dedicated and Shared CPU Pools on Hosts <configure-dedicated-and-shared-cpu-pools-on-hosts>`
+.. |index-admintasks-768a6e9aaeff| replace:: :ref:`Admin Tasks <index-admintasks-768a6e9aaeff>`
+.. |kubernetes-cpu-manager-policies| replace:: :ref:`Kubernetes CPU Manager Policies <kubernetes-cpu-manager-policies>`
+.. |admin-application-commands-and-helm-overrides| replace:: :ref:`Application Commands and Helm Overrides <admin-application-commands-and-helm-overrides>`
+.. |kubernetes-admin-tutorials-metrics-server| replace:: :ref:`Install Metrics Server <kubernetes-admin-tutorials-metrics-server>`
+.. |remove-ptp-notifications| replace:: :ref:`Remove PTP Notifications <remove-ptp-notifications>`
+.. |install-ptp-notifications| replace:: :ref:`Install PTP Notifications <install-ptp-notifications>`
+.. |oran-o2-application-b50a0c899e66| replace:: :ref:`O-RAN O2 Application <oran-o2-application-b50a0c899e66>`
+.. |isolating-cpu-cores-to-enhance-application-performance| replace:: :ref:`Isolate CPU Cores to Enhance Application Performance <isolating-cpu-cores-to-enhance-application-performance>`
+.. |setting-up-a-public-repository| replace:: :ref:`Set up a Public Repository in Local Docker Registry <setting-up-a-public-repository>`
+.. |kubernetes-topology-manager-policies| replace:: :ref:`Kubernetes Topology Manager Policies <kubernetes-topology-manager-policies>`
+.. |local-docker-registry| replace:: :ref:`Local Docker Registry <local-docker-registry>`
+.. |freeing-space-in-the-local-docker-registry| replace:: :ref:`Free Space in the Local Docker Registry <freeing-space-in-the-local-docker-registry>`
+.. |about-the-admin-tutorials| replace:: :ref:`About the Admin Tutorials <about-the-admin-tutorials>`
+.. |istio-service-mesh-application-eee5ebb3d3c4| replace:: :ref:`Technology Preview - Istio Service Mesh Application <istio-service-mesh-application-eee5ebb3d3c4>`
+.. |kubernetes-admin-tutorials-starlingx-application-package-manager| replace:: :ref:`StarlingX Application Package Manager <kubernetes-admin-tutorials-starlingx-application-package-manager>`
+.. |kubernetes-admin-tutorials-helm-package-manager| replace:: :ref:`Helm Package Manager <kubernetes-admin-tutorials-helm-package-manager>`
+.. |installing-updating-the-docker-registry-certificate| replace:: :ref:`Install/Update Local Registry Certificates <installing-updating-the-docker-registry-certificate>`
+.. |pci-irq-affinity-4fed257d094b| replace:: :ref:`PCI IRQ Affinity <pci-irq-affinity-4fed257d094b>`
+.. |bootstrap-data| replace:: :ref:`Bootstrap Data <bootstrap-data>`
+.. |overview-of-vnf-integration| replace:: :ref:`Overview of VNF Integration <overview-of-vnf-integration>`
+.. |use-a-vif-model-when-creating-ports| replace:: :ref:`Using a VIF Model when Creating Ports <use-a-vif-model-when-creating-ports>`
+.. |configure-kvm-virtual-ptp-driver| replace:: :ref:`Configure KVM Virtual PTP Driver <configure-kvm-virtual-ptp-driver>`
+.. |configuration-using-metadata| replace:: :ref:`Configuration Using Metadata <configuration-using-metadata>`
+.. |standard-virtio-backed-with-vhost-support| replace:: :ref:`Standard Virtio - Backed with Vhost Support <standard-virtio-backed-with-vhost-support>`
+.. |index-guest-ef8c9a20bf6c| replace:: :ref:`Guest Integration <index-guest-ef8c9a20bf6c>`
+.. |ptp-notifications-overview| replace:: :ref:`PTP Notifications Overview <ptp-notifications-overview>`
+.. |node-interface-metrics-exporter-application-d98b2707c7e9| replace:: :ref:`Node Interface Metrics Exporter Application <node-interface-metrics-exporter-application-d98b2707c7e9>`
+.. |ptp-notification-status-conditions-6d6105fccf10| replace:: :ref:`PTP Notification Status Conditions <ptp-notification-status-conditions-6d6105fccf10>`
+.. |integrate-the-application-with-notification-client-sidecar| replace:: :ref:`Integrate the Application with Notification Client Sidecar <integrate-the-application-with-notification-client-sidecar>`
+.. |starlingx_patching| replace:: :ref:`StarlingX patching <starlingx_patching>`
+.. |developer_resources| replace:: :ref:`Developer Resources <developer_resources>`
+.. |virtual-create-and-bootstrap-from-a-private-docker-registry| replace:: :ref:`Create and Bootstrap from a Local External Private Docker Registry <virtual-create-and-bootstrap-from-a-private-docker-registry>`
+.. |stx_ipv6_deployment| replace:: :ref:`StarlingX IPv6 Deployment <stx_ipv6_deployment>`
+.. |index-dist-cloud-f5dbeb16b976| replace:: :ref:`Distributed Cloud <index-dist-cloud-f5dbeb16b976>`
+.. |certificate-management-for-admin-rest-api-endpoints| replace:: :ref:`Certificate Management for Admin REST API Endpoints <certificate-management-for-admin-rest-api-endpoints>`
+.. |installing-a-subcloud-using-redfish-platform-management-service| replace:: :ref:`Install a Subcloud Using Redfish Platform Management Service <installing-a-subcloud-using-redfish-platform-management-service>`
+.. |aborting-the-distributed-upgrade-orchestration| replace:: :ref:`Aborting the Distributed Upgrade Orchestration <aborting-the-distributed-upgrade-orchestration>`
+.. |installing-and-provisioning-a-subcloud| replace:: :ref:`Install and Provision a Subcloud <installing-and-provisioning-a-subcloud>`
+.. |migrate-an-aiosx-subcloud-to-an-aiodx-subcloud| replace:: :ref:`Reconfigure the Cluster-Host Interface <migrate-an-aiosx-subcloud-to-an-aiodx-subcloud>`
+.. |deploy-restore-and-manage-subclouds-of-previous-release-5e986615cb4b| replace:: :ref:`Deploy, Restore, and Manage Subclouds of Previous Release <deploy-restore-and-manage-subclouds-of-previous-release-5e986615cb4b>`
+.. |delete-subcloud-backup-data-using-dcmanager-cli-9cabe48bc4fd| replace:: :ref:`Delete Subcloud Backup Data Using DCManager CLI <delete-subcloud-backup-data-using-dcmanager-cli-9cabe48bc4fd>`
+.. |customizing-the-update-configuration-for-distributed-cloud-update-orchestration| replace:: :ref:`Customize the Update Configuration for Distributed Cloud Update Orchestration <customizing-the-update-configuration-for-distributed-cloud-update-orchestration>`
+.. |subcloud-geo-redundancy-error-root-cause-correction-action-43449d658aae| replace:: :ref:`Subcloud GEO Redundancy Error Root Cause and Correction Action <subcloud-geo-redundancy-error-root-cause-correction-action-43449d658aae>`
+.. |prestage-subcloud-orchestration-eb516473582f| replace:: :ref:`Prestage Subcloud Orchestration <prestage-subcloud-orchestration-eb516473582f>`
+.. |orchestration-commands-for-dcmanager-4947f9fb9588| replace:: :ref:`Kubernetes Root CA Certificate Update for Distributed Cloud Orchestration <orchestration-commands-for-dcmanager-4947f9fb9588>`
+.. |update-orchestration-of-central-clouds-regionone-and-subclouds-using-the-cli| replace:: :ref:`Update Orchestration of Subclouds Using the CLI <update-orchestration-of-central-clouds-regionone-and-subclouds-using-the-cli>`
+.. |managing-ldap-linux-user-accounts-on-the-system-controller| replace:: :ref:`Managing LDAP Linux User Accounts on the System Controller <managing-ldap-linux-user-accounts-on-the-system-controller>`
+.. |shared-configurations| replace:: :ref:`Shared Configurations <shared-configurations>`
+.. |create-a-kubernetes-upgrade-orchestration-using-horizon-16742b62ffb2| replace:: :ref:`Create a Kubernetes Upgrade Orchestration using Horizon <create-a-kubernetes-upgrade-orchestration-using-horizon-16742b62ffb2>`
+.. |the-kubernetes-distributed-cloud-update-orchestration-process| replace:: :ref:`Kubernetes Version Upgrade Distributed Cloud Orchestration Overview <the-kubernetes-distributed-cloud-update-orchestration-process>`
+.. |installing-a-subcloud-without-redfish-platform-management-service| replace:: :ref:`Install a Subcloud Without Redfish Platform Management Service <installing-a-subcloud-without-redfish-platform-management-service>`
+.. |configuration-for-specific-subclouds| replace:: :ref:`Configuration for Specific Subclouds <configuration-for-specific-subclouds>`
+.. |distributed-upgrade-orchestration-process-using-the-cli| replace:: :ref:`Distributed Upgrade Orchestration Process using the CLI <distributed-upgrade-orchestration-process-using-the-cli>`
+.. |prestage-a-subcloud-using-dcmanager-df756866163f| replace:: :ref:`Prestage a Subcloud <prestage-a-subcloud-using-dcmanager-df756866163f>`
+.. |upgrade-management-overview| replace:: :ref:`Upgrade Management Overview <upgrade-management-overview>`
+.. |reviewing-update-status-for-distributed-cloud-using-the-cli| replace:: :ref:`Review Update Status for Distributed Cloud Using the CLI <reviewing-update-status-for-distributed-cloud-using-the-cli>`
+.. |robust-error-handling-during-an-orchestrated-upgrade| replace:: :ref:`Error Handling During An Orchestrated Upgrade <robust-error-handling-during-an-orchestrated-upgrade>`
+.. |uploading-and-applying-updates-to-systemcontroller-using-horizon| replace:: :ref:`Upload and Apply Updates to SystemController Using Horizon <uploading-and-applying-updates-to-systemcontroller-using-horizon>`
+.. |creating-subcloud-groups| replace:: :ref:`Create Subcloud Groups <creating-subcloud-groups>`
+.. |update-orchestration-of-central-clouds-regionone-and-subclouds| replace:: :ref:`Update Orchestration of Subclouds <update-orchestration-of-central-clouds-regionone-and-subclouds>`
+.. |configure-distributed-cloud-system-controller-geo-redundancy-e3a31d6bf662| replace:: :ref:`Configure Distributed Cloud System Controller GEO Redundancy <configure-distributed-cloud-system-controller-geo-redundancy-e3a31d6bf662>`
+.. |managing-subcloud-groups| replace:: :ref:`Manage Subcloud Groups <managing-subcloud-groups>`
+.. |create-an-upgrade-orchestration-using-horizon-9f8c6c2f3706| replace:: :ref:`Create an Upgrade Orchestration using Horizon <create-an-upgrade-orchestration-using-horizon-9f8c6c2f3706>`
+.. |create-subcloud-groups-using-the-horizon-web-interface-69d357303531| replace:: :ref:`Create Subcloud Groups Using the Horizon Web Interface <create-subcloud-groups-using-the-horizon-web-interface-69d357303531>`
+.. |switching-to-a-subcloud-from-the-system-controller| replace:: :ref:`Switch to a Subcloud from the System Controller <switching-to-a-subcloud-from-the-system-controller>`
+.. |update-management-for-distributed-cloud| replace:: :ref:`Update Management for Distributed Cloud <update-management-for-distributed-cloud>`
+.. |apply-the-upgrade-strategy-using-horizon-d0aab18cc724| replace:: :ref:`Apply the Upgrade Strategy using Horizon <apply-the-upgrade-strategy-using-horizon-d0aab18cc724>`
+.. |regionone-and-systemcontroller-modes| replace:: :ref:`RegionOne and SystemController Modes <regionone-and-systemcontroller-modes>`
+.. |overview-of-distributed-cloud| replace:: :ref:`Overview of Distributed Cloud <overview-of-distributed-cloud>`
+.. |failure-prior-to-the-installation-of-n-plus-1-load-on-a-subcloud| replace:: :ref:`Failure Prior to the Installation of N+1 Load on a Subcloud <failure-prior-to-the-installation-of-n-plus-1-load-on-a-subcloud>`
+.. |upgrading-the-systemcontroller-using-the-cli| replace:: :ref:`Upgrade the System Controller Using the CLI <upgrading-the-systemcontroller-using-the-cli>`
+.. |failure-during-the-installation-or-data-migration-of-n-plus-1-load-on-a-subcloud| replace:: :ref:`Failure During the Installation or Data Migration of N+1 Load on a Subcloud <failure-during-the-installation-or-data-migration-of-n-plus-1-load-on-a-subcloud>`
+.. |installing-and-provisioning-the-central-cloud| replace:: :ref:`Install and Provision the Central Cloud <installing-and-provisioning-the-central-cloud>`
+.. |uploading-and-applying-updates-to-systemcontroller-using-the-cli| replace:: :ref:`Upload and Apply Updates to SystemController Using the CLI <uploading-and-applying-updates-to-systemcontroller-using-the-cli>`
+.. |device-image-update-orchestration| replace:: :ref:`Device Image Update Orchestration <device-image-update-orchestration>`
+.. |create-a-firmware-update-orchestration-strategy-using-horizon-cfecdb67cef2| replace:: :ref:`Create a Firmware Update Orchestration Strategy using Horizon <create-a-firmware-update-orchestration-strategy-using-horizon-cfecdb67cef2>`
+.. |delete-subcloud-groups-22a7c65e66d7| replace:: :ref:`Delete Subcloud Groups Using the Horizon Web Interface <delete-subcloud-groups-22a7c65e66d7>`
+.. |rehoming-subcloud-with-expired-certificates-00549c4ea6e2| replace:: :ref:`Rehoming Subcloud with Expired Certificates <rehoming-subcloud-with-expired-certificates-00549c4ea6e2>`
+.. |add-a-horizon-keystone-user-to-distributed-cloud-29655b0f0eb9| replace:: :ref:`Add a Horizon/Keystone User to Distributed Cloud <add-a-horizon-keystone-user-to-distributed-cloud-29655b0f0eb9>`
+.. |applying-the-update-strategy-for-distributed-cloud| replace:: :ref:`Apply the Update Strategy for Distributed Cloud <applying-the-update-strategy-for-distributed-cloud>`
+.. |cli-commands-for-dc-alarms-management| replace:: :ref:`CLI Commands for Distributed Cloud Alarm Management <cli-commands-for-dc-alarms-management>`
+.. |creating-an-update-strategy-for-distributed-cloud-update-orchestration| replace:: :ref:`Create an Update Strategy for Distributed Cloud Update Orchestration <creating-an-update-strategy-for-distributed-cloud-update-orchestration>`
+.. |rename-subcloud-e303565e7192| replace:: :ref:`Rename a Subcloud <rename-subcloud-e303565e7192>`
+.. |updating-docker-registry-credentials-on-a-subcloud| replace:: :ref:`Update Credentials Used by Subcloud for Install Registry (registry.central) <updating-docker-registry-credentials-on-a-subcloud>`
+.. |subcloud-deployment-with-local-installation-4982449058d5| replace:: :ref:`Subcloud Deployment with Local Installation <subcloud-deployment-with-local-installation-4982449058d5>`
+.. |apply-a-kubernetes-upgrade-strategy-using-horizon-2bb24c72e947| replace:: :ref:`Apply a Kubernetes Upgrade Strategy using Horizon <apply-a-kubernetes-upgrade-strategy-using-horizon-2bb24c72e947>`
+.. |update-a-subcloud-network-parameters-b76377641da4| replace:: :ref:`Manage Subcloud Network Parameters <update-a-subcloud-network-parameters-b76377641da4>`
+.. |subcloud-deployment-phases-0ce5f6fbf696| replace:: :ref:`Subcloud Deployment Phases <subcloud-deployment-phases-0ce5f6fbf696>`
+.. |alarms-management-for-distributed-cloud| replace:: :ref:`Alarms Management for Distributed Cloud <alarms-management-for-distributed-cloud>`
+.. |distributed-cloud-architecture| replace:: :ref:`Distributed Cloud Architecture <distributed-cloud-architecture>`
+.. |reviewing-update-status-for-distributed-cloud-using-horizon| replace:: :ref:`Review Update Status for Distributed Cloud Using Horizon <reviewing-update-status-for-distributed-cloud-using-horizon>`
+.. |apply-the-firmware-update-strategy-using-horizon-e78bf11c7189| replace:: :ref:`Apply the Firmware Update Strategy using Horizon <apply-the-firmware-update-strategy-using-horizon-e78bf11c7189>`
+.. |edit-subcloud-groups-85232c3a7d33| replace:: :ref:`Edit Subcloud Groups Using the Horizon Web Interface <edit-subcloud-groups-85232c3a7d33>`
+.. |managing-subclouds-using-the-cli| replace:: :ref:`Manage Subclouds Using the CLI <managing-subclouds-using-the-cli>`
+.. |backup-a-subcloud-group-of-subclouds-using-dcmanager-cli-f12020a8fc42| replace:: :ref:`Backup a Subcloud/Group of Subclouds using DCManager CLI <backup-a-subcloud-group-of-subclouds-using-dcmanager-cli-f12020a8fc42>`
+.. |distributed-cloud-ports-reference| replace:: :ref:`Distributed Cloud Ports Reference <distributed-cloud-ports-reference>`
+.. |rehoming-a-subcloud| replace:: :ref:`Rehome a Subcloud <rehoming-a-subcloud>`
+.. |changing-the-admin-password-on-distributed-cloud| replace:: :ref:`Change the Admin Password on Distributed Cloud <changing-the-admin-password-on-distributed-cloud>`
+.. |synchronization-monitoring-and-control| replace:: :ref:`Synchronization Monitoring and Control <synchronization-monitoring-and-control>`
+.. |ochestration-strategy-using-subcloud-groups| replace:: :ref:`Orchestration Strategy Using Subcloud Groups <ochestration-strategy-using-subcloud-groups>`
+.. |configuring-kubernetes-update-orchestration-on-distributed-cloud| replace:: :ref:`Configure Kubernetes Version Upgrade Distributed Cloud Orchestration <configuring-kubernetes-update-orchestration-on-distributed-cloud>`
+.. |monitoring-subclouds-using-horizon| replace:: :ref:`Monitor Subclouds Using Horizon <monitoring-subclouds-using-horizon>`
+.. |overview-of-distributed-cloud-geo-redundancy| replace:: :ref:`Overview of Distributed Cloud GEO Redundancy <overview-of-distributed-cloud-geo-redundancy>`
+.. |restore-a-subcloud-group-of-subclouds-from-backup-data-using-dcmanager-cli-f10c1b63a95e| replace:: :ref:`Restore a Subcloud/Group of Subclouds from Backup Data Using DCManager CLI <restore-a-subcloud-group-of-subclouds-from-backup-data-using-dcmanager-cli-f10c1b63a95e>`
+.. |index-documentation-archive-900988dce206| replace:: :ref:`Documentation Archive <index-documentation-archive-900988dce206>`
+.. |fault-and-performance-management-940c6f6b3f6e| replace:: :ref:` Performance and Fault Management <fault-and-performance-management-940c6f6b3f6e>`
+.. |deploy_config_overview| replace:: :ref:`Deployment Configurations Overview <deploy_config_overview>`
+.. |index-intro-27197f27ad41| replace:: :ref:`Introduction <index-intro-27197f27ad41>`
+.. |functional_overview| replace:: :ref:`Functional Overview <functional_overview>`
+.. |pci-device-access-for-vms| replace:: :ref:`PCI Device Access for VMs <pci-device-access-for-vms>`
+.. |exposing-a-generic-pci-device-using-the-cli| replace:: :ref:`Expose a Generic PCI Device Using the CLI <exposing-a-generic-pci-device-using-the-cli>`
+.. |sr-iov-encryption-acceleration| replace:: :ref:`SR-IOV Encryption Acceleration <sr-iov-encryption-acceleration>`
+.. |generic-pci-passthrough| replace:: :ref:`Generic PCI Passthrough <generic-pci-passthrough>`
+.. |node-management-overview| replace:: :ref:`Overview <node-management-overview>`
+.. |configure-pci-passthrough-ethernet-interfaces| replace:: :ref:`Configure PCI Passthrough Ethernet Interfaces <configure-pci-passthrough-ethernet-interfaces>`
+.. |pci-sr-iov-ethernet-interface-devices| replace:: :ref:`Configure PCI SR-IOV Ethernet Interface Devices <pci-sr-iov-ethernet-interface-devices>`
+.. |pci-passthrough-ethernet-interface-devices| replace:: :ref:`PCI Passthrough Ethernet Interface Devices <pci-passthrough-ethernet-interface-devices>`
+.. |expose-a-generic-pci-device-for-use-by-vms| replace:: :ref:`Expose a Generic PCI Device for Use by VMs <expose-a-generic-pci-device-for-use-by-vms>`
+.. |adding-compute-nodes-to-an-existing-duplex-system| replace:: :ref:`Add Compute Nodes to an Existing Duplex System <adding-compute-nodes-to-an-existing-duplex-system>`
+.. |configuring-a-flavor-to-use-a-generic-pci-device| replace:: :ref:`Configure a Flavor to Use a Generic PCI Device <configuring-a-flavor-to-use-a-generic-pci-device>`
+.. |index-node-mgmt-cd0f9d8eaee6| replace:: :ref:`Node Management <index-node-mgmt-cd0f9d8eaee6>`
+.. |creating-interfaces| replace:: :ref:`Create interfaces <creating-interfaces>`
+.. |configuring-ethernet-interfaces-on-sriov-interface-from-horizon| replace:: :ref:`Configure Ethernet Interfaces on SR-IOV Interface Using Horizon <configuring-ethernet-interfaces-on-sriov-interface-from-horizon>`
+.. |configuring-vlan-interfaces-using-horizon| replace:: :ref:`Configure VLAN Interfaces Using Horizon <configuring-vlan-interfaces-using-horizon>`
+.. |provisioning-sr-iov-interfaces-using-the-cli| replace:: :ref:`Provision SR-IOV Interfaces using the CLI <provisioning-sr-iov-interfaces-using-the-cli>`
+.. |configuring-vlan-interfaces-using-the-cli| replace:: :ref:`Configure VLAN Interfaces Using the CLI <configuring-vlan-interfaces-using-the-cli>`
+.. |editing-interface-settings| replace:: :ref:`Edit Interface Settings <editing-interface-settings>`
+.. |deleting-or-disabling-interfaces-using-the-cli| replace:: :ref:`Delete or Disable Interfaces Using the CLI <deleting-or-disabling-interfaces-using-the-cli>`
+.. |interface-ip-address-provisioning-using-the-cli| replace:: :ref:`Interface IP Address Provisioning Using the CLI <interface-ip-address-provisioning-using-the-cli>`
+.. |nic-replacement-with-the-same-vendor-and-device-id-32942b7b05e5| replace:: :ref:`Replace a NIC with the same vendor and device-id <nic-replacement-with-the-same-vendor-and-device-id-32942b7b05e5>`
+.. |interface-provisioning| replace:: :ref:`Interface Provisioning <interface-provisioning>`
+.. |deleting-or-disabling-interfaces-using-horizon| replace:: :ref:`Delete or Disable Interfaces using Horizon <deleting-or-disabling-interfaces-using-horizon>`
+.. |replace-a-nic-with-a-different-vendor-or-device-id-b406c1c190a9| replace:: :ref:`Replace a NIC with a different vendor or device-id <replace-a-nic-with-a-different-vendor-or-device-id-b406c1c190a9>`
+.. |attaching-ethernet-interfaces-to-networks-using-the-cli| replace:: :ref:`Attach Ethernet Interfaces to Networks Using the CLI <attaching-ethernet-interfaces-to-networks-using-the-cli>`
+.. |provisioning-sr-iov-vf-interfaces-using-the-cli| replace:: :ref:`Provision SR-IOV VF Interfaces using the CLI <provisioning-sr-iov-vf-interfaces-using-the-cli>`
+.. |changing-a-management-interface-to-aggregated-using-the-cli| replace:: :ref:`Change a Management Interface to Aggregated Using the CLI <changing-a-management-interface-to-aggregated-using-the-cli>`
+.. |link-aggregation-settings| replace:: :ref:`Link Aggregation Settings <link-aggregation-settings>`
+.. |interface-settings| replace:: :ref:`Interface Settings <interface-settings>`
+.. |configuring-aggregated-ethernet-interfaces-using-horizon| replace:: :ref:`Configure Aggregated Ethernet Interfaces Using Horizon <configuring-aggregated-ethernet-interfaces-using-horizon>`
+.. |configuring-aggregated-ethernet-interfaces-using-the-cli| replace:: :ref:`Configure Aggregated Ethernet Interfaces Using the CLI <configuring-aggregated-ethernet-interfaces-using-the-cli>`
+.. |configuring-ethernet-interfaces-using-horizon| replace:: :ref:`Configure Ethernet Interfaces Using Horizon <configuring-ethernet-interfaces-using-horizon>`
+.. |changing-hardware-components-for-a-storage-host| replace:: :ref:`Change Hardware Components for a Storage Host <changing-hardware-components-for-a-storage-host>`
+.. |configuration-changes-requiring-re-installation| replace:: :ref:`Configuration Changes Requiring Re-installation <configuration-changes-requiring-re-installation>`
+.. |changing-hardware-components-for-a-controller-host| replace:: :ref:`Change Hardware Components for a Controller Host <changing-hardware-components-for-a-controller-host>`
+.. |changing-hardware-components-for-a-worker-host| replace:: :ref:`Change Hardware Components for a Worker Host <changing-hardware-components-for-a-worker-host>`
+.. |fec-replacement-with-different-vendor-or-device-id-b1ab1440e15f| replace:: :ref:`Replace N3000 and ACC100 with a different vendor and device-id <fec-replacement-with-different-vendor-or-device-id-b1ab1440e15f>`
+.. |configure-sriov-fec-operator-to-enable-hw-accelerators-for-hosted-vran-containarized-workloads| replace:: :ref:`Configure Intel Wireless FEC Accelerators using SR-IOV FEC operator <configure-sriov-fec-operator-to-enable-hw-accelerators-for-hosted-vran-containarized-workloads>`
+.. |set-up-pods-to-use-sriov| replace:: :ref:`Set Up Pods to Use SRIOV to Access ACC100/ACC200 HW Accelerators <set-up-pods-to-use-sriov>`
+.. |marvell-octeon-nic-accelerator-support-0ca20e6fc2c9| replace:: :ref:`Marvell Octeon NIC Accelerator Support <marvell-octeon-nic-accelerator-support-0ca20e6fc2c9>`
+.. |listing-uploaded-device-images| replace:: :ref:`List Uploaded Device Images <listing-uploaded-device-images>`
+.. |removing-a-device-image| replace:: :ref:`Remove a Device Image <removing-a-device-image>`
+.. |displaying-the-status-of-device-images| replace:: :ref:`Display the Status of Device Images <displaying-the-status-of-device-images>`
+.. |n3000-and-acc100-replacement-with-the-same-vendor-and-device-id-cccabcdc5d43| replace:: :ref:`Replace N3000 and ACC100 with the same vendor and device-id <n3000-and-acc100-replacement-with-the-same-vendor-and-device-id-cccabcdc5d43>`
+.. |initiating-a-device-image-update-for-a-host| replace:: :ref:`Initiate a Device Image Update for a Host <initiating-a-device-image-update-for-a-host>`
+.. |enabling-mount-bryce-hw-accelerator-for-hosted-vram-containerized-workloads| replace:: :ref:`Enable ACC100/ACC200 Hardware Accelerators for Hosted vRAN Containerized Workloads <enabling-mount-bryce-hw-accelerator-for-hosted-vram-containerized-workloads>`
+.. |updating-an-intel-n3000-fpga-image| replace:: :ref:`Update an N3000 FPGA Image <updating-an-intel-n3000-fpga-image>`
+.. |n3000-overview| replace:: :ref:`N3000 FPGA Overview <n3000-overview>`
+.. |removing-a-device-label| replace:: :ref:`Remove a Device Label <removing-a-device-label>`
+.. |showing-details-for-an-fpga-device| replace:: :ref:`Show Details for a Device <showing-details-for-an-fpga-device>`
+.. |uploading-a-device-image| replace:: :ref:`Upload a Device Image <uploading-a-device-image>`
+.. |listing-device-labels| replace:: :ref:`List Device Labels <listing-device-labels>`
+.. |n3000-fpga-forward-error-correction| replace:: :ref:`N3000 FPGA Forward Error Correction <n3000-fpga-forward-error-correction>`
+.. |common-device-management-tasks| replace:: :ref:`Common Device Management Tasks <common-device-management-tasks>`
+.. |switch-between-static-method-hardware-accelerator-and-srminusi-5f893343ee15| replace:: :ref:`Switch between Static Method Hardware Accelerator and SR-IOV FEC Operator <switch-between-static-method-hardware-accelerator-and-srminusi-5f893343ee15>`
+.. |deprovisioning-board-management-control-from-the-cli| replace:: :ref:`Deprovision Board Management Control from the CLI <deprovisioning-board-management-control-from-the-cli>`
+.. |provisioning-board-management-control-from-horizon| replace:: :ref:`Provision Board Management Control from Horizon <provisioning-board-management-control-from-horizon>`
+.. |provisioning-bmc-after-adding-a-host| replace:: :ref:`Provision BMC after Adding a Host <provisioning-bmc-after-adding-a-host>`
+.. |provisioning-board-management-control-using-the-cli| replace:: :ref:`Provision Board Management Control Using the CLI <provisioning-board-management-control-using-the-cli>`
+.. |provisioning-bmc-when-adding-a-host| replace:: :ref:`Provision BMC when Adding a Host <provisioning-bmc-when-adding-a-host>`
+.. |deprovisioning-board-management-control-from-horizon| replace:: :ref:`Deprovision Board Management Control from Horizon <deprovisioning-board-management-control-from-horizon>`
+.. |install-node-feature-discovery-nfd-starlingx-application-70f6f940bb4a| replace:: :ref:`Install Node Feature Discovery Application <install-node-feature-discovery-nfd-starlingx-application-70f6f940bb4a>`
+.. |relearning-sensor-models| replace:: :ref:`Relearn Sensor Models <relearning-sensor-models>`
+.. |adjusting-sensor-actions-and-audit-intervals| replace:: :ref:`Adjust Sensor Actions and Audit Intervals <adjusting-sensor-actions-and-audit-intervals>`
+.. |cli-commands-for-managing-sensors| replace:: :ref:`CLI Commands for Managing Sensors <cli-commands-for-managing-sensors>`
+.. |suppressing-sensor-actions| replace:: :ref:`Suppress Sensor Actions <suppressing-sensor-actions>`
+.. |changing-a-worker-host-performance-profile| replace:: :ref:`Change a Worker Host Performance Profile <changing-a-worker-host-performance-profile>`
+.. |devices-tab| replace:: :ref:`Devices Tab <devices-tab>`
+.. |labels-tab| replace:: :ref:`Labels Tab <labels-tab>`
+.. |overview-tab| replace:: :ref:`Overview Tab <overview-tab>`
+.. |memory-tab| replace:: :ref:`Memory Tab <memory-tab>`
+.. |interfaces-tab| replace:: :ref:`Interfaces Tab <interfaces-tab>`
+.. |ports-tab| replace:: :ref:`Ports Tab <ports-tab>`
+.. |storage-tab| replace:: :ref:`Storage Tab <storage-tab>`
+.. |lldp-tab| replace:: :ref:`LLDP Tab <lldp-tab>`
+.. |host-details-page| replace:: :ref:`Host Details Page <host-details-page>`
+.. |processor-tab| replace:: :ref:`Processor Tab <processor-tab>`
+.. |hosts-tab| replace:: :ref:`Hosts Tab <hosts-tab>`
+.. |sensors-tab| replace:: :ref:`Sensors Tab <sensors-tab>`
+.. |filesystems-tab| replace:: :ref:`Filesystems Tab <filesystems-tab>`
+.. |listing-node-labels-from-the-cli| replace:: :ref:`List Node Labels from the CLI <listing-node-labels-from-the-cli>`
+.. |configuring-node-labels-using-horizon| replace:: :ref:`Configure Node Labels Using Horizon <configuring-node-labels-using-horizon>`
+.. |removing-node-labels-from-the-cli| replace:: :ref:`Remove Node Labels from the CLI <removing-node-labels-from-the-cli>`
+.. |assigning-node-labels-from-the-cli| replace:: :ref:`Assign Node Labels from the CLI <assigning-node-labels-from-the-cli>`
+.. |shutting-down-starlingx| replace:: :ref:`Shut Down the System <shutting-down-starlingx>`
+.. |starting-starlingx| replace:: :ref:`Start the System <starting-starlingx>`
+.. |the-life-cycle-of-a-host-93640aa2b707| replace:: :ref:`The Life Cycle of a Host <the-life-cycle-of-a-host-93640aa2b707>`
+.. |viewing-lldp-neighbor-information-using-the-cli| replace:: :ref:`View LLDP Neighbor Information Using the CLI <viewing-lldp-neighbor-information-using-the-cli>`
+.. |lldp-overview| replace:: :ref:`LLDP Overview <lldp-overview>`
+.. |viewing-lldp-information-using-horizon| replace:: :ref:`View LLDP Information Using Horizon <viewing-lldp-information-using-horizon>`
+.. |allocating-host-memory-using-horizon| replace:: :ref:`Allocate Host Memory Using Horizon <allocating-host-memory-using-horizon>`
+.. |about-host-memory-provisioning| replace:: :ref:`About Host Memory Provisioning <about-host-memory-provisioning>`
+.. |allocating-host-memory-using-the-cli| replace:: :ref:`Allocate Host Memory Using the CLI <allocating-host-memory-using-the-cli>`
+.. |deleting-a-host-using-the-cli| replace:: :ref:`Delete a Host Using the CLI <deleting-a-host-using-the-cli>`
+.. |force-locking-a-host-using-the-cli| replace:: :ref:`Force Lock a Host Using the CLI <force-locking-a-host-using-the-cli>`
+.. |unlocking-a-host-using-the-cli| replace:: :ref:`Unlock a Host Using the CLI <unlocking-a-host-using-the-cli>`
+.. |rebooting-a-host-using-horizon| replace:: :ref:`Reboot a Host Using Horizon <rebooting-a-host-using-horizon>`
+.. |reinstalling-a-host-using-horizon| replace:: :ref:`Reinstall a Host Using Horizon <reinstalling-a-host-using-horizon>`
+.. |swacting-a-master-controller-using-the-cli| replace:: :ref:`Swact Controllers Using the CLI <swacting-a-master-controller-using-the-cli>`
+.. |locking-a-host-using-the-cli| replace:: :ref:`Lock a Host Using the CLI <locking-a-host-using-the-cli>`
+.. |deleting-a-host-using-horizon| replace:: :ref:`Delete a Host Using Horizon <deleting-a-host-using-horizon>`
+.. |swacting-a-master-controller-using-horizon| replace:: :ref:`Swact Controllers Using Horizon <swacting-a-master-controller-using-horizon>`
+.. |powering-off-a-host-using-the-cli| replace:: :ref:`Power off a Host Using the CLI <powering-off-a-host-using-the-cli>`
+.. |rebooting-a-host-using-the-cli| replace:: :ref:`Reboot a Host Using the CLI <rebooting-a-host-using-the-cli>`
+.. |force-locking-a-host-using-horizon| replace:: :ref:`Force Lock a Host Using Horizon <force-locking-a-host-using-horizon>`
+.. |resetting-a-host-using-horizon| replace:: :ref:`Reset a Host Using Horizon <resetting-a-host-using-horizon>`
+.. |powering-off-a-host-using-horizon| replace:: :ref:`Power off a Host Using Horizon <powering-off-a-host-using-horizon>`
+.. |powering-on-a-host-using-the-cli| replace:: :ref:`Power on a Host Using the CLI <powering-on-a-host-using-the-cli>`
+.. |resetting-a-host-using-the-cli| replace:: :ref:`Reset a Host Using the CLI <resetting-a-host-using-the-cli>`
+.. |powering-on-a-host-using-horizon| replace:: :ref:`Power on a Host Using Horizon <powering-on-a-host-using-horizon>`
+.. |locking-a-host-using-horizon| replace:: :ref:`Lock a Host Using Horizon <locking-a-host-using-horizon>`
+.. |unlocking-a-host-using-horizon| replace:: :ref:`Unlock a Host Using Horizon <unlocking-a-host-using-horizon>`
+.. |cli-commands-for-managing-pci-devices| replace:: :ref:`CLI Commands for Managing PCI Devices <cli-commands-for-managing-pci-devices>`
+.. |resizing-filesystems-on-a-host| replace:: :ref:`Resize Filesystems on a Host <resizing-filesystems-on-a-host>`
+.. |adjusting-the-host-heartbeat-interval-and-heartbeat-response-thresholds| replace:: :ref:`Adjust the Host Heartbeat Interval and Heartbeat Response Thresholds <adjusting-the-host-heartbeat-interval-and-heartbeat-response-thresholds>`
+.. |configuring-heartbeat-failure-action| replace:: :ref:`Configure Heartbeat Failure Action <configuring-heartbeat-failure-action>`
+.. |configuring-multi-node-failure-avoidance| replace:: :ref:`Configure Multi-Node Failure Avoidance <configuring-multi-node-failure-avoidance>`
+.. |reboot-limits-for-host-unlock-d9a26854590a| replace:: :ref:`Reboot Limits for Host Unlock <reboot-limits-for-host-unlock-d9a26854590a>`
+.. |adjusting-the-boot-timeout-interval| replace:: :ref:`Adjust the Boot Timeout Interval <adjusting-the-boot-timeout-interval>`
+.. |handling-maintenance-heartbeat-failure-for-active-controller-service-activation-70fb51663717| replace:: :ref:`Handle Maintenance Heartbeat Failure for Active Controller Service Activation <handling-maintenance-heartbeat-failure-for-active-controller-service-activation-70fb51663717>`
+.. |single-physical-core-for-platform-function-in-all-in-one-deployments-bec61d5a13f4| replace:: :ref:`Single Physical Core for Platform Function in All-In-One Deployments <single-physical-core-for-platform-function-in-all-in-one-deployments-bec61d5a13f4>`
+.. |host-cpu-mhz-parameters-configuration-d9ccf907ede0| replace:: :ref:`Host CPU MHz Parameters Configuration <host-cpu-mhz-parameters-configuration-d9ccf907ede0>`
+.. |displaying-worker-host-information| replace:: :ref:`Display Worker Host Information <displaying-worker-host-information>`
+.. |uninstall-node-feature-discovery-nfd-starlingx-application-a582bfdadfb8| replace:: :ref:`Uninstall Node Feature Discovery Application <uninstall-node-feature-discovery-nfd-starlingx-application-a582bfdadfb8>`
+.. |configurable-power-manager-04c24b536696| replace:: :ref:`Configurable Power Manager <configurable-power-manager-04c24b536696>`
+.. |host-status-and-alarms-during-system-configuration-changes| replace:: :ref:`Host Status and Alarms During System Configuration Changes <host-status-and-alarms-during-system-configuration-changes>`
+.. |install-power-metrics-application-a12de3db7478| replace:: :ref:`Install Power Metrics Application <install-power-metrics-application-a12de3db7478>`
+.. |configuring-cpu-core-assignments-using-cli-96ee12bdfc83| replace:: :ref:`Configuring CPU Core Assignments Using CLI <configuring-cpu-core-assignments-using-cli-96ee12bdfc83>`
+.. |configuring-cpu-core-assignments| replace:: :ref:`Configure CPU Core Assignments Using Horizon <configuring-cpu-core-assignments>`
+.. |changing-the-hyper-threading-status| replace:: :ref:`Change the Hyper-threading Status <changing-the-hyper-threading-status>`
+.. |configure-intel-e810-nics-using-intel-ethernet-operator| replace:: :ref:`Configure Intel E810 NICs using Intel Ethernet Operator <configure-intel-e810-nics-using-intel-ethernet-operator>`
+.. |security-overview| replace:: :ref:`Overview <security-overview>`
+.. |install-a-trusted-ca-certificate| replace:: :ref:`Install a Trusted CA Certificate <install-a-trusted-ca-certificate>`
+.. |config-and-management-using-container-backed-remote-clis-and-clients| replace:: :ref:`Use Container-backed Remote CLIs and Clients <config-and-management-using-container-backed-remote-clis-and-clients>`
+.. |update-the-domain-name| replace:: :ref:`Update the Domain Name <update-the-domain-name>`
+.. |install-rest-api-and-horizon-certificate| replace:: :ref:`Install REST API and Horizon Certificate <install-rest-api-and-horizon-certificate>`
+.. |configure-remote-clis-and-clients| replace:: :ref:`Configure Remote CLIs <configure-remote-clis-and-clients>`
+.. |access-using-the-default-set-up| replace:: :ref:`Access Using the Default Set-up <access-using-the-default-set-up>`
+.. |use-local-clis| replace:: :ref:`Use Local CLIs <use-local-clis>`
+.. |openstack-keystone-accounts| replace:: :ref:`OpenStack Keystone Accounts <openstack-keystone-accounts>`
+.. |security-system-account-password-rules| replace:: :ref:`Keystone Account Password Rules <security-system-account-password-rules>`
+.. |openstack-login-protection| replace:: :ref:`Login Protection <openstack-login-protection>`
+.. |index-security-84d0d8aa401b| replace:: :ref:`Security <index-security-84d0d8aa401b>`
+.. |pod-security-admission-controller-8e9e6994100f| replace:: :ref:`Pod Security Admission Controller <pod-security-admission-controller-8e9e6994100f>`
+.. |install-update-the-starlingx-rest-and-web-server-certificate| replace:: :ref:`Install/Update the StarlingX Rest and Web Server Certificate <install-update-the-starlingx-rest-and-web-server-certificate>`
+.. |pod-security-policies| replace:: :ref:`Pod Security Policies <pod-security-policies>`
+.. |remove-portieris| replace:: :ref:`Remove Portieris <remove-portieris>`
+.. |delete-ldap-linux-accounts-7de0782fbafd| replace:: :ref:`Delete LDAP Linux Accounts <delete-ldap-linux-accounts-7de0782fbafd>`
+.. |security-install-update-the-docker-registry-certificate| replace:: :ref:`Local Registry Server Certificates <security-install-update-the-docker-registry-certificate>`
+.. |security-rest-api-access| replace:: :ref:`REST API Access <security-rest-api-access>`
+.. |auditd-support-339a51d8ce16| replace:: :ref:`Linux Auditing System <auditd-support-339a51d8ce16>`
+.. |the-cert-manager-bootstrap-process| replace:: :ref:`Configure cert-manager at Bootstrap <the-cert-manager-bootstrap-process>`
+.. |create-certificates-locally-using-openssl| replace:: :ref:`Create Certificates Locally using openssl <create-certificates-locally-using-openssl>`
+.. |overview-of-system-accounts| replace:: :ref:`Linux User Accounts <overview-of-system-accounts>`
+.. |migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d| replace:: :ref:`Update system-local-ca or Migrate Platform Certificates to use Cert Manager <migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d>`
+.. |enable-apparmor-log-bb600560d794| replace:: :ref:`Enable AppArmor Log <enable-apparmor-log-bb600560d794>`
+.. |create-certificates-locally-using-cert-manager-on-the-controller| replace:: :ref:`Create Certificates Locally using cert-manager on the Controller <create-certificates-locally-using-cert-manager-on-the-controller>`
+.. |starlingx-system-accounts-system-account-password-rules| replace:: :ref:`System Account Password Rules <starlingx-system-accounts-system-account-password-rules>`
+.. |establish-keystone-credentials-from-a-linux-account| replace:: :ref:`For StarlingX and Platform OpenStack CLIs from a Local LDAP Linux Account Login <establish-keystone-credentials-from-a-linux-account>`
+.. |oidc-client-dex-server-certificates-dc174462d51a| replace:: :ref:`OIDC Client Dex Server Certificates <oidc-client-dex-server-certificates-dc174462d51a>`
+.. |apply-a-profile-to-a-pod-c2fa4d958dec| replace:: :ref:`Apply a Profile to a Pod <apply-a-profile-to-a-pod-c2fa4d958dec>`
+.. |centralized-vs-distributed-oidc-auth-setup| replace:: :ref:`Centralized vs Distributed OIDC Authentication Setup <centralized-vs-distributed-oidc-auth-setup>`
+.. |vault-server-certificate-8573125eeea6| replace:: :ref:`Vault Server Certificate <vault-server-certificate-8573125eeea6>`
+.. |firewall-port-overrides| replace:: :ref:`Firewall Port Overrides <firewall-port-overrides>`
+.. |operator-command-logging| replace:: :ref:`StarlingX Operator Command Logging <operator-command-logging>`
+.. |manual-kubernetes-root-ca-certificate-update-8e9df2cd7fb9| replace:: :ref:`Manual Kubernetes Root CA Certificate Update <manual-kubernetes-root-ca-certificate-update-8e9df2cd7fb9>`
+.. |enable-use-of-cert-manager-acmesolver-image-in-a-particular-namespace| replace:: :ref:`Enable Use of cert-manager-acmesolver Image in a Particular Namespace <enable-use-of-cert-manager-acmesolver-image-in-a-particular-namespace>`
+.. |portieris-overview| replace:: :ref:`Portieris Overview <portieris-overview>`
+.. |about-apparmor-ebdab8f1ed87| replace:: :ref:`About AppArmor <about-apparmor-ebdab8f1ed87>`
+.. |resource-management| replace:: :ref:`Resource Management <resource-management>`
+.. |enable-disable-apparmor-on-a-host-63a7a184d310| replace:: :ref:`Enable/Disable AppArmor on a Host <enable-disable-apparmor-on-a-host-63a7a184d310>`
+.. |types-of-system-accounts| replace:: :ref:`Types of System Accounts <types-of-system-accounts>`
+.. |keystone-security-compliance-configuration-b149adca6a7f| replace:: :ref:`Keystone Security Compliance Configuration <keystone-security-compliance-configuration-b149adca6a7f>`
+.. |authentication-of-software-delivery| replace:: :ref:`Authentication of Software Delivery <authentication-of-software-delivery>`
+.. |add-a-trusted-ca| replace:: :ref:`System Trusted CA Certificates <add-a-trusted-ca>`
+.. |local-ldap-linux-user-accounts| replace:: :ref:`Local LDAP Linux User Accounts <local-ldap-linux-user-accounts>`
+.. |use-uefi-secure-boot| replace:: :ref:`Use UEFI Secure Boot <use-uefi-secure-boot>`
+.. |sssd-support-5fb6c4b0320b| replace:: :ref:`SSH User Authentication using Windows Active Directory (WAD) <sssd-support-5fb6c4b0320b>`
+.. |overview-of-uefi-secure-boot| replace:: :ref:`Overview of UEFI Secure Boot <overview-of-uefi-secure-boot>`
+.. |password-recovery| replace:: :ref:`Keystone Password Recovery <password-recovery>`
+.. |configure-docker-registry-certificate-after-installation-c519edbfe90a| replace:: :ref:`Configure Docker Registry Certificate <configure-docker-registry-certificate-after-installation-c519edbfe90a>`
+.. |cve-maintenance-723cd9dd54b3| replace:: :ref:`CVE Maintenance <cve-maintenance-723cd9dd54b3>`
+.. |configure-kubernetes-client-access| replace:: :ref:`Configure Kubernetes Client Access <configure-kubernetes-client-access>`
+.. |remote-windows-active-directory-accounts| replace:: :ref:`Remote Windows Active Directory Accounts <remote-windows-active-directory-accounts>`
+.. |cert-manager-post-installation-setup| replace:: :ref:`Cert-Manager Post Installation Setup <cert-manager-post-installation-setup>`
+.. |configure-remote-cli-access| replace:: :ref:`Configure Remote CLI Access <configure-remote-cli-access>`
+.. |starlingx-rest-api-applications-and-the-web-admin-server-cert-9196c5794834| replace:: :ref:`System Local CA Issuer <starlingx-rest-api-applications-and-the-web-admin-server-cert-9196c5794834>`
+.. |install-security-profiles-operator-1b2f9a0f0108| replace:: :ref:`Install Security Profiles Operator (SPO) <install-security-profiles-operator-1b2f9a0f0108>`
+.. |operator-login-authentication-logging| replace:: :ref:`Operator Login/Authentication Logging <operator-login-authentication-logging>`
+.. |configure-the-keystone-token-expiration-time| replace:: :ref:`Configure the Keystone Token Expiration Time <configure-the-keystone-token-expiration-time>`
+.. |security-feature-configuration-for-spectre-and-meltdown| replace:: :ref:`Security Feature Configuration for Spectre and Meltdown <security-feature-configuration-for-spectre-and-meltdown>`
+.. |linux-accounts-password-3dcad436dce4| replace:: :ref:`Linux Accounts Password Rules <linux-accounts-password-3dcad436dce4>`
+.. |configure-horizon-user-lockout-on-failed-logins| replace:: :ref:`Configure Horizon User Lockout on Failed Logins <configure-horizon-user-lockout-on-failed-logins>`
+.. |kubernetes-cli-from-local-ldap-linux-account-login| replace:: :ref:`For Kubernetes CLI from a Local LDAP Linux Account Login <kubernetes-cli-from-local-ldap-linux-account-login>`
+.. |manage-keystone-accounts| replace:: :ref:`Manage Keystone Accounts <manage-keystone-accounts>`
+.. |kubernetes-certificates-f4196d7cae9c| replace:: :ref:`Kubernetes Certificates <kubernetes-certificates-f4196d7cae9c>`
+.. |security-access-the-gui| replace:: :ref:`Access the GUI <security-access-the-gui>`
+.. |install-portieris| replace:: :ref:`Install Portieris <install-portieris>`
+.. |disable-pod-security-policy-checking| replace:: :ref:`Disable Pod Security Policy Checking <disable-pod-security-policy-checking>`
+.. |configure-local-cli-access| replace:: :ref:`Configure Local CLI Access <configure-local-cli-access>`
+.. |deprovision-ldap-server-authentication| replace:: :ref:`Deprovision LDAP Server Authentication <deprovision-ldap-server-authentication>`
+.. |overview-of-ldap-servers| replace:: :ref:`Overview of LDAP Servers <overview-of-ldap-servers>`
+.. |etcd-certificates-c1fc943e4a9c| replace:: :ref:`Etcd Certificates <etcd-certificates-c1fc943e4a9c>`
+.. |install-the-kubernetes-dashboard| replace:: :ref:`Install the Kubernetes Dashboard <install-the-kubernetes-dashboard>`
+.. |enable-https-access-for-starlingx-rest-and-web-server-endpoints| replace:: :ref:`Enable HTTPS Access for StarlingX REST and Web Server Endpoints <enable-https-access-for-starlingx-rest-and-web-server-endpoints>`
+.. |assign-pod-security-policies| replace:: :ref:`Assign Pod Security Policies <assign-pod-security-policies>`
+.. |install-vault| replace:: :ref:`Install Vault <install-vault>`
+.. |configure-vault| replace:: :ref:`Configure Vault Using the Vault REST API <configure-vault>`
+.. |configure-rest-api-applications-and-web-administration-server-certificates-after-installation-6816457ab95f| replace:: :ref:`Configure REST API Applications and Web Administration Server certificate <configure-rest-api-applications-and-web-administration-server-certificates-after-installation-6816457ab95f>`
+.. |configure-oidc-auth-applications| replace:: :ref:`Set up OIDC Auth Applications <configure-oidc-auth-applications>`
+.. |remote-access-for-linux-accounts| replace:: :ref:`Remote Access for Linux Accounts <remote-access-for-linux-accounts>`
+.. |partial-disk-transparent-encryption-support-via-software-enc-27a570f3142c| replace:: :ref:`Partial Disk (Transparent) Encryption Support via Software Encryption (LUKS) <partial-disk-transparent-encryption-support-via-software-enc-27a570f3142c>`
+.. |alarm-expiring-soon-and-expired-certificates-baf5b8f73009| replace:: :ref:`Expiring-Soon and Expired Certificate Alarms <alarm-expiring-soon-and-expired-certificates-baf5b8f73009>`
+.. |configure-kubernetes-for-oidc-token-validation-while-bootstrapping-the-system| replace:: :ref:`Configure Kubernetes for OIDC Token Validation while Bootstrapping the System <configure-kubernetes-for-oidc-token-validation-while-bootstrapping-the-system>`
+.. |security-default-firewall-rules| replace:: :ref:`Default Firewall Rules <security-default-firewall-rules>`
+.. |https-access-overview| replace:: :ref:`HTTPS and Certificates Management Overview <https-access-overview>`
+.. |connecting-to-container-registries-through-a-firewall-or-proxy| replace:: :ref:`Connect to Container Registries through a Firewall or Proxy <connecting-to-container-registries-through-a-firewall-or-proxy>`
+.. |security-vault-overview| replace:: :ref:`Vault Overview <security-vault-overview>`
+.. |using-container-backed-remote-clis-and-clients| replace:: :ref:`Use Container-backed Remote CLIs and Clients <using-container-backed-remote-clis-and-clients>`
+.. |password-recovery-for-linux-user-accounts| replace:: :ref:`Password Recovery for Linux User Accounts <password-recovery-for-linux-user-accounts>`
+.. |about-keystone-accounts| replace:: :ref:`Keystone Accounts <about-keystone-accounts>`
+.. |private-namespace-and-restricted-rbac| replace:: :ref:`Private Namespace and Restricted RBAC <private-namespace-and-restricted-rbac>`
+.. |configure-kubernetes-for-oidc-token-validation-after-bootstrapping-the-system| replace:: :ref:`Configure Kubernetes for OIDC Token Validation after Bootstrapping the System <configure-kubernetes-for-oidc-token-validation-after-bootstrapping-the-system>`
+.. |keystone-account-roles-64098d1abdc1| replace:: :ref:`Keystone Account Roles <keystone-account-roles-64098d1abdc1>`
+.. |remove-vault| replace:: :ref:`Remove Vault <remove-vault>`
+.. |local-ldap-certificates-4e1df1e39341| replace:: :ref:`Local LDAP Certificates <local-ldap-certificates-4e1df1e39341>`
+.. |encrypt-kubernetes-secret-data-at-rest| replace:: :ref:`Encrypt Kubernetes Secret Data at Rest <encrypt-kubernetes-secret-data-at-rest>`
+.. |security-install-kubectl-and-helm-clients-directly-on-a-host| replace:: :ref:`Install Kubectl and Helm Clients Directly on a Host <security-install-kubectl-and-helm-clients-directly-on-a-host>`
+.. |configure-vault-using-the-cli| replace:: :ref:`Configure Vault Using the Vault CLI <configure-vault-using-the-cli>`
+.. |the-sysadmin-account| replace:: :ref:`The sysadmin Account <the-sysadmin-account>`
+.. |dc-admin-endpoint-certificates-8fe7adf3f932| replace:: :ref:`Distributed Cloud Admin Endpoint Certificates <dc-admin-endpoint-certificates-8fe7adf3f932>`
+.. |manage-local-ldap-39fe3a85a528| replace:: :ref:`Manage Composite Local LDAP Accounts at Scale <manage-local-ldap-39fe3a85a528>`
+.. |profile-management-a8df19c86a5d| replace:: :ref:`Profile Management <profile-management-a8df19c86a5d>`
+.. |kubernetes-root-ca-certificate-update-cloud-orchestration-a627f9d02d6d| replace:: :ref:`Kubernetes Root CA Certificate Update Cloud Orchestration <kubernetes-root-ca-certificate-update-cloud-orchestration-a627f9d02d6d>`
+.. |kubernetes-root-ca-certificate| replace:: :ref:`Install Custom Kubernetes Root CA Certificate <kubernetes-root-ca-certificate>`
+.. |author-apparmor-profiles-b02de0a22771| replace:: :ref:`Author AppArmor Profiles <author-apparmor-profiles-b02de0a22771>`
+.. |enable-public-use-of-the-cert-manager-acmesolver-image| replace:: :ref:`Enable Public Use of the cert-manager-acmesolver Image <enable-public-use-of-the-cert-manager-acmesolver-image>`
+.. |configure-http-and-https-ports-for-horizon-using-the-cli| replace:: :ref:`Configure HTTP and HTTPS Ports for Horizon Using the CLI <configure-http-and-https-ports-for-horizon-using-the-cli>`
+.. |local-ldap-user-password-expiry-mechanism-eba5d34abbd4| replace:: :ref:`Local LDAP user password expiry control <local-ldap-user-password-expiry-mechanism-eba5d34abbd4>`
+.. |security-firewall-options| replace:: :ref:`Modify Firewall Options <security-firewall-options>`
+.. |security-configure-container-backed-remote-clis-and-clients| replace:: :ref:`Configure Container-backed Remote CLIs and Clients <security-configure-container-backed-remote-clis-and-clients>`
+.. |update-renew-kubernetes-certificates-52b00bd0bdae| replace:: :ref:`Update/Renew Kubernetes Certificates <update-renew-kubernetes-certificates-52b00bd0bdae>`
+.. |keystone-accounts| replace:: :ref:`Keystone Accounts <keystone-accounts>`
+.. |create-ldap-linux-accounts| replace:: :ref:`Create LDAP Linux Accounts <create-ldap-linux-accounts>`
+.. |portieris-server-certificate-a0c7054844bd| replace:: :ref:`Portieris Server Certificate <portieris-server-certificate-a0c7054844bd>`
+.. |portieris-clusterimagepolicy-and-imagepolicy-configuration| replace:: :ref:`Portieris ClusterImagePolicy and ImagePolicy Configuration <portieris-clusterimagepolicy-and-imagepolicy-configuration>`
+.. |selectively-disable-ssh-for-local-openldap-and-wad-users-e5aaf09e790c| replace:: :ref:`Selectively Disable SSH for Local OpenLDAP and WAD Users <selectively-disable-ssh-for-local-openldap-and-wad-users-e5aaf09e790c>`
+.. |security-cert-manager| replace:: :ref:`Cert Manager <security-cert-manager>`
+.. |enable-pod-security-policy-checking| replace:: :ref:`Enable Pod Security Policy Checking <enable-pod-security-policy-checking>`
+.. |starlingx-rest-api-applications-and-the-web-administration-server| replace:: :ref:`StarlingX REST API Applications and the Web Administration Server Certificate <starlingx-rest-api-applications-and-the-web-administration-server>`
+.. |starlingx-openstack-kubernetes-from-stsadmin-account-login| replace:: :ref:`For StarlingX, Platform OpenStack and Kubernetes CLIs from the 'sysadmin' Linux Account Login <starlingx-openstack-kubernetes-from-stsadmin-account-login>`
+.. |configure-users-groups-and-authorization| replace:: :ref:`Configure Users, Groups, and Authorization <configure-users-groups-and-authorization>`
+.. |kubernetes-operator-command-logging-663fce5d74e7| replace:: :ref:`Kubernetes Operator Command Logging <kubernetes-operator-command-logging-663fce5d74e7>`
+.. |estabilish-credentials-for-linux-user-accounts| replace:: :ref:`Establish Credentials for Linux User Accounts <estabilish-credentials-for-linux-user-accounts>`
+.. |keystone-account-authentication| replace:: :ref:`Keystone Account Authentication <keystone-account-authentication>`
+.. |enable-the-use-of-cert-manager-apis-by-an-arbitrary-user| replace:: :ref:`Enable the Use of cert-manager APIs by an Arbitrary User <enable-the-use-of-cert-manager-apis-by-an-arbitrary-user>`
+.. |index-planning-332af0718d15| replace:: :ref:`Planning <index-planning-332af0718d15>`
+.. |resource-planning| replace:: :ref:`Resource Placement <resource-planning>`
+.. |index-planning-os-e815f964d279| replace:: :ref:`Network planning <index-planning-os-e815f964d279>`
+.. |secure-https-external-connectivity| replace:: :ref:`Secure HTTPS External Connectivity <secure-https-external-connectivity>`
+.. |local-and-ldap-linux-user-accounts| replace:: :ref:`Local LDAP Linux User Accounts <local-and-ldap-linux-user-accounts>`
+.. |container-security-df8a251ec03f| replace:: :ref:`Container Security Planning <container-security-df8a251ec03f>`
+.. |ssh-and-console-login-timeout| replace:: :ref:`SSH and Console Login Timeout <ssh-and-console-login-timeout>`
+.. |starlingx-accounts| replace:: :ref:`StarlingX Accounts <starlingx-accounts>`
+.. |isolate-starlingx-internal-cloud-management-network| replace:: :ref:`Isolate StarlingX's Internal Cloud Management Network <isolate-starlingx-internal-cloud-management-network>`
+.. |verified-commercial-hardware| replace:: :ref:`Kubernetes Verified Commercial Hardware <verified-commercial-hardware>`
+.. |system-account-password-rules| replace:: :ref:`System Account Password Rules <system-account-password-rules>`
+.. |security-hardening-intro| replace:: :ref:`Security Hardening Introduction <security-hardening-intro>`
+.. |network-addressing-requirements-2fac0035b878| replace:: :ref:`Network Addressing Requirements <network-addressing-requirements-2fac0035b878>`
+.. |uefi-secure-boot| replace:: :ref:`UEFI Secure Boot <uefi-secure-boot>`
+.. |security-hardening-firewall-options| replace:: :ref:`Firewall Options <security-hardening-firewall-options>`
+.. |web-administration-login-timeout| replace:: :ref:`Web Administration Login Timeout <web-administration-login-timeout>`
+.. |local-linux-account-for-sysadmin| replace:: :ref:`Local Linux Account for 'sysadmin' <local-linux-account-for-sysadmin>`
+.. |index-sysconf-d511820651f0| replace:: :ref:`System Configuration <index-sysconf-d511820651f0>`
+.. |customize-openstack-horizon-and-login-banner-branding| replace:: :ref:`Customize OpenStack Horizon and Login Banner Branding <customize-openstack-horizon-and-login-banner-branding>`
+.. |export-and-import-cinder-backups-to-ceph-pool| replace:: :ref:`Export and Import Cinder Backups to Ceph Pool <export-and-import-cinder-backups-to-ceph-pool>`
+.. |configure-the-nfs-backend-on-cinder-backup| replace:: :ref:`Configure the NFS Backend on Cinder-Backup <configure-the-nfs-backend-on-cinder-backup>`
+.. |enabling-the-qos-extension-for-neutron| replace:: :ref:`Enable the QoS Extension for Neutron <enabling-the-qos-extension-for-neutron>`
+.. |using-helm-overrides-to-enable-internal-dns| replace:: :ref:`Enable Internal DNS in Neutron <using-helm-overrides-to-enable-internal-dns>`
+.. |dkn1600946881404| replace:: :ref:`Assign a Dedicated VLAN ID to a Target Project Network <dkn1600946881404>`
+.. |enabling-the-trunk-extension-for-neutron| replace:: :ref:`Enable the Trunk Extension for Neutron <enabling-the-trunk-extension-for-neutron>`
+.. |configure-a-live-migration-parameters-in-nova-6154238dfc6d| replace:: :ref:`Configure Live Migration Parameters in Nova <configure-a-live-migration-parameters-in-nova-6154238dfc6d>`
+.. |system-configuration-overview| replace:: :ref:`Overview of Configuring StarlingX OpenStack <system-configuration-overview>`
+.. |configuring-a-pci-alias-in-nova| replace:: :ref:`Configure a PCI Alias in Nova <configuring-a-pci-alias-in-nova>`
+.. |enhanced-rbac-policies| replace:: :ref:`Enhanced RBAC Policies <enhanced-rbac-policies>`
+.. |configuring-the-rpc-response-timeout-in-cinder| replace:: :ref:`Configure the RPC Response Timeout in Cinder <configuring-the-rpc-response-timeout-in-cinder>`
+.. |changing-the-timezone-configuration| replace:: :ref:`Change the Timezone Configuration <changing-the-timezone-configuration>`
+.. |specifying-dns-servers-using-horizon| replace:: :ref:`Specify DNS Servers Using Horizon <specifying-dns-servers-using-horizon>`
+.. |creating-a-custom-branding-tarball| replace:: :ref:`Create a Custom Horizon Branding Tarball <creating-a-custom-branding-tarball>`
+.. |changing-the-oam-ip-configuration-using-horizon| replace:: :ref:`Change the OAM IP Configuration Using Horizon <changing-the-oam-ip-configuration-using-horizon>`
+.. |branding-the-login-banner-during-commissioning| replace:: :ref:`Brand the Login Banner During Commissioning <branding-the-login-banner-during-commissioning>`
+.. |verify-the-registry-secret-changes-and-secret-key-in-system-database| replace:: :ref:`Verify the Registries' Secret Configuration Changes <verify-the-registry-secret-changes-and-secret-key-in-system-database>`
+.. |sysconf-application-commands-and-helm-overrides| replace:: :ref:`Application Commands and Helm Overrides <sysconf-application-commands-and-helm-overrides>`
+.. |configuring-ntp-servers-and-services-using-the-cli| replace:: :ref:`Configure NTP Servers Using the CLI <configuring-ntp-servers-and-services-using-the-cli>`
+.. |converting-a-duplex-system-to-switch-based-connection| replace:: :ref:`Convert a Duplex System to Switch-Based Connection <converting-a-duplex-system-to-switch-based-connection>`
+.. |remove-ptp-configurations-4885c027dfa5| replace:: :ref:`Remove PTP Configurations <remove-ptp-configurations-4885c027dfa5>`
+.. |system-config-helm-package-manager| replace:: :ref:`Helm Package Manager <system-config-helm-package-manager>`
+.. |changing-the-mtu-of-an-oam-interface-using-the-cli| replace:: :ref:`Change the MTU of an OAM Interface Using the CLI <changing-the-mtu-of-an-oam-interface-using-the-cli>`
+.. |update-the-registry-secrets| replace:: :ref:`Update the Registries' Auth-Secrets <update-the-registry-secrets>`
+.. |configuring-ptp-service-using-the-cli| replace:: :ref:`Configure PTP Service Using the CLI <configuring-ptp-service-using-the-cli>`
+.. |advanced-ptp-configuration-334a08dc50fb| replace:: :ref:`Advanced PTP Configuration <advanced-ptp-configuration-334a08dc50fb>`
+.. |system-configuration-starlingx-application-package-manager| replace:: :ref:`StarlingX Application Package Manager <system-configuration-starlingx-application-package-manager>`
+.. |applying-a-custom-branding-tarball-to-newly-installed-systems| replace:: :ref:`Apply a Custom Horizon Branding Tarball to Newly Installed Systems <applying-a-custom-branding-tarball-to-newly-installed-systems>`
+.. |customize-crashdumpmanager-46e0d32891a0| replace:: :ref:`Customize Crash-dump-manager <customize-crashdumpmanager-46e0d32891a0>`
+.. |ptp-instance-troubleshooting-7a7c576ee57a| replace:: :ref:`PTP Instance Troubleshooting <ptp-instance-troubleshooting-7a7c576ee57a>`
+.. |create-the-registry-secrets| replace:: :ref:`Create the Registries' Auth-Secrets <create-the-registry-secrets>`
+.. |change-the-default-coredump-configuration-51ff4ce0c9ae| replace:: :ref:`Change the Default Coredump Configuration <change-the-default-coredump-configuration-51ff4ce0c9ae>`
+.. |configure-collectd-to-store-host-performance-data-caf7802851bc| replace:: :ref:`Configure collectd to Store Host Performance Data <configure-collectd-to-store-host-performance-data-caf7802851bc>`
+.. |check-new-registry-and-reapply-application| replace:: :ref:`Check New Registry and Reapply Application <check-new-registry-and-reapply-application>`
+.. |limit-number-of-processes-per-pod| replace:: :ref:`Limit Number of Processes per Pod <limit-number-of-processes-per-pod>`
+.. |redundant-system-clock-synchronization-89ee23f54fbb| replace:: :ref:`Redundant System Clock Synchronization <redundant-system-clock-synchronization-89ee23f54fbb>`
+.. |change-the-registry-url| replace:: :ref:`Change the Registries' URLs <change-the-registry-url>`
+.. |ptp-interfaces-df73e9b43677| replace:: :ref:`PTP Interfaces <ptp-interfaces-df73e9b43677>`
+.. |kubernetes-pod-coredump-handler-54d27a0fd2ec| replace:: :ref:`Kubernetes Pod Core Dump Handler <kubernetes-pod-coredump-handler-54d27a0fd2ec>`
+.. |about-changing-external-registries-for-starlingx-installation| replace:: :ref:`About Changing External Registries for StarlingX Installation <about-changing-external-registries-for-starlingx-installation>`
+.. |gnss-and-synce-support-62004dc97f3e| replace:: :ref:`SyncE Introduction <gnss-and-synce-support-62004dc97f3e>`
+.. |changing-the-mtu-of-an-oam-interface-using-horizon| replace:: :ref:`Change the MTU of an OAM Interface Using Horizon <changing-the-mtu-of-an-oam-interface-using-horizon>`
+.. |user-host-entries-configuration-9ad4c060eb15| replace:: :ref:`User-Defined Host Entries Configuration <user-host-entries-configuration-9ad4c060eb15>`
+.. |validate-existing-registry-and-new-url| replace:: :ref:`Display Updated Registries' URLs and Auth-Secrets <validate-existing-registry-and-new-url>`
+.. |add-the-ca-certificate-for-new-registry| replace:: :ref:`Add the CA Certificate for New Registry <add-the-ca-certificate-for-new-registry>`
+.. |resynchronizing-a-host-to-the-ntp-server| replace:: :ref:`Resynchronize a Host to the NTP Server <resynchronizing-a-host-to-the-ntp-server>`
+.. |intel-multi-driver-version-5e23e989daf5| replace:: :ref:`Intel Multi-driver Version <intel-multi-driver-version-5e23e989daf5>`
+.. |converting-a-duplex-system-to-direct-connection| replace:: :ref:`Convert a Duplex System to Direct Connection <converting-a-duplex-system-to-direct-connection>`
+.. |branding-the-login-banner-on-a-commissioned-system| replace:: :ref:`Brand the Login Banner on a Commissioned System <branding-the-login-banner-on-a-commissioned-system>`
+.. |instance-specific-considerations-d9d9509c79dd| replace:: :ref:`Instance Specific Considerations <instance-specific-considerations-d9d9509c79dd>`
+.. |ptp-instance-examples-517dce312f56| replace:: :ref:`Example PTP Instance Configurations <ptp-instance-examples-517dce312f56>`
+.. |ptp-introduction-d981dd710bda| replace:: :ref:`PTP Introduction <ptp-introduction-d981dd710bda>`
+.. |specifying-dns-servers-using-the-cli| replace:: :ref:`Specify DNS Servers Using the CLI <specifying-dns-servers-using-the-cli>`
+.. |kubernetes-custom-configuration-31c1fd41857d| replace:: :ref:`Kubernetes Custom Configuration <kubernetes-custom-configuration-31c1fd41857d>`
+.. |console-keyboard-mapping| replace:: :ref:`Console Keyboard Mapping <console-keyboard-mapping>`
+.. |changing-the-oam-ip-configuration-using-the-cli| replace:: :ref:`Change the OAM IP Configuration Using the CLI <changing-the-oam-ip-configuration-using-the-cli>`
+.. |configure-silicom-sts-ptp-application-1bc4a8d07aad| replace:: :ref:`Configure PTP on Silicom TimeSync (STS) Server Adapter <configure-silicom-sts-ptp-application-1bc4a8d07aad>`
+.. |applying-a-custom-branding-tarball-to-running-systems| replace:: :ref:`Apply a Custom Horizon Branding Tarball to Running Systems <applying-a-custom-branding-tarball-to-running-systems>`
+.. |release-notes| replace:: :ref:`R10.0 Release Notes <release-notes>`
+.. |create-an-ubuntu-vm-fafb82ec424b| replace:: :ref:`Create an Ubuntu VM <create-an-ubuntu-vm-fafb82ec424b>`
+.. |removal-97cc897941bc| replace:: :ref:`Removal <removal-97cc897941bc>`
+.. |hello-world-kubevirt-vm-05503659173c| replace:: :ref:`Hello World KubeVirt VM <hello-world-kubevirt-vm-05503659173c>`
+.. |index-kubevirt-f1bfd2a21152| replace:: :ref:`KubeVirt <index-kubevirt-f1bfd2a21152>`
+.. |set-up-cdi-proxy-ad165d884417| replace:: :ref:`Set up CDI Proxy <set-up-cdi-proxy-ad165d884417>`
+.. |installation-66477d7646db| replace:: :ref:`Installation <installation-66477d7646db>`
+.. |create-a-windows-vm-82957181df02| replace:: :ref:`Create a Windows VM <create-a-windows-vm-82957181df02>`
+.. |set-up-remote-management-of-vms-a082461d660e| replace:: :ref:`Set up remote management of VMs <set-up-remote-management-of-vms-a082461d660e>`
+.. |introduction-bb3a04279bf5| replace:: :ref:`Introduction <introduction-bb3a04279bf5>`
+.. |index-deploy-da06a98b83b1| replace:: :ref:`Deployment Configurations <index-deploy-da06a98b83b1>`
+.. |deploy-edgeworker-nodes| replace:: :ref:`Deploy Edgeworker Nodes <deploy-edgeworker-nodes>`
+.. |deployment-config-options-all-in-one-duplex-configuration| replace:: :ref:`All-in-one (AIO) Duplex Configuration <deployment-config-options-all-in-one-duplex-configuration>`
+.. |deployment-config-optionsall-in-one-simplex-configuration| replace:: :ref:`All-in-one (AIO) Simplex Configuration <deployment-config-optionsall-in-one-simplex-configuration>`
+.. |common-components| replace:: :ref:`Common Components <common-components>`
+.. |deployment-and-configuration-options-standard-configuration-with-controller-storage| replace:: :ref:`Standard Configuration with Controller Storage <deployment-and-configuration-options-standard-configuration-with-controller-storage>`
+.. |worker-function-performance-profiles| replace:: :ref:`Worker Function Performance Profiles <worker-function-performance-profiles>`
+.. |standard-configuration-with-dedicated-storage| replace:: :ref:`Standard Configuration with Dedicated Storage <standard-configuration-with-dedicated-storage>`
+.. |deployment-options| replace:: :ref:`Deployment Options <deployment-options>`
+.. |setup-simple-dns-server-in-lab-r7| replace:: :ref:`Set up a Simple DNS Server in the Lab <setup-simple-dns-server-in-lab-r7>`
+.. |bulk-host-xml-file-format-r7| replace:: :ref:`Bulk Host XML File Format <bulk-host-xml-file-format-r7>`
+.. |exporting-host-configurations-r7| replace:: :ref:`Export Host Configurations <exporting-host-configurations-r7>`
+.. |delete-hosts-using-the-host-delete-command-1729d2e3153b-r7| replace:: :ref:`Delete Hosts Using the Command Line <delete-hosts-using-the-host-delete-command-1729d2e3153b-r7>`
+.. |bootstrapping-from-a-private-docker-registry-r7| replace:: :ref:`Bootstrapping from a Private Docker Registry <bootstrapping-from-a-private-docker-registry-r7>`
+.. |reinstalling-a-system-or-a-host-r7| replace:: :ref:`Reinstall a System or a Host <reinstalling-a-system-or-a-host-r7>`
+.. |pxe-boot-controller-0-d5da025c2524| replace:: :ref:`PXE Boot Controller-0 <pxe-boot-controller-0-d5da025c2524>`
+.. |controller_storage_install_kubernetes_r7| replace:: :ref:`Install Kubernetes Platform on Standard with Controller Storage <controller_storage_install_kubernetes_r7>`
+.. |adding-hosts-using-the-host-add-command-r7| replace:: :ref:`Add Hosts Using the Command Line <adding-hosts-using-the-host-add-command-r7>`
+.. |reinstalling-a-system-using-an-exported-host-configuration-file-r7| replace:: :ref:`Reinstall a System Using an Exported Host Configuration File <reinstalling-a-system-using-an-exported-host-configuration-file-r7>`
+.. |adding-hosts-in-bulk-r7| replace:: :ref:`Add Hosts in Bulk <adding-hosts-in-bulk-r7>`
+.. |uninstall_delete-r7| replace:: :ref:`Uninstall OpenStack <uninstall_delete-r7>`
+.. |index-install-r7-os-adc44604968c| replace:: :ref:`StarlingX OpenStack <index-install-r7-os-adc44604968c>`
+.. |hybrid-cluster-c7a3134b6f2a-r7| replace:: :ref:`Hybrid Cluster <hybrid-cluster-c7a3134b6f2a-r7>`
+.. |convert-worker-nodes-0007b1532308-r7| replace:: :ref:`Convert Worker Nodes <convert-worker-nodes-0007b1532308-r7>`
+.. |automated_install| replace:: :ref:`Automated Virtual Installation <automated_install>`
+.. |install_virtualbox| replace:: :ref:`Install StarlingX in VirtualBox <install_virtualbox>`
+.. |index-install-r7-8966076f0e81| replace:: :ref:`Development StarlingX Installation <index-install-r7-8966076f0e81>`
+.. |index-install-e083ca818006| replace:: :ref:`Installation Guides <index-install-e083ca818006>`
+.. |index-fault-98d5f50a9b8c| replace:: :ref:`Fault Management <index-fault-98d5f50a9b8c>`
+.. |400-series-log-messages-openstack| replace:: :ref:`400 Log Messages <400-series-log-messages-openstack>`
+.. |alarm-messages-overview-a250f214f65a| replace:: :ref:`Alarm Messages Overview <alarm-messages-overview-a250f214f65a>`
+.. |openstack-fault-management-overview| replace:: :ref:`OpenStack Fault Management Overview <openstack-fault-management-overview>`
+.. |300-series-alarm-messages-openstack| replace:: :ref:`300 Series Alarm Messages <300-series-alarm-messages-openstack>`
+.. |800-series-alarm-messages-openstack| replace:: :ref:`800 Series Alarm Messages <800-series-alarm-messages-openstack>`
+.. |700-series-log-messages-openstack| replace:: :ref:`700 Log Messages <700-series-log-messages-openstack>`
+.. |log-entries-overview-4f1dde7286c2| replace:: :ref:`Log Entries Overview <log-entries-overview-4f1dde7286c2>`
+.. |700-series-alarm-messages-openstack| replace:: :ref:`700 Series Alarm Messages <700-series-alarm-messages-openstack>`
+.. |100-series-alarm-messages-openstack| replace:: :ref:`100 Series Alarm Messages <100-series-alarm-messages-openstack>`
+.. |alarm-messages-overview-19c242d3d151| replace:: :ref:`Alarm Messages Overview <alarm-messages-overview-19c242d3d151>`
+.. |traps| replace:: :ref:`Traps <traps>`
+.. |400-series-log-messages-starlingx| replace:: :ref:`400 Log Messages <400-series-log-messages-starlingx>`
+.. |viewing-active-alarms-using-horizon| replace:: :ref:`View Active Alarms Using Horizon <viewing-active-alarms-using-horizon>`
+.. |200-series-alarm-messages-starlingx| replace:: :ref:`200 Series Alarm Messages <200-series-alarm-messages-starlingx>`
+.. |fault-management-overview| replace:: :ref:`Fault Management Overview <fault-management-overview>`
+.. |setting-snmp-identifying-information| replace:: :ref:`Set SNMP Identifying Information <setting-snmp-identifying-information>`
+.. |viewing-the-event-log-using-horizon| replace:: :ref:`View the Event Log Using Horizon <viewing-the-event-log-using-horizon>`
+.. |900-series-alarm-messages-starlingx| replace:: :ref:`900 Series Alarm Messages <900-series-alarm-messages-starlingx>`
+.. |enabling-snmp-support| replace:: :ref:`Enable SNMP Support <enabling-snmp-support>`
+.. |300-series-alarm-messages-starlingx| replace:: :ref:`300 Series Alarm Messages <300-series-alarm-messages-starlingx>`
+.. |800-series-alarm-messages-starlingx| replace:: :ref:`800 Series Alarm Messages <800-series-alarm-messages-starlingx>`
+.. |rst1448309104743| replace:: :ref:`SNMP Active Alarms Table <rst1448309104743>`
+.. |export-active-alarms-csv-report-using-horizon-dd1477a8d13e| replace:: :ref:`Export Active Alarms CSV Report Using Horizon <export-active-alarms-csv-report-using-horizon-dd1477a8d13e>`
+.. |unsuppressing-an-alarm-using-the-cli| replace:: :ref:`Unsuppress an Alarm Using the CLI <unsuppressing-an-alarm-using-the-cli>`
+.. |cli-commands-and-paged-output| replace:: :ref:`CLI Commands and Paged Output <cli-commands-and-paged-output>`
+.. |viewing-suppressed-alarms-using-the-cli| replace:: :ref:`View Suppressed Alarms Using the CLI <viewing-suppressed-alarms-using-the-cli>`
+.. |export-event-suppression-csv-report-f314a54f66b9| replace:: :ref:`Export Event Suppression CSV Report <export-event-suppression-csv-report-f314a54f66b9>`
+.. |viewing-active-alarms-using-the-cli| replace:: :ref:`View Active Alarms Using the CLI <viewing-active-alarms-using-the-cli>`
+.. |events-suppression-overview| replace:: :ref:`Events Suppression Overview <events-suppression-overview>`
+.. |900-series-log-messages-starlingx| replace:: :ref:`900 Log Messages <900-series-log-messages-starlingx>`
+.. |deleting-an-alarm-using-the-cli| replace:: :ref:`Delete an Alarm Using the CLI <deleting-an-alarm-using-the-cli>`
+.. |the-global-alarm-banner| replace:: :ref:`The Global Alarm Banner <the-global-alarm-banner>`
+.. |400-series-alarm-messages-starlingx| replace:: :ref:`400 Series Alarm Messages <400-series-alarm-messages-starlingx>`
+.. |troubleshooting-log-collection| replace:: :ref:`Troubleshoot Log Collection <troubleshooting-log-collection>`
+.. |log-entries-overview-597c2c453680| replace:: :ref:`Log Entries Overview <log-entries-overview-597c2c453680>`
+.. |700-series-alarm-messages-starlingx| replace:: :ref:`700 Series Alarm Messages <700-series-alarm-messages-starlingx>`
+.. |suppressing-an-alarm-using-the-cli| replace:: :ref:`Suppress an Alarm Using the CLI <suppressing-an-alarm-using-the-cli>`
+.. |export-event-log-csv-report-using-horizon-1c58a29d7fb6| replace:: :ref:`Export Event Log CSV Report Using Horizon <export-event-log-csv-report-using-horizon-1c58a29d7fb6>`
+.. |snmp-overview| replace:: :ref:`SNMP Overview <snmp-overview>`
+.. |snmp-event-table| replace:: :ref:`SNMP Event Table <snmp-event-table>`
+.. |viewing-alarm-details-using-the-cli| replace:: :ref:`View Alarm Details Using the CLI <viewing-alarm-details-using-the-cli>`
+.. |100-series-alarm-messages-starlingx| replace:: :ref:`100 Series Alarm Messages <100-series-alarm-messages-starlingx>`
+.. |200-series-log-messages-starlingx| replace:: :ref:`200 Log Messages <200-series-log-messages-starlingx>`
+.. |500-series-alarm-messages-starlingx| replace:: :ref:`500 Series Alarm Messages <500-series-alarm-messages-starlingx>`
+.. |suppressing-and-unsuppressing-events| replace:: :ref:`Suppress and Unsuppress Events <suppressing-and-unsuppressing-events>`
+.. |viewing-the-event-log-using-the-cli| replace:: :ref:`View the Event Log Using the CLI <viewing-the-event-log-using-the-cli>`
+.. |index-sample-apps-15fce86ad4bf| replace:: :ref:`Sample Application Deployments <index-sample-apps-15fce86ad4bf>`
+.. |deploy-flexran-2111-on-starlingx-ca139fa4e285| replace:: :ref:`Deploy FlexRAN 21.11 on StarlingX <deploy-flexran-2111-on-starlingx-ca139fa4e285>`
+.. |deploy-flexran-2107-on-starlingx-c4efa00b1b98| replace:: :ref:`Deploy FlexRAN 21.07 on StarlingX <deploy-flexran-2107-on-starlingx-c4efa00b1b98>`
+.. |index-sample-flexran-62d77cbb2ed0| replace:: :ref:`Deploy FlexRAN on StarlingX <index-sample-flexran-62d77cbb2ed0>`
+.. |deploy-flexran-2203-on-starlingx-1d1b15ecb16f| replace:: :ref:`Deploy FlexRAN 22.03 on StarlingX <deploy-flexran-2203-on-starlingx-1d1b15ecb16f>`
+.. |apply-update-to-the-openstack-application| replace:: :ref:`Apply Update to the OpenStack Application <apply-update-to-the-openstack-application>`
+.. |software-updates-and-upgrades-overview| replace:: :ref:`Overview <software-updates-and-upgrades-overview>`
+.. |index-updates-e3b970bb69ce| replace:: :ref:`Updates and Upgrades <index-updates-e3b970bb69ce>`
+.. |update-orchestration-cli| replace:: :ref:`Update Orchestration CLI <update-orchestration-cli>`
+.. |about-kubernetes-orchestrated-upgrades| replace:: :ref:`About Kubernetes Version Upgrade Cloud Orchestration <about-kubernetes-orchestrated-upgrades>`
+.. |managing-software-updates| replace:: :ref:`Manage Software Updates <managing-software-updates>`
+.. |update-status-and-lifecycle| replace:: :ref:`Update Status and Lifecycle <update-status-and-lifecycle>`
+.. |the-kubernetes-update-orchestration-process| replace:: :ref:`Kubernetes Version Upgrade Cloud Orchestration Overview <the-kubernetes-update-orchestration-process>`
+.. |identifying-the-software-version-and-update-level-using-horizon| replace:: :ref:`Identify the Software Version and Update Level Using Horizon <identifying-the-software-version-and-update-level-using-horizon>`
+.. |removing-reboot-required-software-updates| replace:: :ref:`Remove Reboot-Required Software Updates <removing-reboot-required-software-updates>`
+.. |installing-reboot-required-software-updates-using-horizon| replace:: :ref:`Install Reboot-Required Software Updates Using Horizon <installing-reboot-required-software-updates-using-horizon>`
+.. |performing-an-orchestrated-upgrade| replace:: :ref:`Perform an Orchestrated Upgrade <performing-an-orchestrated-upgrade>`
+.. |orchestration-upgrade-overview| replace:: :ref:`Upgrade Orchestration Overview <orchestration-upgrade-overview>`
+.. |handle-firmware-update-orchestration-failures| replace:: :ref:`Handle Firmware Update Orchestration Failures <handle-firmware-update-orchestration-failures>`
+.. |configuring-update-orchestration| replace:: :ref:`Configure Update Orchestration <configuring-update-orchestration>`
+.. |manual-upgrade-overview| replace:: :ref:`Manual Upgrade Overview <manual-upgrade-overview>`
+.. |upgrading-all-in-one-simplex| replace:: :ref:`Upgrade All-in-One Simplex <upgrading-all-in-one-simplex>`
+.. |software-update-space-reclamation| replace:: :ref:`Software Update Space Reclamation <software-update-space-reclamation>`
+.. |aborting-simplex-system-upgrades| replace:: :ref:`Abort Simplex System Upgrades <aborting-simplex-system-upgrades>`
+.. |rolling-back-a-software-upgrade-after-the-second-controller-upgrade| replace:: :ref:`Roll Back a Software Upgrade After the Second Controller Upgrade <rolling-back-a-software-upgrade-after-the-second-controller-upgrade>`
+.. |overview-of-upgrade-abort-procedure| replace:: :ref:`Overview of Upgrade Abort Procedure <overview-of-upgrade-abort-procedure>`
+.. |rolling-back-a-software-upgrade-before-the-second-controller-upgrade| replace:: :ref:`Roll Back a Software Upgrade Before the Second Controller Upgrade <rolling-back-a-software-upgrade-before-the-second-controller-upgrade>`
+.. |firmware-update-operations-requiring-manual-migration| replace:: :ref:`Firmware Update Operations Requiring Manual Migration <firmware-update-operations-requiring-manual-migration>`
+.. |reclaiming-disk-space| replace:: :ref:`Reclaim Disk Space <reclaiming-disk-space>`
+.. |firmware-update-orchestration-using-the-cli| replace:: :ref:`Firmware Update Orchestration Using the CLI <firmware-update-orchestration-using-the-cli>`
+.. |configure-firmware-update-orchestration| replace:: :ref:`Configure Firmware Update Orchestration <configure-firmware-update-orchestration>`
+.. |configuring-kubernetes-update-orchestration| replace:: :ref:`Create Kubernetes Version Upgrade Cloud Orchestration Strategy <configuring-kubernetes-update-orchestration>`
+.. |identifying-the-software-version-and-update-level-using-the-cli| replace:: :ref:`Identify the Software Version and Update Level Using the CLI <identifying-the-software-version-and-update-level-using-the-cli>`
+.. |software-upgrades| replace:: :ref:`Software Upgrades <software-upgrades>`
+.. |performing-an-orchestrated-upgrade-using-the-cli| replace:: :ref:`Perform an Orchestrated Upgrade Using the CLI <performing-an-orchestrated-upgrade-using-the-cli>`
+.. |installing-software-updates-before-initial-commissioning| replace:: :ref:`Install Software Updates Before Initial Commissioning <installing-software-updates-before-initial-commissioning>`
+.. |update-orchestration-overview| replace:: :ref:`Update Orchestration Overview <update-orchestration-overview>`
+.. |in-service-versus-reboot-required-software-updates| replace:: :ref:`In-Service Versus Reboot-Required Software Updates <in-service-versus-reboot-required-software-updates>`
+.. |installing-in-service-software-updates-using-the-cli| replace:: :ref:`Install In-Service Software Updates Using the CLI <installing-in-service-software-updates-using-the-cli>`
+.. |installing-in-service-software-update-using-horizon| replace:: :ref:`Install In-Service Software Update Using Horizon <installing-in-service-software-update-using-horizon>`
+.. |populating-the-storage-area| replace:: :ref:`Populate the Storage Area <populating-the-storage-area>`
+.. |configuring-kubernetes-multi-version-upgrade-orchestration-aio-b0b59a346466| replace:: :ref:`Configure Kubernetes Multi-Version Upgrade Cloud Orchestration for AIO-SX <configuring-kubernetes-multi-version-upgrade-orchestration-aio-b0b59a346466>`
+.. |manual-kubernetes-components-upgrade| replace:: :ref:`Manual Kubernetes Version Upgrade <manual-kubernetes-components-upgrade>`
+.. |overview-of-firmware-update-orchestration| replace:: :ref:`Overview <overview-of-firmware-update-orchestration>`
+.. |handling-kubernetes-update-orchestration-failures| replace:: :ref:`Handle Kubernetes Version Upgrade Orchestration Failures <handling-kubernetes-update-orchestration-failures>`
+.. |upgrading-all-in-one-duplex-or-standard| replace:: :ref:`Upgrade All-in-One Duplex / Standard <upgrading-all-in-one-duplex-or-standard>`
+.. |installing-reboot-required-software-updates-using-the-cli| replace:: :ref:`Install Reboot-Required Software Updates Using the CLI <installing-reboot-required-software-updates-using-the-cli>`
+.. |the-firmware-update-orchestration-process| replace:: :ref:`The Firmware Update Orchestration Process <the-firmware-update-orchestration-process>`
+.. |software-updates-and-upgrades-software-updates| replace:: :ref:`Software Updates <software-updates-and-upgrades-software-updates>`
+.. |manual-kubernetes-multi-version-upgrade-in-aio-sx-13e05ba19840| replace:: :ref:`Manual Kubernetes Multi-Version Upgrade in AIO-SX <manual-kubernetes-multi-version-upgrade-in-aio-sx-13e05ba19840>`
+.. |contribute| replace:: :ref:`Contributor Guides <contribute>`
+.. |configure-an-optional-cinder-file-system| replace:: :ref:`Configure the Optional Image Conversion File System <configure-an-optional-cinder-file-system>`
+.. |nova-ephemeral-storage| replace:: :ref:`Nova Ephemeral Storage <nova-ephemeral-storage>`
+.. |configuration-and-management-storage-on-controller-hosts| replace:: :ref:`Storage on Controller Hosts <configuration-and-management-storage-on-controller-hosts>`
+.. |storage-configuration-and-management-overview| replace:: :ref:`Overview <storage-configuration-and-management-overview>`
+.. |storage-configuration-and-management-storage-utilization-display| replace:: :ref:`Storage Utilization Display <storage-configuration-and-management-storage-utilization-display>`
+.. |storage-on-compute-hosts| replace:: :ref:`Storage on Compute Hosts <storage-on-compute-hosts>`
+.. |storage-configuration-and-management-storage-resources| replace:: :ref:`Storage Resources <storage-configuration-and-management-storage-resources>`
+.. |storage-configuring-and-management-storage-related-cli-commands| replace:: :ref:`Storage-Related CLI Commands <storage-configuring-and-management-storage-related-cli-commands>`
+.. |replacing-the-nova-local-storage-disk-on-a-cloud-platform-simplex-system| replace:: :ref:`Replace Nova-local Storage Disk on a Simplex System <replacing-the-nova-local-storage-disk-on-a-cloud-platform-simplex-system>`
+.. |config-and-management-ceph-placement-group-number-dimensioning-for-storage-cluster| replace:: :ref:`Ceph Placement Group Number Dimensioning for Storage Cluster <config-and-management-ceph-placement-group-number-dimensioning-for-storage-cluster>`
+.. |storage-configuration-and-management-storage-on-storage-hosts| replace:: :ref:`Storage on Storage Hosts <storage-configuration-and-management-storage-on-storage-hosts>`
+.. |increase-the-size-of-raw-image-uploads-in-openstack-2170f501d2e7| replace:: :ref:`Increase the Size of Raw Image Uploads in OpenStack <increase-the-size-of-raw-image-uploads-in-openstack-2170f501d2e7>`
+.. |index-storage-6cd708f1ada9| replace:: :ref:`Storage <index-storage-6cd708f1ada9>`
+.. |storage-hosts-storage-on-storage-hosts| replace:: :ref:`Storage on Storage Hosts <storage-hosts-storage-on-storage-hosts>`
+.. |add-a-physical-volume| replace:: :ref:`Add a Physical Volume <add-a-physical-volume>`
+.. |local-volume-groups-cli-commands| replace:: :ref:`Local Volume Groups CLI Commands <local-volume-groups-cli-commands>`
+.. |work-with-disk-partitions| replace:: :ref:`Work with Disk Partitions <work-with-disk-partitions>`
+.. |work-with-local-volume-groups| replace:: :ref:`Work with Local Volume Groups <work-with-local-volume-groups>`
+.. |about-persistent-volume-support| replace:: :ref:`About Persistent Volume Support <about-persistent-volume-support>`
+.. |storage-functions-osds-and-ssd-backed-journals| replace:: :ref:`Storage Functions: OSDs and SSD-backed Journals <storage-functions-osds-and-ssd-backed-journals>`
+.. |replace-osds-on-an-aio-sx-single-disk-system-without-backup-951eefebd1f2| replace:: :ref:`Replace OSDs on an AIO-SX Single Disk System without Backup <replace-osds-on-an-aio-sx-single-disk-system-without-backup-951eefebd1f2>`
+.. |create-readwritemany-persistent-volume-claims| replace:: :ref:`Create ReadWriteMany Persistent Volume Claims <create-readwritemany-persistent-volume-claims>`
+.. |storage-backends| replace:: :ref:`Storage Backends <storage-backends>`
+.. |optimization-with-a-large-number-of-osds-df2169096946| replace:: :ref:`Optimization with a Large number of OSDs <optimization-with-a-large-number-of-osds-df2169096946>`
+.. |mount-readwritemany-persistent-volumes-in-containers| replace:: :ref:`Mount ReadWriteMany Persistent Volumes in Containers <mount-readwritemany-persistent-volumes-in-containers>`
+.. |delete-a-partition| replace:: :ref:`Delete a Partition <delete-a-partition>`
+.. |disk-naming-conventions| replace:: :ref:`Disk Naming Conventions <disk-naming-conventions>`
+.. |increase-controller-filesystem-storage-allotments-using-horizon| replace:: :ref:`Increase Controller Filesystem Storage Allotments Using Horizon <increase-controller-filesystem-storage-allotments-using-horizon>`
+.. |storage-configuration-storage-related-cli-commands| replace:: :ref:`Storage-Related CLI Commands <storage-configuration-storage-related-cli-commands>`
+.. |view-details-for-a-partition| replace:: :ref:`View Details for a Partition <view-details-for-a-partition>`
+.. |upgrade-the-netapp-trident-software-c5ec64d213d3| replace:: :ref:`Upgrade the NetApp Trident Software <upgrade-the-netapp-trident-software-c5ec64d213d3>`
+.. |replace-osds-on-a-standard-system-f3b1e376304c| replace:: :ref:`Replace OSDs on a Standard System <replace-osds-on-a-standard-system-f3b1e376304c>`
+.. |ceph-storage-pools| replace:: :ref:`Ceph Storage Pools <ceph-storage-pools>`
+.. |replace-osds-on-an-aio-sx-single-disk-system-with-backup-770c9324f372| replace:: :ref:`Replace OSDs on an AIO-SX Single Disk System with Backup <replace-osds-on-an-aio-sx-single-disk-system-with-backup-770c9324f372>`
+.. |work-with-physical-volumes| replace:: :ref:`Work with Physical Volumes <work-with-physical-volumes>`
+.. |view-storage-utilization-using-horizon| replace:: :ref:`View Storage Utilization Using Horizon <view-storage-utilization-using-horizon>`
+.. |replace-osds-and-journal-disks| replace:: :ref:`Replace OSDs and Journal Disks <replace-osds-and-journal-disks>`
+.. |increase-the-size-of-a-partition| replace:: :ref:`Increase the Size of a Partition <increase-the-size-of-a-partition>`
+.. |add-ssd-backed-journals-using-horizon| replace:: :ref:`Add SSD-Backed Journals Using Horizon <add-ssd-backed-journals-using-horizon>`
+.. |storage-configuration-storage-resources| replace:: :ref:`Storage Resources <storage-configuration-storage-resources>`
+.. |install-additional-rbd-provisioners| replace:: :ref:`Install Additional RBD Provisioners <install-additional-rbd-provisioners>`
+.. |identify-space-available-for-partitions| replace:: :ref:`Identify Space Available for Partitions <identify-space-available-for-partitions>`
+.. |enable-readwriteonce-pvc-support-in-additional-namespaces| replace:: :ref:`Enable ReadWriteOnce PVC Support in Additional Namespaces <enable-readwriteonce-pvc-support-in-additional-namespaces>`
+.. |list-partitions| replace:: :ref:`List Partitions <list-partitions>`
+.. |enable-rbd-readwriteonly-additional-storage-classes| replace:: :ref:`Enable RBD ReadWriteOnly Additional Storage Classes <enable-rbd-readwriteonly-additional-storage-classes>`
+.. |increase-the-size-for-lvm-local-volumes-on-controller-filesystems| replace:: :ref:`Increase the Size for LVM Local Volumes on Controller Filesystems <increase-the-size-for-lvm-local-volumes-on-controller-filesystems>`
+.. |storage-configuration-mount-readwriteonce-persistent-volumes-in-containers| replace:: :ref:`Mount ReadWriteOnce Persistent Volumes in Containers <storage-configuration-mount-readwriteonce-persistent-volumes-in-containers>`
+.. |controller-hosts-storage-on-controller-hosts| replace:: :ref:`Storage on Controller Hosts <controller-hosts-storage-on-controller-hosts>`
+.. |create-cephfs-volume-snapshot-class-92f4ad13d166| replace:: :ref:`Create Cephfs Volume Snapshot Class <create-cephfs-volume-snapshot-class-92f4ad13d166>`
+.. |configure-an-external-netapp-deployment-as-the-storage-backend| replace:: :ref:`Configure an External NetApp Deployment as the Storage Backend <configure-an-external-netapp-deployment-as-the-storage-backend>`
+.. |list-physical-volumes| replace:: :ref:`List Physical Volumes <list-physical-volumes>`
+.. |default-behavior-of-the-cephfs-provisioner| replace:: :ref:`Default Behavior of the CephFS Provisioner <default-behavior-of-the-cephfs-provisioner>`
+.. |increase-worker-filesystem-storage-allotments-using-the-cli-da92e5d15a69| replace:: :ref:`Increase Worker Filesystem Storage Allotments Using the CLI <increase-worker-filesystem-storage-allotments-using-the-cli-da92e5d15a69>`
+.. |ceph-cluster-on-a-controller-host| replace:: :ref:`Ceph Cluster on a Controller Host <ceph-cluster-on-a-controller-host>`
+.. |delete-a-physical-volume| replace:: :ref:`Delete a Physical Volume <delete-a-physical-volume>`
+.. |add-a-storage-tier-using-the-cli| replace:: :ref:`Add a Storage Tier Using the CLI <add-a-storage-tier-using-the-cli>`
+.. |replace-osds-on-an-aio-dx-system-319b0bc2f7e6| replace:: :ref:`Replace OSDs on an AIO-DX System <replace-osds-on-an-aio-dx-system-319b0bc2f7e6>`
+.. |default-behavior-of-the-rbd-provisioner| replace:: :ref:`Default Behavior of the RBD Provisioner <default-behavior-of-the-rbd-provisioner>`
+.. |storage-configuration-storage-on-worker-hosts| replace:: :ref:`Storage on Worker Hosts <storage-configuration-storage-on-worker-hosts>`
+.. |add-ssd-backed-journals-using-the-cli| replace:: :ref:`Add SSD-backed Journals Using the CLI <add-ssd-backed-journals-using-the-cli>`
+.. |enable-readwritemany-pvc-support-in-additional-namespaces| replace:: :ref:`Enable ReadWriteMany PVC Support in Additional Namespaces <enable-readwritemany-pvc-support-in-additional-namespaces>`
+.. |add-a-partition| replace:: :ref:`Add a Partition <add-a-partition>`
+.. |replication-groups| replace:: :ref:`Replication Groups <replication-groups>`
+.. |storage-usage-details-storage-utilization-display| replace:: :ref:`Storage Utilization Display <storage-usage-details-storage-utilization-display>`
+.. |increase-controller-filesystem-storage-allotments-using-the-cli| replace:: :ref:`Increase Controller Filesystem Storage Allotments Using the CLI <increase-controller-filesystem-storage-allotments-using-the-cli>`
+.. |uninstall-the-netapp-backend| replace:: :ref:`Uninstall the NetApp Trident Software <uninstall-the-netapp-backend>`
+.. |provision-storage-on-a-storage-host-using-the-cli| replace:: :ref:`Provision Storage on a Storage Host Using the CLI <provision-storage-on-a-storage-host-using-the-cli>`
+.. |create-rbd-volume-snapshot-class-0318eed94b92| replace:: :ref:`Create RBD Volume Snapshot Class <create-rbd-volume-snapshot-class-0318eed94b92>`
+.. |storage-configuration-create-readwriteonce-persistent-volume-claims| replace:: :ref:`Create ReadWriteOnce Persistent Volume Claims <storage-configuration-create-readwriteonce-persistent-volume-claims>`
+.. |replace-osds-on-an-aio-sx-multi-disk-system-b4ddd1c1257c| replace:: :ref:`Replace OSDs on an AIO-SX Multi-Disk System <replace-osds-on-an-aio-sx-multi-disk-system-b4ddd1c1257c>`
+.. |provision-storage-on-a-controller-or-storage-host-using-horizon| replace:: :ref:`Provision Storage on a Controller or Storage Host Using Horizon <provision-storage-on-a-controller-or-storage-host-using-horizon>`
+.. |configure-the-internal-ceph-storage-backend| replace:: :ref:`Configure the Internal Ceph Storage Backend <configure-the-internal-ceph-storage-backend>`
+.. |osd-replication-factors-journal-functions-and-storage-tiers| replace:: :ref:`OSD Replication Factors, Journal Functions and Storage Tiers <osd-replication-factors-journal-functions-and-storage-tiers>`
+.. |view-details-for-a-physical-volume| replace:: :ref:`View details for a Physical Volume <view-details-for-a-physical-volume>`
+.. |index-backup-1b466179efc3| replace:: :ref:`Backup and Restore <index-backup-1b466179efc3>`
+.. |index-backup-os-2b4f93282ec4| replace:: :ref:`Backup and Restore <index-backup-os-2b4f93282ec4>`
+.. |openstack-backup-considerations| replace:: :ref:`Containerized OpenStack Backup Considerations <openstack-backup-considerations>`
+.. |restore-openstack-from-a-backup| replace:: :ref:`Restore OpenStack from a Backup <restore-openstack-from-a-backup>`
+.. |back-up-openstack| replace:: :ref:`Back up OpenStack <back-up-openstack>`
+.. |system-backup-running-ansible-restore-playbook-remotely| replace:: :ref:`Run Ansible Restore Playbook Remotely <system-backup-running-ansible-restore-playbook-remotely>`
+.. |running-restore-playbook-locally-on-the-controller| replace:: :ref:`Run Restore Playbook Locally on the Controller <running-restore-playbook-locally-on-the-controller>`
+.. |running-ansible-backup-playbook-locally-on-the-controller| replace:: :ref:`Run Ansible Backup Playbook Locally on the Controller <running-ansible-backup-playbook-locally-on-the-controller>`
+.. |restoring-starlingx-system-data-and-storage| replace:: :ref:`Restore Platform System Data and Storage <restoring-starlingx-system-data-and-storage>`
+.. |running-ansible-backup-playbook-remotely| replace:: :ref:`Run Ansible Backup Playbook Remotely <running-ansible-backup-playbook-remotely>`
+.. |backing-up-starlingx-system-data| replace:: :ref:`Back Up System Data Overview <backing-up-starlingx-system-data>`
+.. |node-replacement-for-aiominussx-using-optimized-backup-and-restore-6603c650c80d| replace:: :ref:`AIO-SX - Restore on new hardware <node-replacement-for-aiominussx-using-optimized-backup-and-restore-6603c650c80d>`
+.. |index-datanet-e316bf6c2f6a| replace:: :ref:`Data Networks <index-datanet-e316bf6c2f6a>`
+.. |differences-between-dynamic-and-static-vxlan-modes| replace:: :ref:`Differences Between Dynamic and Static VXLAN Modes <differences-between-dynamic-and-static-vxlan-modes>`
+.. |configuring-data-interfaces| replace:: :ref:`Configure Data Interfaces <configuring-data-interfaces>`
+.. |adding-a-static-ip-address-to-a-data-interface| replace:: :ref:`Add a Static IP Address to a Data Interface <adding-a-static-ip-address-to-a-data-interface>`
+.. |configuring-data-interfaces-for-vxlans| replace:: :ref:`Configure Data Interfaces for VXLANs <configuring-data-interfaces-for-vxlans>`
+.. |static-vxlan| replace:: :ref:`Static VXLAN <static-vxlan>`
+.. |vxlan-data-network-setup-completion| replace:: :ref:`VXLAN Data Network Setup Completion <vxlan-data-network-setup-completion>`
+.. |managing-ip-address-pools-using-the-cli| replace:: :ref:`Manage IP Address Pools Using the CLI <managing-ip-address-pools-using-the-cli>`
+.. |adding-and-maintaining-routes-for-a-vxlan-network| replace:: :ref:`Add and Maintain Routes for a VXLAN Network <adding-and-maintaining-routes-for-a-vxlan-network>`
+.. |changing-the-mtu-of-a-data-interface| replace:: :ref:`Change the MTU of a Data Interface <changing-the-mtu-of-a-data-interface>`
+.. |dynamic-vxlan| replace:: :ref:`Dynamic VXLAN <dynamic-vxlan>`
+.. |changing-the-mtu-of-a-data-interface-using-the-cli| replace:: :ref:`Change the MTU of a Data Interface Using the CLI <changing-the-mtu-of-a-data-interface-using-the-cli>`
+.. |managing-data-interface-static-ip-addresses-using-the-cli| replace:: :ref:`Manage Data Interface Static IP Addresses Using the CLI <managing-data-interface-static-ip-addresses-using-the-cli>`
+.. |vxlan-data-networks| replace:: :ref:`VXLAN Data Networks <vxlan-data-networks>`
+.. |data-networks-overview| replace:: :ref:`Data Networks in OpenStack Overview <data-networks-overview>`
+.. |using-ip-address-pools-for-data-interfaces| replace:: :ref:`Use IP Address Pools for Data Interfaces <using-ip-address-pools-for-data-interfaces>`
+.. |adding-segmentation-ranges-using-the-cli| replace:: :ref:`Add Segmentation Ranges Using the CLI <adding-segmentation-ranges-using-the-cli>`
+.. |the-data-network-topology-view| replace:: :ref:`Data Network Topology View <the-data-network-topology-view>`
+.. |displaying-data-network-information-using-horizon| replace:: :ref:`Display Data Network Information Using Horizon <displaying-data-network-information-using-horizon>`
+.. |data-network-management-data-networks| replace:: :ref:`Data Networks in Kubernetes <data-network-management-data-networks>`
+.. |adding-data-networks-using-the-cli| replace:: :ref:`Add Data Networks Using the CLI <adding-data-networks-using-the-cli>`
+.. |removing-a-data-network-using-the-cli| replace:: :ref:`Remove a Data Network Using the CLI <removing-a-data-network-using-the-cli>`
+.. |assigning-a-data-network-to-an-interface| replace:: :ref:`Assign a Data Network to an Interface <assigning-a-data-network-to-an-interface>`
+.. |displaying-data-network-information-using-the-cli| replace:: :ref:`Display Data Network Information Using the CLI <displaying-data-network-information-using-the-cli>`
+.. |index-usertasks-b18b379ab832| replace:: :ref:`User Tasks <index-usertasks-b18b379ab832>`
+.. |vault-aware| replace:: :ref:`Vault Aware <vault-aware>`
+.. |use-application-isolated-cores| replace:: :ref:`Use Kubernetes CPU Manager Static Policy with application-isolated cores <use-application-isolated-cores>`
+.. |kubernetes-user-tutorials-authentication-and-authorization| replace:: :ref:`Local Docker Registry Authentication and Authorization <kubernetes-user-tutorials-authentication-and-authorization>`
+.. |vlan-plugin-37938fe8578f| replace:: :ref:`VLAN Plugin <vlan-plugin-37938fe8578f>`
+.. |kubernetes-user-tutorials-about-persistent-volume-support| replace:: :ref:`About Persistent Volume Support <kubernetes-user-tutorials-about-persistent-volume-support>`
+.. |internal-ca-and-nodeport-example-2afa2a84603a| replace:: :ref:`Internal CA and NodePort Example <internal-ca-and-nodeport-example-2afa2a84603a>`
+.. |kubernetes-user-tutorials-create-readwritemany-persistent-volume-claims| replace:: :ref:`Create ReadWriteMany Persistent Volume Claims <kubernetes-user-tutorials-create-readwritemany-persistent-volume-claims>`
+.. |ptp-plugin-bc6ed0498f4c| replace:: :ref:`Point-to-Point Plugin <ptp-plugin-bc6ed0498f4c>`
+.. |nodeport-usage-restrictions| replace:: :ref:`NodePort Usage Restrictions <nodeport-usage-restrictions>`
+.. |kubernetes-user-tutorials-configuring-container-backed-remote-clis-and-clients| replace:: :ref:`Configure Container-backed Remote CLIs <kubernetes-user-tutorials-configuring-container-backed-remote-clis-and-clients>`
+.. |kubernetes-user-tutorials-create-readwriteonce-persistent-volume-claims| replace:: :ref:`Create ReadWriteOnce Persistent Volume Claims <kubernetes-user-tutorials-create-readwriteonce-persistent-volume-claims>`
+.. |accessing-the-kubernetes-dashboard| replace:: :ref:`Access the Kubernetes Dashboard <accessing-the-kubernetes-dashboard>`
+.. |bridge-plugin-7caa94024df4| replace:: :ref:`Bridge Plugin <bridge-plugin-7caa94024df4>`
+.. |issuers-in-distributed-cloud-fbc035675c0f| replace:: :ref:`Issuers in Distributed Cloud <issuers-in-distributed-cloud-fbc035675c0f>`
+.. |kubernetes-user-tutorials-cert-manager| replace:: :ref:`Certificate Management <kubernetes-user-tutorials-cert-manager>`
+.. |integrate-the-bond-cni-plugin-2c2f14733b46| replace:: :ref:`Bond Plugin <integrate-the-bond-cni-plugin-2c2f14733b46>`
+.. |specifying-kata-container-runtime-in-pod-spec| replace:: :ref:`Specify Kata Container Runtime in Pod Spec <specifying-kata-container-runtime-in-pod-spec>`
+.. |add-an-additional-network-interface-to-a-container-616bc5c5a6dd| replace:: :ref:`Add an Additional Network Interface to a Container <add-an-additional-network-interface-to-a-container-616bc5c5a6dd>`
+.. |kubernetes-user-tutorials-rest-api-access| replace:: :ref:`REST API Access <kubernetes-user-tutorials-rest-api-access>`
+.. |kubernetes-user-tutorials-metrics-server| replace:: :ref:`Metrics Server <kubernetes-user-tutorials-metrics-server>`
+.. |kubernetes-user-tutorials-overview| replace:: :ref:`Access Overview <kubernetes-user-tutorials-overview>`
+.. |using-an-image-from-the-local-docker-registry-in-a-container-spec| replace:: :ref:`Use an Image from the Local Docker Registry in a Container Spec <using-an-image-from-the-local-docker-registry-in-a-container-spec>`
+.. |known-limitations| replace:: :ref:`Known Kata Container Limitations <known-limitations>`
+.. |host-device-plugin-714d4862a825| replace:: :ref:`Host-device Plugin <host-device-plugin-714d4862a825>`
+.. |remote-cli-access| replace:: :ref:`Remote CLI Access <remote-cli-access>`
+.. |bandwidth-plugin-3b8966c3fe47| replace:: :ref:`Bandwidth Plugin <bandwidth-plugin-3b8966c3fe47>`
+.. |ipvlan-plugin-150be92d0538| replace:: :ref:`Ipvlan Plugin <ipvlan-plugin-150be92d0538>`
+.. |macvlan-plugin-e631cca21ffb| replace:: :ref:`Macvlan Plugin <macvlan-plugin-e631cca21ffb>`
+.. |kubernetes-user-tutorials-vault-overview| replace:: :ref:`Vault Overview <kubernetes-user-tutorials-vault-overview>`
+.. |using-container-based-remote-clis-and-clients| replace:: :ref:`Use Container-backed Remote |CLIs| and Clients <using-container-based-remote-clis-and-clients>`
+.. |letsencrypt-example| replace:: :ref:`External CA and Ingress Controller Example <letsencrypt-example>`
+.. |sriov-plugin-4229f81b27ce| replace:: :ref:`SR-IOV plugin <sriov-plugin-4229f81b27ce>`
+.. |kubernetes-user-tutorials-mount-readwritemany-persistent-volumes-in-containers| replace:: :ref:`Mount ReadWriteMany Persistent Volumes in Containers <kubernetes-user-tutorials-mount-readwritemany-persistent-volumes-in-containers>`
+.. |kubernetes-user-tutorials-helm-package-manager| replace:: :ref:`Helm Package Manager <kubernetes-user-tutorials-helm-package-manager>`
+.. |starlingx-kubernetes-user-tutorials-overview| replace:: :ref:`Kata Containers Overview <starlingx-kubernetes-user-tutorials-overview>`
+.. |source-based-routing-plugin-51648f2ddff1| replace:: :ref:`Source-Based Routing Plugin <source-based-routing-plugin-51648f2ddff1>`
+.. |vran-tools-2c3ee49f4b0b| replace:: :ref:`vRAN Tools <vran-tools-2c3ee49f4b0b>`
+.. |virtual-routing-and-forwarding-plugin-0e53f2c2de21| replace:: :ref:`Virtual Routing and Forwarding Plugin <virtual-routing-and-forwarding-plugin-0e53f2c2de21>`
+.. |tuning-plugin-08f8cdbf1763| replace:: :ref:`Tuning Plugin <tuning-plugin-08f8cdbf1763>`
+.. |vault-unaware| replace:: :ref:`Vault Unaware <vault-unaware>`
+.. |delete-image-tags-in-the-docker-registry-8e2e91d42294| replace:: :ref:`Delete Image Tags in the Docker Registry <delete-image-tags-in-the-docker-registry-8e2e91d42294>`
+.. |kubernetes-user-tutorials-installing-kubectl-and-helm-clients-directly-on-a-host| replace:: :ref:`Install Kubectl and Helm Clients Directly on a Host <kubernetes-user-tutorials-installing-kubectl-and-helm-clients-directly-on-a-host>`
+.. |kubernetes-user-tutorials-mount-readwriteonce-persistent-volumes-in-containers| replace:: :ref:`Mount ReadWriteOnce Persistent Volumes in Containers <kubernetes-user-tutorials-mount-readwriteonce-persistent-volumes-in-containers>`
+.. |configuring-remote-helm-client| replace:: :ref:`Configure Remote Helm Client <configuring-remote-helm-client>`
+.. .. |index-resources-684d91bce8c2| replace:: :ref:`Resources Index <index-resources-684d91bce8c2>`
+.. |overview-of-starlingx-planning| replace:: :ref:`Planning Overview <overview-of-starlingx-planning>`
+.. |docker_proxy_config| replace:: :ref:`Docker Proxy Configuration <docker_proxy_config>`
+.. |index-admintasks-kub-ebc55fefc368| replace:: :ref:`Administration Tasks <index-admintasks-kub-ebc55fefc368>`
+.. |index-security-kub-81153c1254c3| replace:: :ref:`Security Guide <index-security-kub-81153c1254c3>`
+.. |index-sysconf-kub-78f0e1e9ca5a| replace:: :ref:`System Configuration Guide <index-sysconf-kub-78f0e1e9ca5a>`
+.. |node-interfaces-index| replace:: :ref:`Node Interfaces <node-interfaces-index>`
+.. |ptp-server-config-index| replace:: :ref:`PTP Server Configuration <ptp-server-config-index>`
diff --git a/doc/source/_vendor/vendor_strings.txt b/doc/source/_vendor/vendor_strings.txt
index 575911ddb..ca274bfca 100755
--- a/doc/source/_vendor/vendor_strings.txt
+++ b/doc/source/_vendor/vendor_strings.txt
@@ -7,7 +7,6 @@
 .. Load container versions
 .. include:: /_vendor/container-subs-stx.txt
 
-
 .. Organization name
 .. |org| replace:: StarlingX
 
@@ -146,4 +145,4 @@
 .. |v_r8| replace:: r8
 .. |v_r7| replace:: r7
 .. |v_r6| replace:: r6
-.. |v_r5| replace:: r5
\ No newline at end of file
+.. |v_r5| replace:: r5
diff --git a/doc/source/backup/openstack/back-up-openstack.rst b/doc/source/backup/openstack/back-up-openstack.rst
index 8fcf6b5d5..1a0fe3d66 100644
--- a/doc/source/backup/openstack/back-up-openstack.rst
+++ b/doc/source/backup/openstack/back-up-openstack.rst
@@ -1,5 +1,7 @@
 
 .. include:: /_stx-related-links/back-up-openstack.rln
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 
 .. mdt1596804427371
 .. _back-up-openstack:
@@ -50,5 +52,5 @@ of restoring the underlying platform.
     After export, copy the data off-box for safekeeping.
 
 For details on performing a |prod| back-up, see
-:ref:`System Backup and Restore <backing-up-starlingx-system-data>`.
+|backing-up-starlingx-system-data|.
 
diff --git a/doc/source/backup/openstack/openstack-backup-considerations.rst b/doc/source/backup/openstack/openstack-backup-considerations.rst
index 659bf20a4..f4e1c9793 100644
--- a/doc/source/backup/openstack/openstack-backup-considerations.rst
+++ b/doc/source/backup/openstack/openstack-backup-considerations.rst
@@ -1,5 +1,7 @@
 
 .. include:: /_stx-related-links/openstack-backup-considerations.rln
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 
 .. tye1591106946243
 .. _openstack-backup-considerations:
@@ -11,5 +13,5 @@ Containerized OpenStack Backup Considerations
 Backup of the containerized OpenStack application is performed as part of the
 |prod-long| backup procedures.
 
-See :ref:`System Backup and Restore <backing-up-starlingx-system-data>`.
+See |backing-up-starlingx-system-data|.
 
diff --git a/doc/source/contributor/doc_contribute_guide.rst b/doc/source/contributor/doc_contribute_guide.rst
index 4fa078337..ecfe1c204 100644
--- a/doc/source/contributor/doc_contribute_guide.rst
+++ b/doc/source/contributor/doc_contribute_guide.rst
@@ -1,3 +1,5 @@
+.. include:: /_vendor/rl-strings.txt
+
 .. _doc_contribute_guide:
 
 ===============================
diff --git a/doc/source/datanet/openstack/data-networks-overview.rst b/doc/source/datanet/openstack/data-networks-overview.rst
index 2cc7e9229..e6f0c8c88 100644
--- a/doc/source/datanet/openstack/data-networks-overview.rst
+++ b/doc/source/datanet/openstack/data-networks-overview.rst
@@ -1,5 +1,7 @@
 
 .. include:: /_stx-related-links/data-networks-overview.rln
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 
 .. wdq1463583173409
 .. _data-networks-overview:
@@ -31,23 +33,17 @@ data networks, see the following |prod| documentation:
 
 .. _data-networks-overview-ul-yj1-dtq-3nb:
 
--   :ref:`Adding Data Networks Using the CLI
-    <adding-data-networks-using-the-cli>`
+-   |adding-data-networks-using-the-cli|
 
--   :ref:`Assigning a Data Network to an Interface
-    <assigning-a-data-network-to-an-interface>`
+-   |assigning-a-data-network-to-an-interface|
 
--   :ref:`Removing a Data Network Using the CLI
-    <removing-a-data-network-using-the-cli>`
+-   |removing-a-data-network-using-the-cli| 
 
--  :ref:`Display Data Network information using Horizon
-   <displaying-data-network-information-using-horizon>`
+-   |displaying-data-network-information-using-horizon|
 
--  :ref:`Display Data Network information using the CLI
-   <displaying-data-network-information-using-the-cli>`
+-   |displaying-data-network-information-using-horizon|
 
--  :ref:`The Data Network topology view
-   <the-data-network-topology-view>`
+-   |the-data-network-topology-view|
 
 
 
diff --git a/doc/source/datanet/openstack/dynamic-vxlan.rst b/doc/source/datanet/openstack/dynamic-vxlan.rst
index 018ddf51c..0b35e259c 100644
--- a/doc/source/datanet/openstack/dynamic-vxlan.rst
+++ b/doc/source/datanet/openstack/dynamic-vxlan.rst
@@ -1,6 +1,7 @@
 
 .. include:: /_stx-related-links/dynamic-vxlan.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. rcy1511538457696
 .. _dynamic-vxlan:
 
@@ -69,8 +70,7 @@ segmentation ranges using the |CLI|.
 
 .. _dynamic-vxlan-ol-bpj-dlb-1cb:
 
-#.  Create a VXLAN data network, see :ref:`Adding Data Networks
-    <adding-data-networks-using-the-cli>`.
+#.  Create a VXLAN data network, see |adding-data-networks-using-the-cli|.
 
 #.  Add segmentation ranges to dynamic |VXLAN| (Multicast |VXLAN|) data
     networks, see :ref:`Adding Segmentation Ranges Using the CLI
diff --git a/doc/source/datanet/openstack/static-vxlan.rst b/doc/source/datanet/openstack/static-vxlan.rst
index 1172dd6fc..789a739fb 100644
--- a/doc/source/datanet/openstack/static-vxlan.rst
+++ b/doc/source/datanet/openstack/static-vxlan.rst
@@ -1,6 +1,7 @@
 
 .. include:: /_stx-related-links/static-vxlan.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. drb1511538596277
 .. _static-vxlan:
 
@@ -50,8 +51,7 @@ segmentation ranges using the |CLI|.
 
 .. _static-vxlan-ol-bpj-dlb-1cb:
 
-#.  Create a |VXLAN| data network, see :ref:`Adding Data Networks Using the CLI
-    <adding-data-networks-using-the-cli>`.
+#.  Create a |VXLAN| data network, see |adding-data-networks-using-the-cli|.
 
 #.  Add segmentation ranges to static |VXLAN| data networks, see :ref:`Adding
     Segmentation Ranges Using the CLI <adding-segmentation-ranges-using-the-cli>`.
diff --git a/doc/source/deploy_install_guides/release/bare_metal/aio_duplex_install_kubernetes.rst b/doc/source/deploy_install_guides/release/bare_metal/aio_duplex_install_kubernetes.rst
index fd3e1eb49..51f1a334e 100644
--- a/doc/source/deploy_install_guides/release/bare_metal/aio_duplex_install_kubernetes.rst
+++ b/doc/source/deploy_install_guides/release/bare_metal/aio_duplex_install_kubernetes.rst
@@ -1,1571 +1,1568 @@
-
-.. Greg updates required for -High Security Vulnerability Document Updates
-
-.. _aio_duplex_install_kubernetes_r7:
-
-================================================
-Install Kubernetes Platform on All-in-one Duplex
-================================================
-
-
-.. only:: partner
-
-   .. include:: /_includes/install-kubernetes-null-labels.rest
-
-.. contents:: |minitoc|
-   :local:
-   :depth: 1
-
---------
-Overview
---------
-
-.. _aiodx-installation-prereqs:
-
-.. include:: /shared/_includes/desc_aio_duplex.txt
-
-.. include:: /_includes/automated-install-note--09dff208a9c6.rest 
-
-.. _installation-prereqs-dx:
-
------------------------------
-Minimum hardware requirements
------------------------------
-
-.. only:: starlingx
-
-   .. tabs::
-
-      .. group-tab:: Bare Metal
-
-         .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
-            :start-after: begin-min-hw-reqs-dx
-            :end-before: end-min-hw-reqs-dx
-
-      .. group-tab:: Virtual
-
-         The following sections describe system requirements and host setup for
-         a workstation hosting virtual machine(s) where StarlingX will be
-         deployed; i.e., a |VM| for each StarlingX node (controller,
-         AIO-controller, worker or storage node).
-
-         .. rubric:: **Hardware requirements**
-
-         The host system should have at least:
-
-         * **Processor:** x86_64 only supported architecture with BIOS enabled
-           hardware virtualization extensions
-
-         * **Cores:** 8
-
-         * **Memory:** 32GB RAM
-
-         * **Hard Disk:** 500GB HDD
-
-         * **Network:** One network adapter with active Internet connection
-
-         .. rubric:: **Software requirements**
-
-         The host system should have at least:
-
-         * A workstation computer with Ubuntu 16.04 LTS 64-bit
-
-         All other required packages will be installed by scripts in the
-         StarlingX tools repository.
-
-         .. rubric:: **Host setup**
-
-         Set up the host with the following steps:
-
-         #. Update OS:
-
-            ::
-
-             apt-get update
-
-         #. Clone the StarlingX tools repository:
-
-            ::
-
-             apt-get install -y git
-             cd $HOME
-             git clone https://opendev.org/starlingx/virtual-deployment.git
-
-         #. Install required packages:
-
-            ::
-
-             cd $HOME/virtual-deployment/libvirt
-             bash install_packages.sh
-             apt install -y apparmor-profiles
-             apt-get install -y ufw
-             ufw disable
-             ufw status
-
-
-            .. note::
-
-               On Ubuntu 16.04, if apparmor-profile modules were installed as
-               shown in the example above, you must reboot the server to fully
-               install the apparmor-profile modules.
-
-.. only:: partner
-
-   .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
-      :start-after: begin-min-hw-reqs-dx
-      :end-before: end-min-hw-reqs-dx
-
---------------------------
-Installation Prerequisites
---------------------------
-
-.. only:: starlingx
-
-   .. tabs::
-
-      .. group-tab:: Bare Metal
-
-         .. include:: /shared/_includes/installation-prereqs.rest
-            :start-after: begin-install-prereqs
-            :end-before: end-install-prereqs
-
-      .. group-tab:: Virtual
-
-         Several pre-requisites must be completed prior to starting the |prod|
-         installation.
-
-         Before attempting to install |prod|, ensure that you have the the
-         |prod| host installer ISO image file.
-
-         Get the latest |prod| ISO from the `StarlingX mirror
-         <https://mirror.starlingx.cengn.ca/mirror/starlingx/release/latest_release/debian/monolithic/outputs/iso/>`__.
-         Alternately, you can get an older release ISO from `here <https://mirror.starlingx.cengn.ca/mirror/starlingx/release/>`__.
-
-
-.. only:: partner
-
-   .. include:: /shared/_includes/installation-prereqs.rest
-      :start-after: begin-install-prereqs
-      :end-before: end-install-prereqs
-
---------------------------------
-Prepare Servers for Installation
---------------------------------
-
-.. only:: starlingx
-
-   .. tabs::
-
-      .. group-tab:: Bare Metal
-
-         .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
-            :start-after: start-prepare-servers-common
-            :end-before: end-prepare-servers-common
-
-      .. group-tab:: Virtual
-
-         .. note::
-
-             The following commands for host, virtual environment setup, and
-             host power-on use KVM/virsh for virtual machine and |VM|
-             management technology. For an alternative virtualization
-             environment, see: :ref:`install_virtualbox`.
-
-         #. Prepare virtual environment.
-
-            Set up the virtual platform networks for virtual deployment:
-
-            .. code-block:: none
-
-               bash setup_network.sh
-
-         #. Prepare virtual servers.
-
-            .. note::
-
-                The following commands for host, virtual environment setup, and
-                host power-on use KVM / virsh for virtual machine and |VM|
-                management technology. For an alternative virtualization
-                environment, see: :ref:`install_virtualbox`.
-
-            #. Prepare virtual environment.
-
-               Set up the virtual platform networks for virtual deployment:
-
-               ::
-
-                 bash setup_network.sh
-
-            #. Prepare virtual servers.
-
-               Create the XML definitions for the virtual servers required by
-               this configuration option. This will create the XML virtual
-               server definition for:
-
-               * duplex-controller-0
-               * duplex-controller-1
-
-               The following command will start/virtually power on:
-
-               * The 'duplex-controller-0' virtual server
-               * The X-based graphical virt-manager application
-
-               ::
-
-                 bash setup_configuration.sh -c duplex -i ./bootimage.iso
-
-               If there is no X-server present errors will occur and the
-               X-based GUI for the virt-manager application will not start. The
-               virt-manager GUI is not absolutely required and you can safely
-               ignore errors and continue.
-
-.. only:: partner
-
-   .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
-      :start-after: start-prepare-servers-common
-      :end-before: end-prepare-servers-common
-
---------------------------------
-Install Software on Controller-0
---------------------------------
-
-.. only:: starlingx
-
-   .. tabs::
-
-      .. group-tab:: Bare Metal
-
-        .. include:: /shared/_includes/inc-install-software-on-controller.rest
-           :start-after: incl-install-software-controller-0-aio-start
-           :end-before: incl-install-software-controller-0-aio-end
-
-      .. group-tab:: Virtual
-
-         In the last step of :ref:`aio_duplex_environ`, the controller-0
-         virtual server 'duplex-controller-0' was started by the
-         :command:`setup_configuration.sh` command.
-
-         On the host, attach to the console of virtual controller-0 and select the
-         appropriate installer menu options to start the non-interactive install of
-         StarlingX software on controller-0.
-
-         .. note::
-
-            When entering the console, it is very easy to miss the first
-            installer menu selection. Use ESC to navigate to previous menus, to
-            ensure you are at the first installer menu.
-
-         ::
-
-           virsh console duplex-controller-0
-
-         Make the following menu selections in the installer:
-
-         #. First menu: Select 'All-in-one Controller Configuration'
-         #. Second menu: Select 'Serial Console'
-
-         Wait for the non-interactive install of software to complete and for
-         the server to reboot. This can take 5-10 minutes, depending on the
-         performance of the host machine.
-
-.. only:: partner
-
-   .. include:: /shared/_includes/inc-install-software-on-controller.rest
-      :start-after: incl-install-software-controller-0-aio-start
-      :end-before: incl-install-software-controller-0-aio-end
-
---------------------------------
-Bootstrap system on controller-0
---------------------------------
-
-#. Login using the username / password of "sysadmin" / "sysadmin".
-   When logging in for the first time, you will be forced to change the
-   password.
-
-   ::
-
-      Login: sysadmin
-      Password:
-      Changing password for sysadmin.
-      (current) UNIX Password: sysadmin
-      New Password:
-      (repeat) New Password:
-
-#. Verify and/or configure IP connectivity.
-
-   .. only:: starlingx
-
-      .. tabs::
-
-         .. group-tab:: Bare Metal
-
-            .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-               :start-after: begin-aio-dx-install-verify-ip-connectivity
-               :end-before: end-aio-dx-install-verify-ip-connectivity
-
-         .. group-tab:: Virtual
-
-            External connectivity is required to run the Ansible bootstrap
-            playbook.
-
-            .. code-block:: bash
-
-               export CONTROLLER0_OAM_CIDR=10.10.10.3/24
-               export DEFAULT_OAM_GATEWAY=10.10.10.1
-               sudo ip address add $CONTROLLER0_OAM_CIDR dev enp7s1
-               sudo ip link set up dev enp7s1
-               sudo ip route add default via $DEFAULT_OAM_GATEWAY dev enp7s1
-
-   .. only:: partner
-
-      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-         :start-after: begin-aio-dx-install-verify-ip-connectivity
-         :end-before: end-aio-dx-install-verify-ip-connectivity
-
-
-#. Specify user configuration overrides for the Ansible bootstrap playbook.
-
-   Ansible is used to bootstrap |prod| on controller-0. Key files for
-   Ansible configuration are:
-
-   ``/etc/ansible/hosts``
-      The default Ansible inventory file. Contains a single host: localhost.
-
-   ``/usr/share/ansible/stx-ansible/playbooks/bootstrap.yml``
-      The Ansible bootstrap playbook.
-
-   ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml``
-      The default configuration values for the bootstrap playbook.
-
-   ``sysadmin home directory ($HOME)``
-      The default location where Ansible looks for and imports user
-      configuration override files for hosts. For example:
-      ``$HOME/<hostname>.yml``.
-
-   .. only:: starlingx
-
-      .. include:: /shared/_includes/ansible_install_time_only.txt
-
-   Specify the user configuration override file for the Ansible bootstrap
-   playbook using one of the following methods:
-
-   .. note::
-
-      This Ansible Overrides file for the Bootstrap Playbook ($HOME/localhost.yml)
-      contains security sensitive information, use the
-      :command:`ansible-vault create $HOME/localhost.yml` command to create it.
-      You will be prompted for a password to protect/encrypt the file.
-      Use the :command:`ansible-vault edit $HOME/localhost.yml` command if the
-      file needs to be edited after it is created.
-
-   #. Use a copy of the default.yml file listed above to provide your overrides.
-
-      The default.yml file lists all available parameters for bootstrap
-      configuration with a brief description for each parameter in the file
-      comments.
-
-      To use this method, run the :command:`ansible-vault create $HOME/localhost.yml`
-      command and copy the contents of the ``default.yml`` file into the
-      ansible-vault editor, and edit the configurable values as required.
-
-   #. Create a minimal user configuration override file.
-
-      To use this method, create your override file with
-      the :command:`ansible-vault create $HOME/localhost.yml`
-      command and provide the minimum required parameters for the deployment
-      configuration as shown in the example below. Use the OAM IP SUBNET and IP
-      ADDRESSing applicable to your deployment environment.
-
-      .. include:: /shared/_includes/quotation-marks-in-keystone-password.rest
-
-      .. include:: /_includes/min-bootstrap-overrides-non-simplex.rest
-
-
-      .. only:: starlingx
-
-         In either of the above options, the bootstrap playbook’s default values
-         will pull all container images required for the |prod-p| from Docker hub.
-
-         If you have setup a private Docker registry to use for bootstrapping
-         then you will need to add the following lines in $HOME/localhost.yml:
-
-      .. only:: partner
-
-         .. include:: /_includes/install-kubernetes-bootstrap-playbook.rest
-            :start-after: docker-reg-begin
-            :end-before: docker-reg-end
-
-      .. code-block:: yaml
-
-         docker_registries:
-           quay.io:
-              url: myprivateregistry.abc.com:9001/quay.io
-           docker.elastic.co:
-              url: myprivateregistry.abc.com:9001/docker.elastic.co
-           gcr.io:
-              url: myprivateregistry.abc.com:9001/gcr.io
-           ghcr.io:
-              url: myprivateregistry.abc.com:9001/ghcr.io
-           k8s.gcr.io:
-              url: myprivateregistry.abc.com:9001/k8s.gcr.io
-           docker.io:
-              url: myprivateregistry.abc.com:9001/docker.io
-           registry.k8s.io:
-              url: myprivateregistry.abc.com:9001/registry.k8s.io
-           icr.io:
-              url: myprivateregistry.abc.com:9001/icr.io
-           defaults:
-              type: docker
-              username: <your_myprivateregistry.abc.com_username>
-              password: <your_myprivateregistry.abc.com_password>
-
-         # Add the CA Certificate that signed myprivateregistry.abc.com’s
-         # certificate as a Trusted CA
-         ssl_ca_cert: /home/sysadmin/myprivateregistry.abc.com-ca-cert.pem
-
-      See :ref:`Use a Private Docker Registry <use-private-docker-registry-r7>`
-      for more information.
-
-      .. only:: starlingx
-
-         If a firewall is blocking access to Docker hub or your private
-         registry from your StarlingX deployment, you will need to add the
-         following lines in $HOME/localhost.yml  (see :ref:`Docker Proxy
-         Configuration <docker_proxy_config>` for more details about Docker
-         proxy settings):
-
-      .. only:: partner
-
-         .. include:: /_includes/install-kubernetes-bootstrap-playbook.rest
-            :start-after: firewall-begin
-            :end-before: firewall-end
-
-      .. code-block:: bash
-
-         # Add these lines to configure Docker to use a proxy server
-         docker_http_proxy: http://my.proxy.com:1080
-         docker_https_proxy: https://my.proxy.com:1443
-         docker_no_proxy:
-            - 1.2.3.4
-
-
-      Refer to :ref:`Ansible Bootstrap Configurations <ansible_bootstrap_configs_r7>`
-      for information on additional Ansible bootstrap configurations for advanced
-      Ansible bootstrap scenarios.
-
-#. Run the Ansible bootstrap playbook:
-
-   .. include:: /shared/_includes/ntp-update-note.rest
-
-   ::
-
-      ansible-playbook --ask-vault-pass /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
-
-   Wait for Ansible bootstrap playbook to complete. This can take 5-10 minutes,
-   depending on the performance of the host machine.
-
-----------------------
-Configure controller-0
-----------------------
-
-#. Acquire admin credentials:
-
-   ::
-
-     source /etc/platform/openrc
-
-#. Configure the |OAM| interface of controller-0 and specify the
-   attached network as "oam".
-
-   .. only:: starlingx
-
-      .. tabs::
-
-         .. group-tab:: Bare Metal
-
-            .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-               :start-after: begin-config-controller-0-oam-interface-dx
-               :end-before: end-config-controller-0-oam-interface-dx
-
-         .. group-tab:: Virtual
-
-            .. code-block:: none
-
-               ~(keystone_admin)$ OAM_IF=enp7s1
-               ~(keystone_admin)$ system host-if-modify controller-0 $OAM_IF -c platform
-               ~(keystone_admin)$ system interface-network-assign controller-0 $OAM_IF oam
-
-   .. only:: partner
-
-      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-         :start-after: begin-config-controller-0-oam-interface-dx
-         :end-before: end-config-controller-0-oam-interface-dx
-
-   To configure a |VLAN| or aggregated ethernet interface, see :ref:`Node
-   Interfaces <node-interfaces-index>`.
-
-#. Configure the MGMT interface of controller-0 and specify the attached
-   networks of both "mgmt" and "cluster-host".
-
-   .. only:: starlingx
-
-      .. tabs::
-
-         .. group-tab:: Bare Metal
-
-            .. begin-config-controller-0-mgmt-interface-dx
-
-            The following example configures the MGMT interface on a physical
-            untagged ethernet port. Use the MGMT port name that is applicable
-            to your deployment environment, for example ``eth1``:
-
-            .. code-block:: none
-
-               ~(keystone_admin)$ MGMT_IF=<MGMT-PORT>
-               ~(keystone_admin)$ system host-if-modify controller-0 lo -c none
-               ~(keystone_admin)$ IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}')
-               ~(keystone_admin)$ for UUID in $IFNET_UUIDS; do \
-                   system interface-network-remove ${UUID} \
-               done
-               ~(keystone_admin)$ system host-if-modify controller-0 $MGMT_IF -c platform
-               ~(keystone_admin)$ system interface-network-assign controller-0 $MGMT_IF mgmt
-               ~(keystone_admin)$ system interface-network-assign controller-0 $MGMT_IF cluster-host
-
-
-            .. end-config-controller-0-mgmt-interface-dx
-
-         .. group-tab:: Virtual
-
-            .. code-block:: none
-
-               ~(keystone_admin)$ MGMT_IF=enp7s2
-               ~(keystone_admin)$ system host-if-modify controller-0 lo -c none
-               ~(keystone_admin)$ IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}')
-               ~(keystone_admin)$ for UUID in $IFNET_UUIDS; do \
-                   system interface-network-remove ${UUID} \
-               done
-               ~(keystone_admin)$ system host-if-modify controller-0 $MGMT_IF -c platform
-               ~(keystone_admin)$ system interface-network-assign controller-0 $MGMT_IF mgmt
-               ~(keystone_admin)$ system interface-network-assign controller-0 $MGMT_IF cluster-host
-
-
-   .. only:: partner
-
-      .. include:: aio_duplex_install_kubernetes.rst
-         :start-after: begin-config-controller-0-mgmt-interface
-         :end-before: end-config-controller-0-mgmt-interface
-
-   To configure a vlan or aggregated ethernet interface, see :ref:`Node
-   Interfaces <node-interfaces-index>`.
-
-#. Configure |NTP| servers for network time synchronization:
-
-   .. only:: starlingx
-
-      .. tabs::
-
-         .. group-tab:: Bare Metal
-
-            .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-               :start-after: begin-config-controller-0-ntp-interface-dx
-               :end-before: end-config-controller-0-ntp-interface-dx
-
-         .. group-tab:: Virtual
-
-            .. note::
-
-               In a virtual environment, this can sometimes cause Ceph clock
-               skew alarms. Also, the virtual instances clock is synchronized
-               with the host clock, so it is not absolutely required to
-               configure |NTP| in this step.
-
-            .. code-block:: none
-
-                ~(keystone_admin)$ system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org
-
-   .. only:: partner
-
-      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-         :start-after: begin-config-controller-0-ntp-interface-dx
-         :end-before: end-config-controller-0-ntp-interface-dx
-
-.. only:: openstack
-
-   *************************************
-   OpenStack-specific host configuration
-   *************************************
-
-   .. important::
-
-      These steps are required only if the StarlingX OpenStack application
-      (|prefix|-openstack) will be installed.
-
-   #. **For OpenStack only:** Assign OpenStack host labels to controller-0 in
-      support of installing the |prefix|-openstack manifest and helm-charts later.
-
-      .. only:: starlingx
-
-         .. parsed-literal::
-
-            system host-label-assign controller-0 openstack-control-plane=enabled
-            system host-label-assign controller-0 openstack-compute-node=enabled
-            system host-label-assign controller-0 |vswitch-label|
-
-         .. note::
-
-            If you have a |NIC| that supports |SRIOV|, then you can enable it by
-            using the following:
-
-            .. code-block:: none
-
-               system host-label-assign controller-0 sriov=enabled
-
-      .. only:: partner
-
-         .. include:: /_includes/aio_duplex_install_kubernetes.rest
-            :start-after: ref1-begin
-            :end-before: ref1-end
-
-   #. **For OpenStack only:** Due to the additional OpenStack services running
-      on the |AIO| controller platform cores, additional platform cores may be
-      required.
-
-      .. only:: starlingx
-
-         .. tabs::
-
-            .. group-tab:: Bare Metal
-
-               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-                  :start-after: begin-config-controller-0-OS-add-cores-dx
-                  :end-before: end-config-controller-0-OS-add-cores-dx
-
-
-            .. group-tab:: Virtual
-
-               The |VMs| being used for hosts only have 4 cores; 2 for platform
-               and 2 for |VMs|. There are no additional cores available for
-               platform in this scenario.
-
-
-      .. only:: partner
-
-         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-            :start-after: begin-config-controller-0-OS-add-cores-dx
-            :end-before: end-config-controller-0-OS-add-cores-dx
-
-   #. Due to the additional OpenStack services' containers running on the
-      controller host, the size of the Docker filesystem needs to be
-      increased from the default size of 30G to 60G.
-
-      .. code-block:: bash
-
-          # check existing size of docker fs
-          system host-fs-list controller-0
-          # check available space (Avail Size (GiB)) in cgts-vg LVG where docker fs is located
-          system host-lvg-list controller-0
-          # if existing docker fs size + cgts-vg available space is less than
-          # 80G, you will need to add a new disk to cgts-vg.
-
-             # Get device path of BOOT DISK
-             system host-show controller-0 | fgrep rootfs
-
-             # Get UUID of ROOT DISK by listing disks
-             system host-disk-list controller-0
-
-             # Add new disk to 'cgts-vg' local volume group
-             system host-pv-add controller-0 cgts-vg <DISK_UUID>
-             sleep 10    # wait for disk to be added
-
-             # Confirm the available space and increased number of physical
-             # volumes added to the cgts-vg colume group
-             system host-lvg-list controller-0
-
-          # Increase docker filesystem to 60G
-          system host-fs-modify controller-0 docker=60
-
-
-   #. **For OpenStack only:** Configure the system setting for the vSwitch.
-
-      .. only:: starlingx
-
-         .. tabs::
-
-            .. group-tab:: Bare Metal
-
-
-               |prod| has |OVS| (kernel-based) vSwitch configured as default,
-               which:
-
-               * runs in a container; defined within the helm charts of
-                 |prefix|-openstack manifest.
-
-               * shares the core(s) assigned to the platform.
-
-               If you require better performance, |OVS-DPDK| (|OVS| with the Data
-               Plane Development Kit, which is supported only on bare metal hardware)
-               should be used:
-
-               * Runs directly on the host (it is not containerized).
-                 Requires that at least 1 core be assigned/dedicated to the vSwitch
-                 function.
-
-               To deploy the default containerized |OVS|:
-
-               .. code-block:: none
-
-                    ~(keystone_admin)$ system modify --vswitch_type none
-
-               This does not run any vSwitch directly on the host, instead, it uses
-               the containerized |OVS| defined in the helm charts of
-               |prefix|-openstack manifest.
-
-               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-                  :start-after: begin-config-controller-0-OS-vswitch-dx
-                  :end-before: end-config-controller-0-OS-vswitch-dx
-
-            .. group-tab:: Virtual
-
-               The default vSwitch is the containerized |OVS| that is packaged
-               with the ``stx-openstack`` manifest/helm-charts. |prod| provides
-               the option to use OVS-DPDK on the host, however, in the virtual
-               environment OVS-DPDK is not supported, only |OVS| is supported.
-               Therefore, simply use the default |OVS| vSwitch here.
-
-      .. only:: partner
-
-         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-            :start-after: begin-config-controller-0-OS-vswitch-dx
-            :end-before: end-config-controller-0-OS-vswitch-dx
-
-
-
-   #. **For OpenStack only:** Add an instances filesystem OR set up a disk
-      based nova-local volume group, which is needed for |prefix|-openstack
-      nova ephemeral disks.
-
-      .. only:: starlingx
-
-         .. tabs::
-
-            .. group-tab:: Bare Metal
-
-               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-                  :start-after: begin-config-controller-0-OS-add-fs-dx
-                  :end-before: end-config-controller-0-OS-add-fs-dx
-
-            .. group-tab:: Virtual
-
-               Set up an "instances" filesystem, which is needed for
-               stx-openstack nova ephemeral disks.
-
-               .. code-block:: bash
-
-                  ~(keystone_admin)$ export NODE=controller-0
-                  ~(keystone_admin)$ system host-fs-add ${NODE} instances=34
-
-
-      .. only:: partner
-
-         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-            :start-after: begin-config-controller-0-OS-add-fs-dx
-            :end-before: end-config-controller-0-OS-add-fs-dx
-
-   #. **For OpenStack only:** Configure data interfaces for controller-0.
-      Data class interfaces are vswitch interfaces used by vswitch to provide
-      |VM| virtio vNIC connectivity to OpenStack Neutron Tenant Networks on the
-      underlying assigned Data Network.
-
-      .. important::
-
-         A compute-labeled All-in-one controller host **MUST** have at least
-         one Data class interface.
-
-      * Configure the data interfaces for controller-0.
-
-        .. only:: starlingx
-
-           .. tabs::
-
-              .. group-tab:: Bare Metal
-
-                 .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-                    :start-after: begin-config-controller-0-OS-data-interface-dx
-                    :end-before: end-config-controller-0-OS-data-interface-dx
-
-              .. group-tab:: Virtual
-
-                 .. code-block:: bash
-
-                    ~(keystone_admin)$ DATA0IF=eth1000
-                    ~(keystone_admin)$ DATA1IF=eth1001
-                    ~(keystone_admin)$ export NODE=controller-0
-                    ~(keystone_admin)$ PHYSNET0='physnet0'
-                    ~(keystone_admin)$ PHYSNET1='physnet1'
-                    ~(keystone_admin)$ SPL=/tmp/tmp-system-port-list
-                    ~(keystone_admin)$ SPIL=/tmp/tmp-system-host-if-list
-
-                    ~(keystone_admin)$ system host-port-list ${NODE} --nowrap > ${SPL}
-                    ~(keystone_admin)$ system host-if-list -a ${NODE} --nowrap > ${SPIL}
-
-                    ~(keystone_admin)$ DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}')
-                    ~(keystone_admin)$ DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}')
-
-                    ~(keystone_admin)$ DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}')
-                    ~(keystone_admin)$ DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}')
-
-                    ~(keystone_admin)$ DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}')
-                    ~(keystone_admin)$ DATA1PORTNAME=$(cat  $SPL | grep ${DATA1PCIADDR} | awk '{print $4}')
-
-                    ~(keystone_admin)$ DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}')
-                    ~(keystone_admin)$ DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}')
-
-                    ~(keystone_admin)$ system datanetwork-add ${PHYSNET0} vlan
-                    ~(keystone_admin)$ system datanetwork-add ${PHYSNET1} vlan
-
-                    ~(keystone_admin)$ system host-if-modify -m 1500 -n data0 -c data ${NODE} ${DATA0IFUUID}
-                    ~(keystone_admin)$ system host-if-modify -m 1500 -n data1 -c data ${NODE} ${DATA1IFUUID}
-
-                    ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} ${DATA0IFUUID} ${PHYSNET0}
-                    ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} ${DATA1IFUUID} ${PHYSNET1}
-
-
-      .. only:: partner
-
-         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-            :start-after: begin-config-controller-0-OS-data-interface-dx
-            :end-before: end-config-controller-0-OS-data-interface-dx
-
-*****************************************
-Optionally Configure PCI-SRIOV Interfaces
-*****************************************
-
-#. **Optionally**, configure |PCI|-|SRIOV| interfaces for controller-0.
-
-   This step is **optional** for Kubernetes. Do this step if using |SRIOV|
-   network attachments in hosted application containers.
-
-   .. only:: openstack
-
-      This step is **optional** for OpenStack. Do this step if using |SRIOV|
-      vNICs in hosted application VMs. Note that |PCI|-|SRIOV| interfaces can
-      have the same Data Networks assigned to them as vswitch data interfaces.
-
-
-   * Configure the pci-sriov interfaces for controller-0.
-
-     .. code-block:: bash
-
-        ~(keystone_admin)$ export NODE=controller-0
-
-        # List inventoried host’s ports and identify ports to be used as ‘pci-sriov’ interfaces,
-        # based on displayed linux port name, pci address and device type.
-        ~(keystone_admin)$ system host-port-list ${NODE}
-
-        # List host’s auto-configured ‘ethernet’ interfaces,
-        # find the interfaces corresponding to the ports identified in previous step, and
-        # take note of their UUID
-        ~(keystone_admin)$ system host-if-list -a ${NODE}
-
-        # Modify configuration for these interfaces
-        # Configuring them as ‘pci-sriov’ class interfaces, MTU of 1500 and named sriov#
-        ~(keystone_admin)$ system host-if-modify -m 1500 -n sriov0 -c pci-sriov ${NODE} <sriov0-if-uuid> -N <num_vfs>
-        ~(keystone_admin)$ system host-if-modify -m 1500 -n sriov1 -c pci-sriov ${NODE} <sriov1-if-uuid> -N <num_vfs>
-
-        # If not already created, create Data Networks that the 'pci-sriov'
-        # interfaces will be connected to
-        ~(keystone_admin)$ DATANET0='datanet0'
-        ~(keystone_admin)$ DATANET1='datanet1'
-        ~(keystone_admin)$ system datanetwork-add ${DATANET0} vlan
-        ~(keystone_admin)$ system datanetwork-add ${DATANET1} vlan
-
-        # Assign Data Networks to PCI-SRIOV Interfaces
-        ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} <sriov0-if-uuid> ${DATANET0}
-        ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} <sriov1-if-uuid> ${DATANET1}
-
-
-   * **For Kubernetes Only:** To enable using |SRIOV| network attachments for
-     the above interfaces in Kubernetes hosted application containers:
-
-     .. only:: starlingx
-
-        .. tabs::
-
-           .. group-tab:: Bare Metal
-
-              .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-                  :start-after: begin-config-controller-0-OS-k8s-sriov-dx
-                  :end-before: end-config-controller-0-OS-k8s-sriov-dx
-
-           .. group-tab:: Virtual
-
-              Configure the Kubernetes |SRIOV| device plugin.
-
-              .. code-block:: none
-
-                 ~(keystone_admin)$ system host-label-assign controller-0 sriovdp=enabled
-
-     .. only:: partner
-
-        .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-            :start-after: begin-config-controller-0-OS-k8s-sriov-dx
-            :end-before: end-config-controller-0-OS-k8s-sriov-dx
-
-
-***************************************************************
-If required, initialize a Ceph-based Persistent Storage Backend
-***************************************************************
-
-A persistent storage backend is required if your application requires |PVCs|.
-
-.. only:: openstack
-
-    .. important::
-
-       The StarlingX OpenStack application **requires** |PVCs|.
-
-.. only:: starlingx
-
-    There are two options for persistent storage backend: the host-based Ceph
-    solution and the Rook container-based Ceph solution.
-
-For host-based Ceph:
-
-#. Initialize with add ceph backend:
-
-   ::
-
-      ~(keystone_admin)$ system storage-backend-add ceph --confirmed
-
-#. Add an |OSD| on controller-0 for host-based Ceph:
-
-   .. code-block:: bash
-
-      # List host’s disks and identify disks you want to use for CEPH OSDs, taking note of their UUID
-      # By default, /dev/sda is being used as system disk and can not be used for OSD.
-      ~(keystone_admin)$ system host-disk-list controller-0
-
-      # Add disk as an OSD storage
-      ~(keystone_admin)$ system host-stor-add controller-0 osd <disk-uuid>
-
-      # List OSD storage devices
-      ~(keystone_admin)$ system host-stor-list controller-0
-
-.. only:: starlingx
-
-   For Rook container-based Ceph:
-
-   #. Initialize with add ceph-rook backend:
-
-      ::
-
-         ~(keystone_admin)$ system storage-backend-add ceph-rook --confirmed
-
-   #. Assign Rook host labels to controller-0 in support of installing the
-      rook-ceph-apps manifest/helm-charts later:
-
-      ::
-
-         ~(keystone_admin)$ system host-label-assign controller-0 ceph-mon-placement=enabled
-         ~(keystone_admin)$ system host-label-assign controller-0 ceph-mgr-placement=enabled
-
-
--------------------
-Unlock controller-0
--------------------
-
-.. include:: aio_simplex_install_kubernetes.rst
-   :start-after: incl-unlock-controller-0-aio-simplex-start:
-   :end-before: incl-unlock-controller-0-aio-simplex-end:
-
-.. only:: openstack
-
-   *  **For OpenStack Only** Due to the additional OpenStack services’
-      containers running on the controller host, the size of the Docker
-      filesystem needs to be increased from the default size of 30G to 60G.
-
-
-      .. code-block:: bash
-
-          # check existing size of docker fs
-          ~(keystone_admin)$ system host-fs-list controller-0
-          # check available space (Avail Size (GiB)) in cgts-vg LVG where docker fs is located
-          ~(keystone_admin)$ system host-lvg-list controller-0
-          # if existing docker fs size + cgts-vg available space is less than
-          # 80G, you will need to add a new disk to cgts-vg.
-
-             # Get device path of BOOT DISK
-             ~(keystone_admin)$ system host-show controller-0 | fgrep rootfs
-
-             # Get UUID of ROOT DISK by listing disks
-             ~(keystone_admin)$ system host-disk-list controller-0
-
-             # Add new disk to 'cgts-vg' local volume group
-             ~(keystone_admin)$ system host-pv-add controller-0 cgts-vg <DISK_UUID>
-             ~(keystone_admin)$ sleep 10    # wait for disk to be added
-
-             # Confirm the available space and increased number of physical
-             # volumes added to the cgts-vg colume group
-             ~(keystone_admin)$ system host-lvg-list controller-0
-
-             # Increase docker filesystem to 60G
-             ~(keystone_admin)$ system host-fs-modify controller-0 docker=60
-
--------------------------------------
-Install software on controller-1 node
--------------------------------------
-
-#. Power on the controller-1 server.
-
-   .. only:: starlingx
-
-      .. tabs::
-
-         .. group-tab:: Bare Metal
-
-            .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-               :start-after: begin-power-on-controller-1-server-dx
-               :end-before: end-power-on-controller-1-server-dx
-
-         .. group-tab:: Virtual
-
-            #. On the host, power on the controller-1 virtual server,
-               ``duplex-controller-1``. It will automatically attempt to
-               network boot over the management network:
-
-            .. code-block:: none
-
-               $ virsh start duplex-controller-1
-
-            #. Attach to the console of virtual controller-1:
-
-            .. code-block:: none
-
-               $ virsh console duplex-controller-1
-
-   .. only:: partner
-
-      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-         :start-after: begin-power-on-controller-1-server-dx
-         :end-before: end-power-on-controller-1-server-dx
-
-   As controller-1 boots, a message appears on its console instructing you to
-   configure the personality of the node.
-
-#. On the console of controller-0, list hosts to see newly discovered
-   controller-1 host (hostname=None):
-
-   ::
-
-      ~(keystone_admin)$ system host-list
-      +----+--------------+-------------+----------------+-------------+--------------+
-      | id | hostname     | personality | administrative | operational | availability |
-      +----+--------------+-------------+----------------+-------------+--------------+
-      | 1  | controller-0 | controller  | unlocked       | enabled     | available    |
-      | 2  | None         | None        | locked         | disabled    | offline      |
-      +----+--------------+-------------+----------------+-------------+--------------+
-
-#. Using the host id, set the personality of this host to 'controller':
-
-   ::
-
-      ~(keystone_admin)$ system host-update 2 personality=controller
-
-#. Wait for the software installation on controller-1 to complete, for
-   controller-1 to reboot, and for controller-1 to show as
-   locked/disabled/online in 'system host-list'.
-
-   This can take 5-10 minutes, depending on the performance of the host machine.
-
-   ::
-
-      ~(keystone_admin)$ system host-list
-      +----+--------------+-------------+----------------+-------------+--------------+
-      | id | hostname     | personality | administrative | operational | availability |
-      +----+--------------+-------------+----------------+-------------+--------------+
-      | 1  | controller-0 | controller  | unlocked       | enabled     | available    |
-      | 2  | controller-1 | controller  | locked         | disabled    | online       |
-      +----+--------------+-------------+----------------+-------------+--------------+
-
-----------------------
-Configure controller-1
-----------------------
-
-#. Configure the |OAM| interface of controller-1 and specify the attached
-   network of "oam".
-
-   .. only:: starlingx
-
-      .. tabs::
-
-         .. group-tab:: Bare Metal
-
-            .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-               :start-after: begin-config-controller-1-server-oam-dx
-               :end-before: end-config-controller-1-server-oam-dx
-
-         .. group-tab:: Virtual
-
-            .. code-block:: none
-
-               ~(keystone_admin)$ OAM_IF=enp7s1
-               ~(keystone_admin)$ system host-if-modify controller-1 $OAM_IF -c platform
-               ~(keystone_admin)$ system interface-network-assign controller-1 $OAM_IF oam
-
-
-   To configure a |VLAN| or aggregated ethernet interface, see :ref:`Node
-   Interfaces <node-interfaces-index>`.
-
-   .. only:: partner
-
-      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-         :start-after: begin-config-controller-1-server-oam-dx
-         :end-before: end-config-controller-1-server-oam-dx
-
-#. The MGMT interface is partially set up by the network install procedure;
-   configuring the port used for network install as the MGMT port and
-   specifying the attached network of "mgmt".
-
-   Complete the MGMT interface configuration of controller-1 by specifying the
-   attached network of "cluster-host".
-
-   ::
-
-      ~(keystone_admin)$ system interface-network-assign controller-1 mgmt0 cluster-host
-
-.. only:: openstack
-
-   *************************************
-   OpenStack-specific host configuration
-   *************************************
-
-   .. important::
-
-      These steps are required only if the |prod-os| application
-      (|prefix|-openstack) will be installed.
-
-   #. **For OpenStack only:** Assign OpenStack host labels to controller-1 in
-      support of installing the |prefix|-openstack manifest and helm-charts later.
-
-      .. only:: starlingx
-
-         .. parsed-literal::
-
-            ~(keystone_admin)$ system host-label-assign controller-1 openstack-control-plane=enabled
-            ~(keystone_admin)$ system host-label-assign controller-1 openstack-compute-node=enabled
-            ~(keystone_admin)$ system host-label-assign controller-1 |vswitch-label|
-
-         .. note::
-
-            If you have a |NIC| that supports |SRIOV|, then you can enable it by
-            using the following:
-
-            .. code-block:: none
-
-               ~(keystone_admin)$ system host-label-assign controller-0 sriov=enabled
-
-      .. only:: partner
-
-         .. include:: /_includes/aio_duplex_install_kubernetes.rest
-            :start-after: ref2-begin
-            :end-before: ref2-end
-
-   #. **For OpenStack only:** Due to the additional openstack services running
-      on the |AIO| controller platform cores, additional cores may be required.
-
-      .. only:: starlingx
-
-         .. tabs::
-
-            .. group-tab:: Bare Metal
-
-               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-                  :start-after: begin-increase-cores-controller-1-dx
-                  :end-before: end-increase-cores-controller-1-dx
-
-            .. group-tab:: Virtual
-
-               The |VMs| being used for hosts only have 4 cores; 2 for platform
-               and 2 for |VMs|; there are not additional cores available
-               for platform in this scenario.
-
-      .. only:: partner
-
-         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-            :start-after: begin-increase-cores-controller-1-dx
-            :end-before: end-increase-cores-controller-1-dx
-
-   #. Due to the additional openstack services' containers running on the
-      controller host, the size of the docker filesystem needs to be
-      increased from the default size of 30G to 60G.
-
-      .. code-block:: bash
-
-          # check existing size of docker fs
-          ~(keystone_admin)$ system host-fs-list controller-1
-          # check available space (Avail Size (GiB)) in cgts-vg LVG where docker fs is located
-          ~(keystone_admin)$ system host-lvg-list controller-1
-          # if existing docker fs size + cgts-vg available space is less than
-          # 80G, you will need to add a new disk to cgts-vg.
-
-             # Get device path of BOOT DISK
-             ~(keystone_admin)$ system host-show controller-1 | fgrep rootfs
-
-             # Get UUID of ROOT DISK by listing disks
-             ~(keystone_admin)$ system host-disk-list controller-1
-
-             # Add new disk to 'cgts-vg' local volume group
-             ~(keystone_admin)$ system host-pv-add controller-1 cgts-vg <DISK_UUID>
-             ~(keystone_admin)$ sleep 10    # wait for disk to be added
-
-             # Confirm the available space and increased number of physical
-             # volumes added to the cgts-vg colume group
-             ~(keystone_admin)$ system host-lvg-list controller-1
-
-             # Increase docker filesystem to 60G
-             ~(keystone_admin)$ system host-fs-modify controller-1 docker=60
-
-   #. **For OpenStack only:** Configure the host settings for the vSwitch.
-
-      .. only:: starlingx
-
-         .. tabs::
-
-            .. group-tab:: Bare Metal
-
-               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-                  :start-after: begin-config-vswitch-controller-1-dx
-                  :end-before: end-config-vswitch-controller-1-dx
-
-            .. group-tab:: Virtual
-
-               No additional configuration is required for the OVS vswitch in
-               virtual environment.
-
-      .. only:: partner
-
-         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-            :start-after: begin-config-vswitch-controller-1-dx
-            :end-before: end-config-vswitch-controller-1-dx
-
-
-   #. **For OpenStack only:** Add an instances filesystem OR Set up a disk
-      based nova-local volume group, which is needed for |prefix|-openstack
-      nova ephemeral disks.
-
-      .. only:: starlingx
-
-         .. tabs::
-
-            .. group-tab:: Bare Metal
-
-               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-                  :start-after: begin-config-fs-controller-1-dx
-                  :end-before: end-config-fs-controller-1-dx
-
-            .. group-tab:: Virtual
-
-               Set up a ‘instances’ filesystem, which is needed for
-               stx-openstack nova ephemeral disks.
-
-               .. code-block::
-
-                  ~(keystone_admin)$ export NODE=controller-1
-                  ~(keystone_admin)$ system host-fs-add ${NODE} instances=34
-
-      .. only:: partner
-
-         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-            :start-after: begin-config-fs-controller-1-dx
-            :end-before: end-config-fs-controller-1-dx
-
-   #. **For OpenStack only:** Configure data interfaces for controller-1.
-      Data class interfaces are vswitch interfaces used by vswitch to provide
-      |VM| virtio vNIC connectivity to OpenStack Neutron Tenant Networks on the
-      underlying assigned Data Network.
-
-      .. important::
-
-         A compute-labeled All-in-one controller host **MUST** have at least
-         one Data class interface.
-
-      * Configure the data interfaces for controller-1.
-
-        .. only:: starlingx
-
-           .. tabs::
-
-              .. group-tab:: Bare Metal
-
-                 .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-                    :start-after: begin-config-data-interfaces-controller-1-dx
-                    :end-before: end-config-data-interfaces-controller-1-dx
-
-              .. group-tab:: Virtual
-
-                 .. code-block:: bash
-
-                    ~(keystone_admin)$ DATA0IF=eth1000
-                    ~(keystone_admin)$ DATA1IF=eth1001
-                    ~(keystone_admin)$ export NODE=controller-1
-                    ~(keystone_admin)$ PHYSNET0='physnet0'
-                    ~(keystone_admin)$ PHYSNET1='physnet1'
-                    ~(keystone_admin)$ SPL=/tmp/tmp-system-port-list
-                    ~(keystone_admin)$ SPIL=/tmp/tmp-system-host-if-list
-                    ~(keystone_admin)$ system host-port-list ${NODE} --nowrap > ${SPL}
-                    ~(keystone_admin)$ system host-if-list -a ${NODE} --nowrap > ${SPIL}
-                    ~(keystone_admin)$ DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}')
-                    ~(keystone_admin)$ DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}')
-                    ~(keystone_admin)$ DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}')
-                    ~(keystone_admin)$ DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}')
-                    ~(keystone_admin)$ DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}')
-                    ~(keystone_admin)$ DATA1PORTNAME=$(cat  $SPL | grep ${DATA1PCIADDR} | awk '{print $4}')
-                    ~(keystone_admin)$ DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}')
-                    ~(keystone_admin)$ DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}')
-
-                    ~(keystone_admin)$ system datanetwork-add ${PHYSNET0} vlan
-                    ~(keystone_admin)$ system datanetwork-add ${PHYSNET1} vlan
-
-                    ~(keystone_admin)$ system host-if-modify -m 1500 -n data0 -c data ${NODE} ${DATA0IFUUID}
-                    ~(keystone_admin)$ system host-if-modify -m 1500 -n data1 -c data ${NODE} ${DATA1IFUUID}
-                    ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} ${DATA0IFUUID} ${PHYSNET0}
-                    ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} ${DATA1IFUUID} ${PHYSNET1}
-
-      .. only:: partner
-
-         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-            :start-after: begin-config-data-interfaces-controller-1-dx
-            :end-before: end-config-data-interfaces-controller-1-dx
-
-
-*****************************************
-Optionally Configure PCI-SRIOV Interfaces
-*****************************************
-
-#. **Optionally**, configure |PCI|-|SRIOV| interfaces for controller-1.
-
-   This step is **optional** for Kubernetes. Do this step if using |SRIOV|
-   network attachments in hosted application containers.
-
-   .. only:: openstack
-
-      This step is **optional** for OpenStack. Do this step if using |SRIOV|
-      vNICs in hosted application VMs. Note that |PCI|-|SRIOV| interfaces can
-      have the same Data Networks assigned to them as vswitch data interfaces.
-
-
-   * Configure the |PCI|-|SRIOV| interfaces for controller-1.
-
-     .. code-block:: bash
-
-        ~(keystone_admin)$ export NODE=controller-1
-
-        # List inventoried host’s ports and identify ports to be used as ‘pci-sriov’ interfaces,
-        # based on displayed linux port name, pci address and device type.
-        ~(keystone_admin)$ system host-port-list ${NODE}
-
-        # List host’s auto-configured 'ethernet' interfaces,
-        # find the interfaces corresponding to the ports identified in previous step, and
-        # take note of their UUID
-        ~(keystone_admin)$ system host-if-list -a ${NODE}
-
-        # Modify configuration for these interfaces
-        # Configuring them as 'pci-sriov' class interfaces, MTU of 1500 and named sriov#
-        ~(keystone_admin)$ system host-if-modify -m 1500 -n sriov0 -c pci-sriov ${NODE} <sriov0-if-uuid> -N <num_vfs>
-        ~(keystone_admin)$ system host-if-modify -m 1500 -n sriov1 -c pci-sriov ${NODE} <sriov1-if-uuid> -N <num_vfs>
-
-        # If not already created, create Data Networks that the 'pci-sriov' interfaces
-        # will be connected to
-        ~(keystone_admin)$ DATANET0='datanet0'
-        ~(keystone_admin)$ DATANET1='datanet1'
-
-        # Assign Data Networks to PCI-SRIOV Interfaces
-        ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} <sriov0-if-uuid> ${DATANET0}
-        ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} <sriov1-if-uuid> ${DATANET1}
-
-
-   * **For Kubernetes only:** To enable using |SRIOV| network attachments for
-     the above interfaces in Kubernetes hosted application containers:
-
-     .. only:: starlingx
-
-        .. tabs::
-
-           .. group-tab:: Bare Metal
-
-              .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-                 :start-after: begin-config-k8s-sriov-controller-1-dx
-                 :end-before: end-config-k8s-sriov-controller-1-dx
-
-           .. group-tab:: Virtual
-
-              Configure the Kubernetes SR-IOV device plugin.
-
-              .. code-block:: none
-
-                 ~(keystone_admin)$ system host-label-assign controller-1 sriovdp=enabled
-
-
-   .. only:: partner
-
-      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
-         :start-after: begin-config-k8s-sriov-controller-1-dx
-         :end-before: end-config-k8s-sriov-controller-1-dx
-
-***************************************************************************************
-If configuring a Ceph-based Persistent Storage Backend, configure host-specific details
-***************************************************************************************
-
-For host-based Ceph:
-
-#. Add an |OSD| on controller-1 for host-based Ceph:
-
-   .. code-block:: bash
-
-      # List host’s disks and identify disks you want to use for CEPH OSDs, taking note of their UUID
-      # By default, /dev/sda is being used as system disk and can not be used for OSD.
-      ~(keystone_admin)$ system host-disk-list controller-1
-
-      # Add disk as an OSD storage
-      ~(keystone_admin)$ system host-stor-add controller-1 osd <disk-uuid>
-
-      # List OSD storage devices
-      ~(keystone_admin)$ system host-stor-list controller-1
-
-   .. only:: starlingx
-
-      For Rook container-based Ceph:
-
-      #. Assign Rook host labels to controller-1 in support of installing the
-         rook-ceph-apps manifest/helm-charts later:
-
-      .. code-block:: bash
-
-         ~(keystone_admin)$ system host-label-assign controller-1 ceph-mon-placement=enabled
-         ~(keystone_admin)$ ~(keystone_admin)$ system host-label-assign controller-1 ceph-mgr-placement=enabled
-
-
--------------------
-Unlock controller-1
--------------------
-
-Unlock controller-1 in order to bring it into service:
-
-.. code-block:: bash
-
-  system host-unlock controller-1
-
-Controller-1 will reboot in order to apply configuration changes and come into
-service. This can take 5-10 minutes, depending on the performance of the host
-machine.
-
-.. only:: starlingx
-
-   -----------------------------------------------------------------------------------------------
-   If using Rook container-based Ceph, finish configuring the ceph-rook Persistent Storage Backend
-   -----------------------------------------------------------------------------------------------
-
-   For Rook container-based Ceph:
-
-   On active controller:
-
-   #. Wait for the ``rook-ceph-apps`` application to be uploaded
-
-      ::
-
-        ~(keystone_admin)$  source /etc/platform/openrc
-        ~(keystone_admin)$  system application-list
-        +---------------------+---------+-------------------------------+---------------+----------+-----------+
-        | application         | version | manifest name                 | manifest file | status   | progress  |
-        +---------------------+---------+-------------------------------+---------------+----------+-----------+
-        | oidc-auth-apps      | 1.0-0   | oidc-auth-manifest            | manifest.yaml | uploaded | completed |
-        | platform-integ-apps | 1.0-8   | platform-integration-manifest | manifest.yaml | uploaded | completed |
-        | rook-ceph-apps      | 1.0-1   | rook-ceph-manifest            | manifest.yaml | uploaded | completed |
-        +---------------------+---------+-------------------------------+---------------+----------+-----------+
-
-   #. Configure Rook to use /dev/sdb on controller-0 and controller-1 as a ceph
-      |OSD|.
-
-      .. code-block:: bash
-
-         ~(keystone_admin)$ system host-disk-wipe -s --confirm controller-0 /dev/sdb
-         ~(keystone_admin)$ system host-disk-wipe -s --confirm controller-1 /dev/sdb
-
-      ``values.yaml`` for rook-ceph-apps.
-
-      .. code-block:: yaml
-
-       cluster:
-         storage:
-           nodes:
-           - name: controller-0
-             devices:
-             - name: /dev/disk/by-path/pci-0000:00:03.0-ata-2.0
-           - name: controller-1
-             devices:
-             - name: /dev/disk/by-path/pci-0000:00:03.0-ata-2.0
-
-      ::
-
-       ~(keystone_admin)$ system helm-override-update rook-ceph-apps rook-ceph kube-system --values values.yaml
-
-   #. Apply the rook-ceph-apps application.
-
-      ::
-
-       ~(keystone_admin)$ system application-apply rook-ceph-apps
-
-   #. Wait for |OSDs| pod to be ready.
-
-      ::
-
-        ~(keystone_admin)$ kubectl get pods -n kube-system
-        rook-ceph-crashcollector-controller-0-f984688ff-jsr8t    1/1     Running     0          4m9s
-        rook-ceph-crashcollector-controller-1-7f9b6f55b6-699bb   1/1     Running     0          2m5s
-        rook-ceph-mgr-a-7f9d588c5b-49cbg                         1/1     Running     0          3m5s
-        rook-ceph-mon-a-75bcbd8664-pvq99                         1/1     Running     0          4m27s
-        rook-ceph-mon-b-86c67658b4-f4snf                         1/1     Running     0          4m10s
-        rook-ceph-mon-c-7f48b58dfb-4nx2n                         1/1     Running     0          3m30s
-        rook-ceph-operator-77b64588c5-bhfg7                      1/1     Running     0          7m6s
-        rook-ceph-osd-0-6949657cf7-dkfp2                         1/1     Running     0          2m6s
-        rook-ceph-osd-1-5d4b58cf69-kdg82                         1/1     Running     0          2m4s
-        rook-ceph-osd-prepare-controller-0-wcvsn                 0/1     Completed   0          2m27s
-        rook-ceph-osd-prepare-controller-1-98h76                 0/1     Completed   0          2m26s
-        rook-ceph-tools-5778d7f6c-2h8s8                          1/1     Running     0          5m55s
-        rook-discover-xc22t                                      1/1     Running     0          6m2s
-        rook-discover-xndld                                      1/1     Running     0          6m2s
-        storage-init-rook-ceph-provisioner-t868q                 0/1     Completed   0          108s
-
-
-.. include:: /_includes/bootstrapping-and-deploying-starlingx.rest
-
-.. _extend-dx-with-workers:
-
---------------------------------------------
-Optionally Extend Capacity with Worker Nodes
---------------------------------------------
-
-.. include:: /shared/_includes/aio_duplex_extend.rest
-   :start-after: start-aio-duplex-extend
-   :end-before: end-aio-duplex-extend
-
-.. only:: starlingx
-
-   ----------
-   Next steps
-   ----------
-
-   .. include:: /_includes/kubernetes_install_next.txt
-
-
-.. only:: partner
-
-   .. include:: /_includes/72hr-to-license.rest
-
-
-Complete system configuration by reviewing procedures in:
-
-- :ref:`index-security-kub-81153c1254c3`
-- :ref:`index-sysconf-kub-78f0e1e9ca5a`
-- :ref:`index-admintasks-kub-ebc55fefc368`
-
+.. include:: /_vendor/rl-strings.txt
+
+.. include:: /_stx-related-links/installation-prereqs.rln 
+   :start-after: begin-rls
+   :end-before: end-rls
+
+
+.. Greg updates required for -High Security Vulnerability Document Updates
+
+.. _aio_duplex_install_kubernetes_r7:
+
+================================================
+Install Kubernetes Platform on All-in-one Duplex
+================================================
+
+
+.. only:: partner
+
+   .. include:: /_includes/install-kubernetes-null-labels.rest
+
+.. contents:: |minitoc|
+   :local:
+   :depth: 1
+
+--------
+Overview
+--------
+
+.. _aiodx-installation-prereqs:
+
+.. include:: /shared/_includes/desc_aio_duplex.txt
+
+.. include:: /_includes/automated-install-note--09dff208a9c6.rest 
+
+.. _installation-prereqs-dx:
+
+-----------------------------
+Minimum hardware requirements
+-----------------------------
+
+.. only:: starlingx
+
+   .. tabs::
+
+      .. group-tab:: Bare Metal
+
+         .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
+            :start-after: begin-min-hw-reqs-dx
+            :end-before: end-min-hw-reqs-dx
+
+      .. group-tab:: Virtual
+
+         The following sections describe system requirements and host setup for
+         a workstation hosting virtual machine(s) where StarlingX will be
+         deployed; i.e., a |VM| for each StarlingX node (controller,
+         AIO-controller, worker or storage node).
+
+         .. rubric:: **Hardware requirements**
+
+         The host system should have at least:
+
+         * **Processor:** x86_64 only supported architecture with BIOS enabled
+           hardware virtualization extensions
+
+         * **Cores:** 8
+
+         * **Memory:** 32GB RAM
+
+         * **Hard Disk:** 500GB HDD
+
+         * **Network:** One network adapter with active Internet connection
+
+         .. rubric:: **Software requirements**
+
+         The host system should have at least:
+
+         * A workstation computer with Ubuntu 16.04 LTS 64-bit
+
+         All other required packages will be installed by scripts in the
+         StarlingX tools repository.
+
+         .. rubric:: **Host setup**
+
+         Set up the host with the following steps:
+
+         #. Update OS:
+
+            ::
+
+             apt-get update
+
+         #. Clone the StarlingX tools repository:
+
+            ::
+
+             apt-get install -y git
+             cd $HOME
+             git clone https://opendev.org/starlingx/virtual-deployment.git
+
+         #. Install required packages:
+
+            ::
+
+             cd $HOME/virtual-deployment/libvirt
+             bash install_packages.sh
+             apt install -y apparmor-profiles
+             apt-get install -y ufw
+             ufw disable
+             ufw status
+
+
+            .. note::
+
+               On Ubuntu 16.04, if apparmor-profile modules were installed as
+               shown in the example above, you must reboot the server to fully
+               install the apparmor-profile modules.
+
+.. only:: partner
+
+   .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
+      :start-after: begin-min-hw-reqs-dx
+      :end-before: end-min-hw-reqs-dx
+
+--------------------------
+Installation Prerequisites
+--------------------------
+
+.. only:: starlingx
+
+   .. tabs::
+
+      .. group-tab:: Bare Metal
+
+         .. include:: /shared/_includes/installation-prereqs.rest
+            :start-after: begin-install-prereqs
+            :end-before: end-install-prereqs
+
+      .. group-tab:: Virtual
+
+         Several pre-requisites must be completed prior to starting the |prod|
+         installation.
+
+         Before attempting to install |prod|, ensure that you have the the
+         |prod| host installer ISO image file.
+
+         Get the latest |prod| ISO from the `StarlingX mirror
+         <https://mirror.starlingx.cengn.ca/mirror/starlingx/release/latest_release/debian/monolithic/outputs/iso/>`__.
+         Alternately, you can get an older release ISO from `here <https://mirror.starlingx.cengn.ca/mirror/starlingx/release/>`__.
+
+
+.. only:: partner
+
+   .. include:: /shared/_includes/installation-prereqs.rest
+      :start-after: begin-install-prereqs
+      :end-before: end-install-prereqs
+
+--------------------------------
+Prepare Servers for Installation
+--------------------------------
+
+.. only:: starlingx
+
+   .. tabs::
+
+      .. group-tab:: Bare Metal
+
+         .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
+            :start-after: start-prepare-servers-common
+            :end-before: end-prepare-servers-common
+
+      .. group-tab:: Virtual
+
+         .. note::
+
+             The following commands for host, virtual environment setup, and
+             host power-on use KVM/virsh for virtual machine and |VM|
+             management technology. For an alternative virtualization
+             environment, see: :ref:`install_virtualbox`.
+
+         #. Prepare virtual environment.
+
+            Set up the virtual platform networks for virtual deployment:
+
+            .. code-block:: none
+
+               bash setup_network.sh
+
+         #. Prepare virtual servers.
+
+            .. note::
+
+                The following commands for host, virtual environment setup, and
+                host power-on use KVM / virsh for virtual machine and |VM|
+                management technology. For an alternative virtualization
+                environment, see: :ref:`install_virtualbox`.
+
+            #. Prepare virtual environment.
+
+               Set up the virtual platform networks for virtual deployment:
+
+               ::
+
+                 bash setup_network.sh
+
+            #. Prepare virtual servers.
+
+               Create the XML definitions for the virtual servers required by
+               this configuration option. This will create the XML virtual
+               server definition for:
+
+               * duplex-controller-0
+               * duplex-controller-1
+
+               The following command will start/virtually power on:
+
+               * The 'duplex-controller-0' virtual server
+               * The X-based graphical virt-manager application
+
+               ::
+
+                 bash setup_configuration.sh -c duplex -i ./bootimage.iso
+
+               If there is no X-server present errors will occur and the
+               X-based GUI for the virt-manager application will not start. The
+               virt-manager GUI is not absolutely required and you can safely
+               ignore errors and continue.
+
+.. only:: partner
+
+   .. include:: /shared/_includes/prepare-servers-for-installation-91baad307173.rest
+      :start-after: start-prepare-servers-common
+      :end-before: end-prepare-servers-common
+
+--------------------------------
+Install Software on Controller-0
+--------------------------------
+
+.. only:: starlingx
+
+   .. tabs::
+
+      .. group-tab:: Bare Metal
+
+        .. include:: /shared/_includes/inc-install-software-on-controller.rest
+           :start-after: incl-install-software-controller-0-aio-start
+           :end-before: incl-install-software-controller-0-aio-end
+
+      .. group-tab:: Virtual
+
+         In the last step of :ref:`aio_duplex_environ`, the controller-0
+         virtual server 'duplex-controller-0' was started by the
+         :command:`setup_configuration.sh` command.
+
+         On the host, attach to the console of virtual controller-0 and select the
+         appropriate installer menu options to start the non-interactive install of
+         StarlingX software on controller-0.
+
+         .. note::
+
+            When entering the console, it is very easy to miss the first
+            installer menu selection. Use ESC to navigate to previous menus, to
+            ensure you are at the first installer menu.
+
+         ::
+
+           virsh console duplex-controller-0
+
+         Make the following menu selections in the installer:
+
+         #. First menu: Select 'All-in-one Controller Configuration'
+         #. Second menu: Select 'Serial Console'
+
+         Wait for the non-interactive install of software to complete and for
+         the server to reboot. This can take 5-10 minutes, depending on the
+         performance of the host machine.
+
+.. only:: partner
+
+   .. include:: /shared/_includes/inc-install-software-on-controller.rest
+      :start-after: incl-install-software-controller-0-aio-start
+      :end-before: incl-install-software-controller-0-aio-end
+
+--------------------------------
+Bootstrap system on controller-0
+--------------------------------
+
+#. Login using the username / password of "sysadmin" / "sysadmin".
+   When logging in for the first time, you will be forced to change the
+   password.
+
+   ::
+
+      Login: sysadmin
+      Password:
+      Changing password for sysadmin.
+      (current) UNIX Password: sysadmin
+      New Password:
+      (repeat) New Password:
+
+#. Verify and/or configure IP connectivity.
+
+   .. only:: starlingx
+
+      .. tabs::
+
+         .. group-tab:: Bare Metal
+
+            .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+               :start-after: begin-aio-dx-install-verify-ip-connectivity
+               :end-before: end-aio-dx-install-verify-ip-connectivity
+
+         .. group-tab:: Virtual
+
+            External connectivity is required to run the Ansible bootstrap
+            playbook.
+
+            .. code-block:: bash
+
+               export CONTROLLER0_OAM_CIDR=10.10.10.3/24
+               export DEFAULT_OAM_GATEWAY=10.10.10.1
+               sudo ip address add $CONTROLLER0_OAM_CIDR dev enp7s1
+               sudo ip link set up dev enp7s1
+               sudo ip route add default via $DEFAULT_OAM_GATEWAY dev enp7s1
+
+   .. only:: partner
+
+      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+         :start-after: begin-aio-dx-install-verify-ip-connectivity
+         :end-before: end-aio-dx-install-verify-ip-connectivity
+
+
+#. Specify user configuration overrides for the Ansible bootstrap playbook.
+
+   Ansible is used to bootstrap |prod| on controller-0. Key files for
+   Ansible configuration are:
+
+   ``/etc/ansible/hosts``
+      The default Ansible inventory file. Contains a single host: localhost.
+
+   ``/usr/share/ansible/stx-ansible/playbooks/bootstrap.yml``
+      The Ansible bootstrap playbook.
+
+   ``/usr/share/ansible/stx-ansible/playbooks/host_vars/bootstrap/default.yml``
+      The default configuration values for the bootstrap playbook.
+
+   ``sysadmin home directory ($HOME)``
+      The default location where Ansible looks for and imports user
+      configuration override files for hosts. For example:
+      ``$HOME/<hostname>.yml``.
+
+   .. only:: starlingx
+
+      .. include:: /shared/_includes/ansible_install_time_only.txt
+
+   Specify the user configuration override file for the Ansible bootstrap
+   playbook using one of the following methods:
+
+   .. note::
+
+      This Ansible Overrides file for the Bootstrap Playbook ($HOME/localhost.yml)
+      contains security sensitive information, use the
+      :command:`ansible-vault create $HOME/localhost.yml` command to create it.
+      You will be prompted for a password to protect/encrypt the file.
+      Use the :command:`ansible-vault edit $HOME/localhost.yml` command if the
+      file needs to be edited after it is created.
+
+   #. Use a copy of the default.yml file listed above to provide your overrides.
+
+      The default.yml file lists all available parameters for bootstrap
+      configuration with a brief description for each parameter in the file
+      comments.
+
+      To use this method, run the :command:`ansible-vault create $HOME/localhost.yml`
+      command and copy the contents of the ``default.yml`` file into the
+      ansible-vault editor, and edit the configurable values as required.
+
+   #. Create a minimal user configuration override file.
+
+      To use this method, create your override file with
+      the :command:`ansible-vault create $HOME/localhost.yml`
+      command and provide the minimum required parameters for the deployment
+      configuration as shown in the example below. Use the OAM IP SUBNET and IP
+      ADDRESSing applicable to your deployment environment.
+
+      .. include:: /shared/_includes/quotation-marks-in-keystone-password.rest
+
+      .. include:: /_includes/min-bootstrap-overrides-non-simplex.rest
+
+
+      .. only:: starlingx
+
+         In either of the above options, the bootstrap playbook’s default values
+         will pull all container images required for the |prod-p| from Docker hub.
+
+         If you have setup a private Docker registry to use for bootstrapping
+         then you will need to add the following lines in $HOME/localhost.yml:
+
+      .. only:: partner
+
+         .. include:: /_includes/install-kubernetes-bootstrap-playbook.rest
+            :start-after: docker-reg-begin
+            :end-before: docker-reg-end
+
+      .. code-block:: yaml
+
+         docker_registries:
+           quay.io:
+              url: myprivateregistry.abc.com:9001/quay.io
+           docker.elastic.co:
+              url: myprivateregistry.abc.com:9001/docker.elastic.co
+           gcr.io:
+              url: myprivateregistry.abc.com:9001/gcr.io
+           ghcr.io:
+              url: myprivateregistry.abc.com:9001/ghcr.io
+           k8s.gcr.io:
+              url: myprivateregistry.abc.com:9001/k8s.gcr.io
+           docker.io:
+              url: myprivateregistry.abc.com:9001/docker.io
+           registry.k8s.io:
+              url: myprivateregistry.abc.com:9001/registry.k8s.io
+           icr.io:
+              url: myprivateregistry.abc.com:9001/icr.io
+           defaults:
+              type: docker
+              username: <your_myprivateregistry.abc.com_username>
+              password: <your_myprivateregistry.abc.com_password>
+
+         # Add the CA Certificate that signed myprivateregistry.abc.com’s
+         # certificate as a Trusted CA
+         ssl_ca_cert: /home/sysadmin/myprivateregistry.abc.com-ca-cert.pem
+
+      See :ref:`Use a Private Docker Registry <use-private-docker-registry-r7>`
+      for more information.
+
+      .. only:: starlingx
+
+         If a firewall is blocking access to Docker hub or your private
+         registry from your StarlingX deployment, you will need to add the
+         following lines in $HOME/localhost.yml  (see |docker_proxy_config| for
+         more details about Docker proxy settings):
+
+      .. only:: partner
+
+         .. include:: /_includes/install-kubernetes-bootstrap-playbook.rest
+            :start-after: firewall-begin
+            :end-before: firewall-end
+
+      .. code-block:: bash
+
+         # Add these lines to configure Docker to use a proxy server
+         docker_http_proxy: http://my.proxy.com:1080
+         docker_https_proxy: https://my.proxy.com:1443
+         docker_no_proxy:
+            - 1.2.3.4
+
+
+      Refer to :ref:`Ansible Bootstrap Configurations <ansible_bootstrap_configs_r7>`
+      for information on additional Ansible bootstrap configurations for advanced
+      Ansible bootstrap scenarios.
+
+#. Run the Ansible bootstrap playbook:
+
+   .. include:: /shared/_includes/ntp-update-note.rest
+
+   ::
+
+      ansible-playbook --ask-vault-pass /usr/share/ansible/stx-ansible/playbooks/bootstrap.yml
+
+   Wait for Ansible bootstrap playbook to complete. This can take 5-10 minutes,
+   depending on the performance of the host machine.
+
+----------------------
+Configure controller-0
+----------------------
+
+#. Acquire admin credentials:
+
+   ::
+
+     source /etc/platform/openrc
+
+#. Configure the |OAM| interface of controller-0 and specify the
+   attached network as "oam".
+
+   .. only:: starlingx
+
+      .. tabs::
+
+         .. group-tab:: Bare Metal
+
+            .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+               :start-after: begin-config-controller-0-oam-interface-dx
+               :end-before: end-config-controller-0-oam-interface-dx
+
+         .. group-tab:: Virtual
+
+            .. code-block:: none
+
+               ~(keystone_admin)$ OAM_IF=enp7s1
+               ~(keystone_admin)$ system host-if-modify controller-0 $OAM_IF -c platform
+               ~(keystone_admin)$ system interface-network-assign controller-0 $OAM_IF oam
+
+   .. only:: partner
+
+      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+         :start-after: begin-config-controller-0-oam-interface-dx
+         :end-before: end-config-controller-0-oam-interface-dx
+
+   To configure a |VLAN| or aggregated ethernet interface, see
+   |node-interfaces-index|.
+
+#. Configure the MGMT interface of controller-0 and specify the attached
+   networks of both "mgmt" and "cluster-host".
+
+   .. only:: starlingx
+
+      .. tabs::
+
+         .. group-tab:: Bare Metal
+
+            .. begin-config-controller-0-mgmt-interface-dx
+
+            The following example configures the MGMT interface on a physical
+            untagged ethernet port. Use the MGMT port name that is applicable
+            to your deployment environment, for example ``eth1``:
+
+            .. code-block:: none
+
+               ~(keystone_admin)$ MGMT_IF=<MGMT-PORT>
+               ~(keystone_admin)$ system host-if-modify controller-0 lo -c none
+               ~(keystone_admin)$ IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}')
+               ~(keystone_admin)$ for UUID in $IFNET_UUIDS; do \
+                   system interface-network-remove ${UUID} \
+               done
+               ~(keystone_admin)$ system host-if-modify controller-0 $MGMT_IF -c platform
+               ~(keystone_admin)$ system interface-network-assign controller-0 $MGMT_IF mgmt
+               ~(keystone_admin)$ system interface-network-assign controller-0 $MGMT_IF cluster-host
+
+
+            .. end-config-controller-0-mgmt-interface-dx
+
+         .. group-tab:: Virtual
+
+            .. code-block:: none
+
+               ~(keystone_admin)$ MGMT_IF=enp7s2
+               ~(keystone_admin)$ system host-if-modify controller-0 lo -c none
+               ~(keystone_admin)$ IFNET_UUIDS=$(system interface-network-list controller-0 | awk '{if ($6=="lo") print $4;}')
+               ~(keystone_admin)$ for UUID in $IFNET_UUIDS; do \
+                   system interface-network-remove ${UUID} \
+               done
+               ~(keystone_admin)$ system host-if-modify controller-0 $MGMT_IF -c platform
+               ~(keystone_admin)$ system interface-network-assign controller-0 $MGMT_IF mgmt
+               ~(keystone_admin)$ system interface-network-assign controller-0 $MGMT_IF cluster-host
+
+
+   .. only:: partner
+
+      .. include:: aio_duplex_install_kubernetes.rst
+         :start-after: begin-config-controller-0-mgmt-interface
+         :end-before: end-config-controller-0-mgmt-interface
+
+   To configure a vlan or aggregated ethernet interface, see
+   |node-interfaces-index|.
+
+#. Configure |NTP| servers for network time synchronization:
+
+   .. only:: starlingx
+
+      .. tabs::
+
+         .. group-tab:: Bare Metal
+
+            .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+               :start-after: begin-config-controller-0-ntp-interface-dx
+               :end-before: end-config-controller-0-ntp-interface-dx
+
+         .. group-tab:: Virtual
+
+            .. note::
+
+               In a virtual environment, this can sometimes cause Ceph clock
+               skew alarms. Also, the virtual instances clock is synchronized
+               with the host clock, so it is not absolutely required to
+               configure |NTP| in this step.
+
+            .. code-block:: none
+
+                ~(keystone_admin)$ system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org
+
+   .. only:: partner
+
+      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+         :start-after: begin-config-controller-0-ntp-interface-dx
+         :end-before: end-config-controller-0-ntp-interface-dx
+
+.. only:: openstack
+
+   *************************************
+   OpenStack-specific host configuration
+   *************************************
+
+   .. important::
+
+      These steps are required only if the StarlingX OpenStack application
+      (|prefix|-openstack) will be installed.
+
+   #. **For OpenStack only:** Assign OpenStack host labels to controller-0 in
+      support of installing the |prefix|-openstack manifest and helm-charts later.
+
+      .. only:: starlingx
+
+         .. parsed-literal::
+
+            system host-label-assign controller-0 openstack-control-plane=enabled
+            system host-label-assign controller-0 openstack-compute-node=enabled
+            system host-label-assign controller-0 |vswitch-label|
+
+         .. note::
+
+            If you have a |NIC| that supports |SRIOV|, then you can enable it by
+            using the following:
+
+            .. code-block:: none
+
+               system host-label-assign controller-0 sriov=enabled
+
+      .. only:: partner
+
+         .. include:: /_includes/aio_duplex_install_kubernetes.rest
+            :start-after: ref1-begin
+            :end-before: ref1-end
+
+   #. **For OpenStack only:** Due to the additional OpenStack services running
+      on the |AIO| controller platform cores, additional platform cores may be
+      required.
+
+      .. only:: starlingx
+
+         .. tabs::
+
+            .. group-tab:: Bare Metal
+
+               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+                  :start-after: begin-config-controller-0-OS-add-cores-dx
+                  :end-before: end-config-controller-0-OS-add-cores-dx
+
+
+            .. group-tab:: Virtual
+
+               The |VMs| being used for hosts only have 4 cores; 2 for platform
+               and 2 for |VMs|. There are no additional cores available for
+               platform in this scenario.
+
+
+      .. only:: partner
+
+         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+            :start-after: begin-config-controller-0-OS-add-cores-dx
+            :end-before: end-config-controller-0-OS-add-cores-dx
+
+   #. Due to the additional OpenStack services' containers running on the
+      controller host, the size of the Docker filesystem needs to be
+      increased from the default size of 30G to 60G.
+
+      .. code-block:: bash
+
+          # check existing size of docker fs
+          system host-fs-list controller-0
+          # check available space (Avail Size (GiB)) in cgts-vg LVG where docker fs is located
+          system host-lvg-list controller-0
+          # if existing docker fs size + cgts-vg available space is less than
+          # 80G, you will need to add a new disk to cgts-vg.
+
+             # Get device path of BOOT DISK
+             system host-show controller-0 | fgrep rootfs
+
+             # Get UUID of ROOT DISK by listing disks
+             system host-disk-list controller-0
+
+             # Add new disk to 'cgts-vg' local volume group
+             system host-pv-add controller-0 cgts-vg <DISK_UUID>
+             sleep 10    # wait for disk to be added
+
+             # Confirm the available space and increased number of physical
+             # volumes added to the cgts-vg colume group
+             system host-lvg-list controller-0
+
+          # Increase docker filesystem to 60G
+          system host-fs-modify controller-0 docker=60
+
+
+   #. **For OpenStack only:** Configure the system setting for the vSwitch.
+
+      .. only:: starlingx
+
+         .. tabs::
+
+            .. group-tab:: Bare Metal
+
+
+               |prod| has |OVS| (kernel-based) vSwitch configured as default,
+               which:
+
+               * runs in a container; defined within the helm charts of
+                 |prefix|-openstack manifest.
+
+               * shares the core(s) assigned to the platform.
+
+               If you require better performance, |OVS-DPDK| (|OVS| with the Data
+               Plane Development Kit, which is supported only on bare metal hardware)
+               should be used:
+
+               * Runs directly on the host (it is not containerized).
+                 Requires that at least 1 core be assigned/dedicated to the vSwitch
+                 function.
+
+               To deploy the default containerized |OVS|:
+
+               .. code-block:: none
+
+                    ~(keystone_admin)$ system modify --vswitch_type none
+
+               This does not run any vSwitch directly on the host, instead, it uses
+               the containerized |OVS| defined in the helm charts of
+               |prefix|-openstack manifest.
+
+               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+                  :start-after: begin-config-controller-0-OS-vswitch-dx
+                  :end-before: end-config-controller-0-OS-vswitch-dx
+
+            .. group-tab:: Virtual
+
+               The default vSwitch is the containerized |OVS| that is packaged
+               with the ``stx-openstack`` manifest/helm-charts. |prod| provides
+               the option to use OVS-DPDK on the host, however, in the virtual
+               environment OVS-DPDK is not supported, only |OVS| is supported.
+               Therefore, simply use the default |OVS| vSwitch here.
+
+      .. only:: partner
+
+         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+            :start-after: begin-config-controller-0-OS-vswitch-dx
+            :end-before: end-config-controller-0-OS-vswitch-dx
+
+
+
+   #. **For OpenStack only:** Add an instances filesystem OR set up a disk
+      based nova-local volume group, which is needed for |prefix|-openstack
+      nova ephemeral disks.
+
+      .. only:: starlingx
+
+         .. tabs::
+
+            .. group-tab:: Bare Metal
+
+               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+                  :start-after: begin-config-controller-0-OS-add-fs-dx
+                  :end-before: end-config-controller-0-OS-add-fs-dx
+
+            .. group-tab:: Virtual
+
+               Set up an "instances" filesystem, which is needed for
+               stx-openstack nova ephemeral disks.
+
+               .. code-block:: bash
+
+                  ~(keystone_admin)$ export NODE=controller-0
+                  ~(keystone_admin)$ system host-fs-add ${NODE} instances=34
+
+
+      .. only:: partner
+
+         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+            :start-after: begin-config-controller-0-OS-add-fs-dx
+            :end-before: end-config-controller-0-OS-add-fs-dx
+
+   #. **For OpenStack only:** Configure data interfaces for controller-0.
+      Data class interfaces are vswitch interfaces used by vswitch to provide
+      |VM| virtio vNIC connectivity to OpenStack Neutron Tenant Networks on the
+      underlying assigned Data Network.
+
+      .. important::
+
+         A compute-labeled All-in-one controller host **MUST** have at least
+         one Data class interface.
+
+      * Configure the data interfaces for controller-0.
+
+        .. only:: starlingx
+
+           .. tabs::
+
+              .. group-tab:: Bare Metal
+
+                 .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+                    :start-after: begin-config-controller-0-OS-data-interface-dx
+                    :end-before: end-config-controller-0-OS-data-interface-dx
+
+              .. group-tab:: Virtual
+
+                 .. code-block:: bash
+
+                    ~(keystone_admin)$ DATA0IF=eth1000
+                    ~(keystone_admin)$ DATA1IF=eth1001
+                    ~(keystone_admin)$ export NODE=controller-0
+                    ~(keystone_admin)$ PHYSNET0='physnet0'
+                    ~(keystone_admin)$ PHYSNET1='physnet1'
+                    ~(keystone_admin)$ SPL=/tmp/tmp-system-port-list
+                    ~(keystone_admin)$ SPIL=/tmp/tmp-system-host-if-list
+
+                    ~(keystone_admin)$ system host-port-list ${NODE} --nowrap > ${SPL}
+                    ~(keystone_admin)$ system host-if-list -a ${NODE} --nowrap > ${SPIL}
+
+                    ~(keystone_admin)$ DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}')
+                    ~(keystone_admin)$ DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}')
+
+                    ~(keystone_admin)$ DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}')
+                    ~(keystone_admin)$ DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}')
+
+                    ~(keystone_admin)$ DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}')
+                    ~(keystone_admin)$ DATA1PORTNAME=$(cat  $SPL | grep ${DATA1PCIADDR} | awk '{print $4}')
+
+                    ~(keystone_admin)$ DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}')
+                    ~(keystone_admin)$ DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}')
+
+                    ~(keystone_admin)$ system datanetwork-add ${PHYSNET0} vlan
+                    ~(keystone_admin)$ system datanetwork-add ${PHYSNET1} vlan
+
+                    ~(keystone_admin)$ system host-if-modify -m 1500 -n data0 -c data ${NODE} ${DATA0IFUUID}
+                    ~(keystone_admin)$ system host-if-modify -m 1500 -n data1 -c data ${NODE} ${DATA1IFUUID}
+
+                    ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} ${DATA0IFUUID} ${PHYSNET0}
+                    ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} ${DATA1IFUUID} ${PHYSNET1}
+
+
+      .. only:: partner
+
+         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+            :start-after: begin-config-controller-0-OS-data-interface-dx
+            :end-before: end-config-controller-0-OS-data-interface-dx
+
+*****************************************
+Optionally Configure PCI-SRIOV Interfaces
+*****************************************
+
+#. **Optionally**, configure |PCI|-|SRIOV| interfaces for controller-0.
+
+   This step is **optional** for Kubernetes. Do this step if using |SRIOV|
+   network attachments in hosted application containers.
+
+   .. only:: openstack
+
+      This step is **optional** for OpenStack. Do this step if using |SRIOV|
+      vNICs in hosted application VMs. Note that |PCI|-|SRIOV| interfaces can
+      have the same Data Networks assigned to them as vswitch data interfaces.
+
+
+   * Configure the pci-sriov interfaces for controller-0.
+
+     .. code-block:: bash
+
+        ~(keystone_admin)$ export NODE=controller-0
+
+        # List inventoried host’s ports and identify ports to be used as ‘pci-sriov’ interfaces,
+        # based on displayed linux port name, pci address and device type.
+        ~(keystone_admin)$ system host-port-list ${NODE}
+
+        # List host’s auto-configured ‘ethernet’ interfaces,
+        # find the interfaces corresponding to the ports identified in previous step, and
+        # take note of their UUID
+        ~(keystone_admin)$ system host-if-list -a ${NODE}
+
+        # Modify configuration for these interfaces
+        # Configuring them as ‘pci-sriov’ class interfaces, MTU of 1500 and named sriov#
+        ~(keystone_admin)$ system host-if-modify -m 1500 -n sriov0 -c pci-sriov ${NODE} <sriov0-if-uuid> -N <num_vfs>
+        ~(keystone_admin)$ system host-if-modify -m 1500 -n sriov1 -c pci-sriov ${NODE} <sriov1-if-uuid> -N <num_vfs>
+
+        # If not already created, create Data Networks that the 'pci-sriov'
+        # interfaces will be connected to
+        ~(keystone_admin)$ DATANET0='datanet0'
+        ~(keystone_admin)$ DATANET1='datanet1'
+        ~(keystone_admin)$ system datanetwork-add ${DATANET0} vlan
+        ~(keystone_admin)$ system datanetwork-add ${DATANET1} vlan
+
+        # Assign Data Networks to PCI-SRIOV Interfaces
+        ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} <sriov0-if-uuid> ${DATANET0}
+        ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} <sriov1-if-uuid> ${DATANET1}
+
+
+   * **For Kubernetes Only:** To enable using |SRIOV| network attachments for
+     the above interfaces in Kubernetes hosted application containers:
+
+     .. only:: starlingx
+
+        .. tabs::
+
+           .. group-tab:: Bare Metal
+
+              .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+                  :start-after: begin-config-controller-0-OS-k8s-sriov-dx
+                  :end-before: end-config-controller-0-OS-k8s-sriov-dx
+
+           .. group-tab:: Virtual
+
+              Configure the Kubernetes |SRIOV| device plugin.
+
+              .. code-block:: none
+
+                 ~(keystone_admin)$ system host-label-assign controller-0 sriovdp=enabled
+
+     .. only:: partner
+
+        .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+            :start-after: begin-config-controller-0-OS-k8s-sriov-dx
+            :end-before: end-config-controller-0-OS-k8s-sriov-dx
+
+
+***************************************************************
+If required, initialize a Ceph-based Persistent Storage Backend
+***************************************************************
+
+A persistent storage backend is required if your application requires |PVCs|.
+
+.. only:: openstack
+
+    .. important::
+
+       The StarlingX OpenStack application **requires** |PVCs|.
+
+.. only:: starlingx
+
+    There are two options for persistent storage backend: the host-based Ceph
+    solution and the Rook container-based Ceph solution.
+
+For host-based Ceph:
+
+#. Initialize with add ceph backend:
+
+   ::
+
+      ~(keystone_admin)$ system storage-backend-add ceph --confirmed
+
+#. Add an |OSD| on controller-0 for host-based Ceph:
+
+   .. code-block:: bash
+
+      # List host’s disks and identify disks you want to use for CEPH OSDs, taking note of their UUID
+      # By default, /dev/sda is being used as system disk and can not be used for OSD.
+      ~(keystone_admin)$ system host-disk-list controller-0
+
+      # Add disk as an OSD storage
+      ~(keystone_admin)$ system host-stor-add controller-0 osd <disk-uuid>
+
+      # List OSD storage devices
+      ~(keystone_admin)$ system host-stor-list controller-0
+
+.. only:: starlingx
+
+   For Rook container-based Ceph:
+
+   #. Initialize with add ceph-rook backend:
+
+      ::
+
+         ~(keystone_admin)$ system storage-backend-add ceph-rook --confirmed
+
+   #. Assign Rook host labels to controller-0 in support of installing the
+      rook-ceph-apps manifest/helm-charts later:
+
+      ::
+
+         ~(keystone_admin)$ system host-label-assign controller-0 ceph-mon-placement=enabled
+         ~(keystone_admin)$ system host-label-assign controller-0 ceph-mgr-placement=enabled
+
+
+-------------------
+Unlock controller-0
+-------------------
+
+.. include:: aio_simplex_install_kubernetes.rst
+   :start-after: incl-unlock-controller-0-aio-simplex-start:
+   :end-before: incl-unlock-controller-0-aio-simplex-end:
+
+.. only:: openstack
+
+   *  **For OpenStack Only** Due to the additional OpenStack services’
+      containers running on the controller host, the size of the Docker
+      filesystem needs to be increased from the default size of 30G to 60G.
+
+
+      .. code-block:: bash
+
+          # check existing size of docker fs
+          ~(keystone_admin)$ system host-fs-list controller-0
+          # check available space (Avail Size (GiB)) in cgts-vg LVG where docker fs is located
+          ~(keystone_admin)$ system host-lvg-list controller-0
+          # if existing docker fs size + cgts-vg available space is less than
+          # 80G, you will need to add a new disk to cgts-vg.
+
+             # Get device path of BOOT DISK
+             ~(keystone_admin)$ system host-show controller-0 | fgrep rootfs
+
+             # Get UUID of ROOT DISK by listing disks
+             ~(keystone_admin)$ system host-disk-list controller-0
+
+             # Add new disk to 'cgts-vg' local volume group
+             ~(keystone_admin)$ system host-pv-add controller-0 cgts-vg <DISK_UUID>
+             ~(keystone_admin)$ sleep 10    # wait for disk to be added
+
+             # Confirm the available space and increased number of physical
+             # volumes added to the cgts-vg colume group
+             ~(keystone_admin)$ system host-lvg-list controller-0
+
+             # Increase docker filesystem to 60G
+             ~(keystone_admin)$ system host-fs-modify controller-0 docker=60
+
+-------------------------------------
+Install software on controller-1 node
+-------------------------------------
+
+#. Power on the controller-1 server.
+
+   .. only:: starlingx
+
+      .. tabs::
+
+         .. group-tab:: Bare Metal
+
+            .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+               :start-after: begin-power-on-controller-1-server-dx
+               :end-before: end-power-on-controller-1-server-dx
+
+         .. group-tab:: Virtual
+
+            #. On the host, power on the controller-1 virtual server,
+               ``duplex-controller-1``. It will automatically attempt to
+               network boot over the management network:
+
+            .. code-block:: none
+
+               $ virsh start duplex-controller-1
+
+            #. Attach to the console of virtual controller-1:
+
+            .. code-block:: none
+
+               $ virsh console duplex-controller-1
+
+   .. only:: partner
+
+      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+         :start-after: begin-power-on-controller-1-server-dx
+         :end-before: end-power-on-controller-1-server-dx
+
+   As controller-1 boots, a message appears on its console instructing you to
+   configure the personality of the node.
+
+#. On the console of controller-0, list hosts to see newly discovered
+   controller-1 host (hostname=None):
+
+   ::
+
+      ~(keystone_admin)$ system host-list
+      +----+--------------+-------------+----------------+-------------+--------------+
+      | id | hostname     | personality | administrative | operational | availability |
+      +----+--------------+-------------+----------------+-------------+--------------+
+      | 1  | controller-0 | controller  | unlocked       | enabled     | available    |
+      | 2  | None         | None        | locked         | disabled    | offline      |
+      +----+--------------+-------------+----------------+-------------+--------------+
+
+#. Using the host id, set the personality of this host to 'controller':
+
+   ::
+
+      ~(keystone_admin)$ system host-update 2 personality=controller
+
+#. Wait for the software installation on controller-1 to complete, for
+   controller-1 to reboot, and for controller-1 to show as
+   locked/disabled/online in 'system host-list'.
+
+   This can take 5-10 minutes, depending on the performance of the host machine.
+
+   ::
+
+      ~(keystone_admin)$ system host-list
+      +----+--------------+-------------+----------------+-------------+--------------+
+      | id | hostname     | personality | administrative | operational | availability |
+      +----+--------------+-------------+----------------+-------------+--------------+
+      | 1  | controller-0 | controller  | unlocked       | enabled     | available    |
+      | 2  | controller-1 | controller  | locked         | disabled    | online       |
+      +----+--------------+-------------+----------------+-------------+--------------+
+
+----------------------
+Configure controller-1
+----------------------
+
+#. Configure the |OAM| interface of controller-1 and specify the attached
+   network of "oam".
+
+   .. only:: starlingx
+
+      .. tabs::
+
+         .. group-tab:: Bare Metal
+
+            .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+               :start-after: begin-config-controller-1-server-oam-dx
+               :end-before: end-config-controller-1-server-oam-dx
+
+         .. group-tab:: Virtual
+
+            .. code-block:: none
+
+               ~(keystone_admin)$ OAM_IF=enp7s1
+               ~(keystone_admin)$ system host-if-modify controller-1 $OAM_IF -c platform
+               ~(keystone_admin)$ system interface-network-assign controller-1 $OAM_IF oam
+
+
+   To configure a |VLAN| or aggregated ethernet interface, see
+   |node-interfaces-index|.
+
+   .. only:: partner
+
+      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+         :start-after: begin-config-controller-1-server-oam-dx
+         :end-before: end-config-controller-1-server-oam-dx
+
+#. The MGMT interface is partially set up by the network install procedure;
+   configuring the port used for network install as the MGMT port and
+   specifying the attached network of "mgmt".
+
+   Complete the MGMT interface configuration of controller-1 by specifying the
+   attached network of "cluster-host".
+
+   ::
+
+      ~(keystone_admin)$ system interface-network-assign controller-1 mgmt0 cluster-host
+
+.. only:: openstack
+
+   *************************************
+   OpenStack-specific host configuration
+   *************************************
+
+   .. important::
+
+      These steps are required only if the |prod-os| application
+      (|prefix|-openstack) will be installed.
+
+   #. **For OpenStack only:** Assign OpenStack host labels to controller-1 in
+      support of installing the |prefix|-openstack manifest and helm-charts later.
+
+      .. only:: starlingx
+
+         .. parsed-literal::
+
+            ~(keystone_admin)$ system host-label-assign controller-1 openstack-control-plane=enabled
+            ~(keystone_admin)$ system host-label-assign controller-1 openstack-compute-node=enabled
+            ~(keystone_admin)$ system host-label-assign controller-1 |vswitch-label|
+
+         .. note::
+
+            If you have a |NIC| that supports |SRIOV|, then you can enable it by
+            using the following:
+
+            .. code-block:: none
+
+               ~(keystone_admin)$ system host-label-assign controller-0 sriov=enabled
+
+      .. only:: partner
+
+         .. include:: /_includes/aio_duplex_install_kubernetes.rest
+            :start-after: ref2-begin
+            :end-before: ref2-end
+
+   #. **For OpenStack only:** Due to the additional openstack services running
+      on the |AIO| controller platform cores, additional cores may be required.
+
+      .. only:: starlingx
+
+         .. tabs::
+
+            .. group-tab:: Bare Metal
+
+               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+                  :start-after: begin-increase-cores-controller-1-dx
+                  :end-before: end-increase-cores-controller-1-dx
+
+            .. group-tab:: Virtual
+
+               The |VMs| being used for hosts only have 4 cores; 2 for platform
+               and 2 for |VMs|; there are not additional cores available
+               for platform in this scenario.
+
+      .. only:: partner
+
+         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+            :start-after: begin-increase-cores-controller-1-dx
+            :end-before: end-increase-cores-controller-1-dx
+
+   #. Due to the additional openstack services' containers running on the
+      controller host, the size of the docker filesystem needs to be
+      increased from the default size of 30G to 60G.
+
+      .. code-block:: bash
+
+          # check existing size of docker fs
+          ~(keystone_admin)$ system host-fs-list controller-1
+          # check available space (Avail Size (GiB)) in cgts-vg LVG where docker fs is located
+          ~(keystone_admin)$ system host-lvg-list controller-1
+          # if existing docker fs size + cgts-vg available space is less than
+          # 80G, you will need to add a new disk to cgts-vg.
+
+             # Get device path of BOOT DISK
+             ~(keystone_admin)$ system host-show controller-1 | fgrep rootfs
+
+             # Get UUID of ROOT DISK by listing disks
+             ~(keystone_admin)$ system host-disk-list controller-1
+
+             # Add new disk to 'cgts-vg' local volume group
+             ~(keystone_admin)$ system host-pv-add controller-1 cgts-vg <DISK_UUID>
+             ~(keystone_admin)$ sleep 10    # wait for disk to be added
+
+             # Confirm the available space and increased number of physical
+             # volumes added to the cgts-vg colume group
+             ~(keystone_admin)$ system host-lvg-list controller-1
+
+             # Increase docker filesystem to 60G
+             ~(keystone_admin)$ system host-fs-modify controller-1 docker=60
+
+   #. **For OpenStack only:** Configure the host settings for the vSwitch.
+
+      .. only:: starlingx
+
+         .. tabs::
+
+            .. group-tab:: Bare Metal
+
+               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+                  :start-after: begin-config-vswitch-controller-1-dx
+                  :end-before: end-config-vswitch-controller-1-dx
+
+            .. group-tab:: Virtual
+
+               No additional configuration is required for the OVS vswitch in
+               virtual environment.
+
+      .. only:: partner
+
+         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+            :start-after: begin-config-vswitch-controller-1-dx
+            :end-before: end-config-vswitch-controller-1-dx
+
+
+   #. **For OpenStack only:** Add an instances filesystem OR Set up a disk
+      based nova-local volume group, which is needed for |prefix|-openstack
+      nova ephemeral disks.
+
+      .. only:: starlingx
+
+         .. tabs::
+
+            .. group-tab:: Bare Metal
+
+               .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+                  :start-after: begin-config-fs-controller-1-dx
+                  :end-before: end-config-fs-controller-1-dx
+
+            .. group-tab:: Virtual
+
+               Set up a ‘instances’ filesystem, which is needed for
+               stx-openstack nova ephemeral disks.
+
+               .. code-block::
+
+                  ~(keystone_admin)$ export NODE=controller-1
+                  ~(keystone_admin)$ system host-fs-add ${NODE} instances=34
+
+      .. only:: partner
+
+         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+            :start-after: begin-config-fs-controller-1-dx
+            :end-before: end-config-fs-controller-1-dx
+
+   #. **For OpenStack only:** Configure data interfaces for controller-1.
+      Data class interfaces are vswitch interfaces used by vswitch to provide
+      |VM| virtio vNIC connectivity to OpenStack Neutron Tenant Networks on the
+      underlying assigned Data Network.
+
+      .. important::
+
+         A compute-labeled All-in-one controller host **MUST** have at least
+         one Data class interface.
+
+      * Configure the data interfaces for controller-1.
+
+        .. only:: starlingx
+
+           .. tabs::
+
+              .. group-tab:: Bare Metal
+
+                 .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+                    :start-after: begin-config-data-interfaces-controller-1-dx
+                    :end-before: end-config-data-interfaces-controller-1-dx
+
+              .. group-tab:: Virtual
+
+                 .. code-block:: bash
+
+                    ~(keystone_admin)$ DATA0IF=eth1000
+                    ~(keystone_admin)$ DATA1IF=eth1001
+                    ~(keystone_admin)$ export NODE=controller-1
+                    ~(keystone_admin)$ PHYSNET0='physnet0'
+                    ~(keystone_admin)$ PHYSNET1='physnet1'
+                    ~(keystone_admin)$ SPL=/tmp/tmp-system-port-list
+                    ~(keystone_admin)$ SPIL=/tmp/tmp-system-host-if-list
+                    ~(keystone_admin)$ system host-port-list ${NODE} --nowrap > ${SPL}
+                    ~(keystone_admin)$ system host-if-list -a ${NODE} --nowrap > ${SPIL}
+                    ~(keystone_admin)$ DATA0PCIADDR=$(cat $SPL | grep $DATA0IF |awk '{print $8}')
+                    ~(keystone_admin)$ DATA1PCIADDR=$(cat $SPL | grep $DATA1IF |awk '{print $8}')
+                    ~(keystone_admin)$ DATA0PORTUUID=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $2}')
+                    ~(keystone_admin)$ DATA1PORTUUID=$(cat $SPL | grep ${DATA1PCIADDR} | awk '{print $2}')
+                    ~(keystone_admin)$ DATA0PORTNAME=$(cat $SPL | grep ${DATA0PCIADDR} | awk '{print $4}')
+                    ~(keystone_admin)$ DATA1PORTNAME=$(cat  $SPL | grep ${DATA1PCIADDR} | awk '{print $4}')
+                    ~(keystone_admin)$ DATA0IFUUID=$(cat $SPIL | awk -v DATA0PORTNAME=$DATA0PORTNAME '($12 ~ DATA0PORTNAME) {print $2}')
+                    ~(keystone_admin)$ DATA1IFUUID=$(cat $SPIL | awk -v DATA1PORTNAME=$DATA1PORTNAME '($12 ~ DATA1PORTNAME) {print $2}')
+
+                    ~(keystone_admin)$ system datanetwork-add ${PHYSNET0} vlan
+                    ~(keystone_admin)$ system datanetwork-add ${PHYSNET1} vlan
+
+                    ~(keystone_admin)$ system host-if-modify -m 1500 -n data0 -c data ${NODE} ${DATA0IFUUID}
+                    ~(keystone_admin)$ system host-if-modify -m 1500 -n data1 -c data ${NODE} ${DATA1IFUUID}
+                    ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} ${DATA0IFUUID} ${PHYSNET0}
+                    ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} ${DATA1IFUUID} ${PHYSNET1}
+
+      .. only:: partner
+
+         .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+            :start-after: begin-config-data-interfaces-controller-1-dx
+            :end-before: end-config-data-interfaces-controller-1-dx
+
+
+*****************************************
+Optionally Configure PCI-SRIOV Interfaces
+*****************************************
+
+#. **Optionally**, configure |PCI|-|SRIOV| interfaces for controller-1.
+
+   This step is **optional** for Kubernetes. Do this step if using |SRIOV|
+   network attachments in hosted application containers.
+
+   .. only:: openstack
+
+      This step is **optional** for OpenStack. Do this step if using |SRIOV|
+      vNICs in hosted application VMs. Note that |PCI|-|SRIOV| interfaces can
+      have the same Data Networks assigned to them as vswitch data interfaces.
+
+
+   * Configure the |PCI|-|SRIOV| interfaces for controller-1.
+
+     .. code-block:: bash
+
+        ~(keystone_admin)$ export NODE=controller-1
+
+        # List inventoried host’s ports and identify ports to be used as ‘pci-sriov’ interfaces,
+        # based on displayed linux port name, pci address and device type.
+        ~(keystone_admin)$ system host-port-list ${NODE}
+
+        # List host’s auto-configured 'ethernet' interfaces,
+        # find the interfaces corresponding to the ports identified in previous step, and
+        # take note of their UUID
+        ~(keystone_admin)$ system host-if-list -a ${NODE}
+
+        # Modify configuration for these interfaces
+        # Configuring them as 'pci-sriov' class interfaces, MTU of 1500 and named sriov#
+        ~(keystone_admin)$ system host-if-modify -m 1500 -n sriov0 -c pci-sriov ${NODE} <sriov0-if-uuid> -N <num_vfs>
+        ~(keystone_admin)$ system host-if-modify -m 1500 -n sriov1 -c pci-sriov ${NODE} <sriov1-if-uuid> -N <num_vfs>
+
+        # If not already created, create Data Networks that the 'pci-sriov' interfaces
+        # will be connected to
+        ~(keystone_admin)$ DATANET0='datanet0'
+        ~(keystone_admin)$ DATANET1='datanet1'
+
+        # Assign Data Networks to PCI-SRIOV Interfaces
+        ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} <sriov0-if-uuid> ${DATANET0}
+        ~(keystone_admin)$ system interface-datanetwork-assign ${NODE} <sriov1-if-uuid> ${DATANET1}
+
+
+   * **For Kubernetes only:** To enable using |SRIOV| network attachments for
+     the above interfaces in Kubernetes hosted application containers:
+
+     .. only:: starlingx
+
+        .. tabs::
+
+           .. group-tab:: Bare Metal
+
+              .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+                 :start-after: begin-config-k8s-sriov-controller-1-dx
+                 :end-before: end-config-k8s-sriov-controller-1-dx
+
+           .. group-tab:: Virtual
+
+              Configure the Kubernetes SR-IOV device plugin.
+
+              .. code-block:: none
+
+                 ~(keystone_admin)$ system host-label-assign controller-1 sriovdp=enabled
+
+
+   .. only:: partner
+
+      .. include:: /shared/_includes/aio_duplex_install_kubernetes.rest
+         :start-after: begin-config-k8s-sriov-controller-1-dx
+         :end-before: end-config-k8s-sriov-controller-1-dx
+
+***************************************************************************************
+If configuring a Ceph-based Persistent Storage Backend, configure host-specific details
+***************************************************************************************
+
+For host-based Ceph:
+
+#. Add an |OSD| on controller-1 for host-based Ceph:
+
+   .. code-block:: bash
+
+      # List host’s disks and identify disks you want to use for CEPH OSDs, taking note of their UUID
+      # By default, /dev/sda is being used as system disk and can not be used for OSD.
+      ~(keystone_admin)$ system host-disk-list controller-1
+
+      # Add disk as an OSD storage
+      ~(keystone_admin)$ system host-stor-add controller-1 osd <disk-uuid>
+
+      # List OSD storage devices
+      ~(keystone_admin)$ system host-stor-list controller-1
+
+   .. only:: starlingx
+
+      For Rook container-based Ceph:
+
+      #. Assign Rook host labels to controller-1 in support of installing the
+         rook-ceph-apps manifest/helm-charts later:
+
+      .. code-block:: bash
+
+         ~(keystone_admin)$ system host-label-assign controller-1 ceph-mon-placement=enabled
+         ~(keystone_admin)$ ~(keystone_admin)$ system host-label-assign controller-1 ceph-mgr-placement=enabled
+
+
+-------------------
+Unlock controller-1
+-------------------
+
+Unlock controller-1 in order to bring it into service:
+
+.. code-block:: bash
+
+  system host-unlock controller-1
+
+Controller-1 will reboot in order to apply configuration changes and come into
+service. This can take 5-10 minutes, depending on the performance of the host
+machine.
+
+.. only:: starlingx
+
+   -----------------------------------------------------------------------------------------------
+   If using Rook container-based Ceph, finish configuring the ceph-rook Persistent Storage Backend
+   -----------------------------------------------------------------------------------------------
+
+   For Rook container-based Ceph:
+
+   On active controller:
+
+   #. Wait for the ``rook-ceph-apps`` application to be uploaded
+
+      ::
+
+        ~(keystone_admin)$  source /etc/platform/openrc
+        ~(keystone_admin)$  system application-list
+        +---------------------+---------+-------------------------------+---------------+----------+-----------+
+        | application         | version | manifest name                 | manifest file | status   | progress  |
+        +---------------------+---------+-------------------------------+---------------+----------+-----------+
+        | oidc-auth-apps      | 1.0-0   | oidc-auth-manifest            | manifest.yaml | uploaded | completed |
+        | platform-integ-apps | 1.0-8   | platform-integration-manifest | manifest.yaml | uploaded | completed |
+        | rook-ceph-apps      | 1.0-1   | rook-ceph-manifest            | manifest.yaml | uploaded | completed |
+        +---------------------+---------+-------------------------------+---------------+----------+-----------+
+
+   #. Configure Rook to use /dev/sdb on controller-0 and controller-1 as a ceph
+      |OSD|.
+
+      .. code-block:: bash
+
+         ~(keystone_admin)$ system host-disk-wipe -s --confirm controller-0 /dev/sdb
+         ~(keystone_admin)$ system host-disk-wipe -s --confirm controller-1 /dev/sdb
+
+      ``values.yaml`` for rook-ceph-apps.
+
+      .. code-block:: yaml
+
+       cluster:
+         storage:
+           nodes:
+           - name: controller-0
+             devices:
+             - name: /dev/disk/by-path/pci-0000:00:03.0-ata-2.0
+           - name: controller-1
+             devices:
+             - name: /dev/disk/by-path/pci-0000:00:03.0-ata-2.0
+
+      ::
+
+       ~(keystone_admin)$ system helm-override-update rook-ceph-apps rook-ceph kube-system --values values.yaml
+
+   #. Apply the rook-ceph-apps application.
+
+      ::
+
+       ~(keystone_admin)$ system application-apply rook-ceph-apps
+
+   #. Wait for |OSDs| pod to be ready.
+
+      ::
+
+        ~(keystone_admin)$ kubectl get pods -n kube-system
+        rook-ceph-crashcollector-controller-0-f984688ff-jsr8t    1/1     Running     0          4m9s
+        rook-ceph-crashcollector-controller-1-7f9b6f55b6-699bb   1/1     Running     0          2m5s
+        rook-ceph-mgr-a-7f9d588c5b-49cbg                         1/1     Running     0          3m5s
+        rook-ceph-mon-a-75bcbd8664-pvq99                         1/1     Running     0          4m27s
+        rook-ceph-mon-b-86c67658b4-f4snf                         1/1     Running     0          4m10s
+        rook-ceph-mon-c-7f48b58dfb-4nx2n                         1/1     Running     0          3m30s
+        rook-ceph-operator-77b64588c5-bhfg7                      1/1     Running     0          7m6s
+        rook-ceph-osd-0-6949657cf7-dkfp2                         1/1     Running     0          2m6s
+        rook-ceph-osd-1-5d4b58cf69-kdg82                         1/1     Running     0          2m4s
+        rook-ceph-osd-prepare-controller-0-wcvsn                 0/1     Completed   0          2m27s
+        rook-ceph-osd-prepare-controller-1-98h76                 0/1     Completed   0          2m26s
+        rook-ceph-tools-5778d7f6c-2h8s8                          1/1     Running     0          5m55s
+        rook-discover-xc22t                                      1/1     Running     0          6m2s
+        rook-discover-xndld                                      1/1     Running     0          6m2s
+        storage-init-rook-ceph-provisioner-t868q                 0/1     Completed   0          108s
+
+
+.. include:: /_includes/bootstrapping-and-deploying-starlingx.rest
+
+.. _extend-dx-with-workers:
+
+--------------------------------------------
+Optionally Extend Capacity with Worker Nodes
+--------------------------------------------
+
+.. include:: /shared/_includes/aio_duplex_extend.rest
+   :start-after: start-aio-duplex-extend
+   :end-before: end-aio-duplex-extend
+
+
+.. only:: partner
+
+   .. include:: /_includes/72hr-to-license.rest
+
+
+Complete system configuration by reviewing procedures in:
+
+- |index-security-kub-81153c1254c3|
+- |index-sysconf-kub-78f0e1e9ca5a|
+- |index-admintasks-kub-ebc55fefc368|
+
diff --git a/doc/source/deploy_install_guides/release/bare_metal/aio_simplex_install_kubernetes.rst b/doc/source/deploy_install_guides/release/bare_metal/aio_simplex_install_kubernetes.rst
index 339d3ba64..23aca3959 100644
--- a/doc/source/deploy_install_guides/release/bare_metal/aio_simplex_install_kubernetes.rst
+++ b/doc/source/deploy_install_guides/release/bare_metal/aio_simplex_install_kubernetes.rst
@@ -1,3 +1,9 @@
+.. include:: /_vendor/rl-strings.txt
+
+.. include:: /_stx-related-links/installation-prereqs.rln 
+   :start-after: begin-rls
+   :end-before: end-rls
+
 .. _aio_simplex_install_kubernetes_r7:
 
 =================================================
@@ -405,9 +411,8 @@ Bootstrap system on controller-0
 
          If a firewall is blocking access to Docker hub or your private
          registry from your StarlingX deployment, you will need to add the
-         following lines in $HOME/localhost.yml  (see :ref:`Docker Proxy
-         Configuration <docker_proxy_config>` for more details about Docker
-         proxy settings):
+         following lines in ``$HOME/localhost.yml``  (see |docker_proxy_config|
+         for more details about Docker proxy settings):
 
       .. only:: partner
 
@@ -494,8 +499,7 @@ The newly installed controller needs to be configured.
 
                   ~(keystone_admin)$ system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org
 
-            To configure |PTP| instead of |NTP|, see :ref:`PTP Server
-            Configuration <ptp-server-config-index>`.
+            To configure |PTP| instead of |NTP|, see |ptp-server-config-index|.
 
             .. end-config-controller-0-ntp-interface-sx
 
@@ -976,14 +980,6 @@ machine.
        rook--ceph-tools-5778d7f6c-22tms                         1/1     Running     0          64m
        rook--discover-kmv6c                                     1/1     Running     0          65m
 
-.. only:: starlingx
-
-   ----------
-   Next steps
-   ----------
-
-   .. include:: /_includes/kubernetes_install_next.txt
-
 
 .. only:: partner
 
@@ -991,6 +987,6 @@ machine.
 
 Complete system configuration by reviewing procedures in:
 
-- :ref:`index-security-kub-81153c1254c3`
-- :ref:`index-sysconf-kub-78f0e1e9ca5a`
-- :ref:`index-admintasks-kub-ebc55fefc368`
+- |index-security-kub-81153c1254c3|
+- |index-sysconf-kub-78f0e1e9ca5a|
+- |index-admintasks-kub-ebc55fefc368|
diff --git a/doc/source/deploy_install_guides/release/bare_metal/bootstrapping-from-a-private-docker-registry.rst b/doc/source/deploy_install_guides/release/bare_metal/bootstrapping-from-a-private-docker-registry.rst
index c952a373a..0d68793df 100644
--- a/doc/source/deploy_install_guides/release/bare_metal/bootstrapping-from-a-private-docker-registry.rst
+++ b/doc/source/deploy_install_guides/release/bare_metal/bootstrapping-from-a-private-docker-registry.rst
@@ -15,8 +15,8 @@ your server is isolated from the public Internet.
 
 .. rubric:: |proc|
 
-#.  Update your /home/sysadmin/localhost.yml bootstrap overrides file with the
-    following lines to use a Private Docker Registry pre-populated from the
+#.  Update your ``/home/sysadmin/localhost.yml`` bootstrap overrides file with
+    the following lines to use a Private Docker Registry pre-populated from the
     |org| Docker Registry:
 
     .. code-block:: none
@@ -50,7 +50,7 @@ your server is isolated from the public Internet.
     .. note::
         ``<my-registry.io>`` must be a DNS name resolvable by the dns servers
         configured in the ``dns_servers:`` structure of the ansible bootstrap
-        override file /home/sysadmin/localhost.yml.
+        override file ``/home/sysadmin/localhost.yml``.
 
 #.  For any additional local registry images required, use the full image name
     as shown below.
diff --git a/doc/source/deploy_install_guides/release/bare_metal/controller_storage_install_kubernetes.rst b/doc/source/deploy_install_guides/release/bare_metal/controller_storage_install_kubernetes.rst
index 036ded05a..cef3b6e19 100644
--- a/doc/source/deploy_install_guides/release/bare_metal/controller_storage_install_kubernetes.rst
+++ b/doc/source/deploy_install_guides/release/bare_metal/controller_storage_install_kubernetes.rst
@@ -1,5 +1,11 @@
 |hideable|
 
+.. include:: /_vendor/rl-strings.txt
+
+.. include:: /_stx-related-links/installation-prereqs.rln 
+   :start-after: begin-rls
+   :end-before: end-rls
+
 .. Greg updates required for -High Security Vulnerability Document Updates
 
 .. _controller_storage_install_kubernetes_r7:
@@ -450,7 +456,7 @@ Install software on controller-1 and worker nodes
               .. Note::
 
                  A node with Edgeworker personality is also available. See
-                 :ref:`deploy-edgeworker-nodes` for details.
+                 |deploy-edgeworker-nodes| for details.
 
          #. Wait for the software installation on controller-1, worker-0, and
             worker-1 to complete, for all virtual servers to reboot, and for all
@@ -811,14 +817,6 @@ If configuring Ceph Storage Backend, Add Ceph OSDs to controllers
       :start-after: start-add-ceph-osds-to-controllers-std-storage
       :end-before: end-add-ceph-osds-to-controllers-std-storage
 
-.. only:: starlingx
-
-   ----------
-   Next steps
-   ----------
-
-   .. include:: /_includes/kubernetes_install_next.txt
-
 
 .. only:: partner
 
@@ -827,6 +825,6 @@ If configuring Ceph Storage Backend, Add Ceph OSDs to controllers
 
 Complete system configuration by reviewing procedures in:
 
-- :ref:`index-security-kub-81153c1254c3`
-- :ref:`index-sysconf-kub-78f0e1e9ca5a`
-- :ref:`index-admintasks-kub-ebc55fefc368`
+- |index-security-kub-81153c1254c3|
+- |index-sysconf-kub-78f0e1e9ca5a|
+- |index-admintasks-kub-ebc55fefc368|
diff --git a/doc/source/deploy_install_guides/release/bare_metal/dedicated_storage_install_kubernetes.rst b/doc/source/deploy_install_guides/release/bare_metal/dedicated_storage_install_kubernetes.rst
index 5f4d6f349..57ed7639c 100644
--- a/doc/source/deploy_install_guides/release/bare_metal/dedicated_storage_install_kubernetes.rst
+++ b/doc/source/deploy_install_guides/release/bare_metal/dedicated_storage_install_kubernetes.rst
@@ -1,5 +1,11 @@
 |hideable|
 
+.. include:: /_vendor/rl-strings.txt
+
+.. include:: /_stx-related-links/installation-prereqs.rln 
+   :start-after: begin-rls
+   :end-before: end-rls
+
 .. _dedicated_storage_install_kubernetes_r7:
 
 
@@ -403,7 +409,7 @@ Install software on controller-1, storage nodes, and worker nodes
               .. Note::
          
                  A node with Edgeworker personality is also available. See
-                 :ref:`deploy-edgeworker-nodes` for details.
+                 |deploy-edgeworker-nodes| for details.
          
          #. Wait for the software installation on controller-1, storage-0,
             storage-1, worker-0, and worker-1 to complete, for all virtual
@@ -732,14 +738,6 @@ Unlock worker nodes
       :start-after: begin-dedicated-unlock-workers
       :end-before: end-dedicated-unlock-workers
 
-.. only:: starlingx
-
-   ----------
-   Next steps
-   ----------
-
-   .. include:: /_includes/kubernetes_install_next.txt
-
 
 .. only:: partner
 
@@ -748,6 +746,6 @@ Unlock worker nodes
 
 Complete system configuration by reviewing procedures in:
 
-- :ref:`index-security-kub-81153c1254c3`
-- :ref:`index-sysconf-kub-78f0e1e9ca5a`
-- :ref:`index-admintasks-kub-ebc55fefc368`
+- |index-security-kub-81153c1254c3|
+- |index-sysconf-kub-78f0e1e9ca5a|
+- |index-admintasks-kub-ebc55fefc368|
diff --git a/doc/source/deploy_install_guides/release/bare_metal/rook_storage_install_kubernetes.rst b/doc/source/deploy_install_guides/release/bare_metal/rook_storage_install_kubernetes.rst
index 059379fd9..aa2e73925 100644
--- a/doc/source/deploy_install_guides/release/bare_metal/rook_storage_install_kubernetes.rst
+++ b/doc/source/deploy_install_guides/release/bare_metal/rook_storage_install_kubernetes.rst
@@ -1,3 +1,5 @@
+.. include:: /_vendor/rl-strings.txt
+
 .. _install-rook-storage-on-bare-metal:
 
 ====================================================================
@@ -156,11 +158,11 @@ Bootstrap system on controller-0
 
         EOF
 
-   Refer to :ref:`Ansible Bootstrap Configurations <ansible_bootstrap_configs_r7>`
-   for information on additional Ansible bootstrap configurations for advanced
-   Ansible bootstrap scenarios, such as Docker proxies when deploying behind a
-   firewall, etc. Refer to :ref:`Docker Proxy Configuration <docker_proxy_config>`
-   for details about Docker proxy settings.
+   Refer to :ref:`Ansible Bootstrap Configurations
+   <ansible_bootstrap_configs_r7>` for information on additional Ansible
+   bootstrap configurations for advanced Ansible bootstrap scenarios, such as
+   Docker proxies when deploying behind a firewall, etc. Refer to
+   |docker_proxy_config| for details about Docker proxy settings.
 
 #. Run the Ansible bootstrap playbook:
 
@@ -220,8 +222,7 @@ Configure controller-0
 
        system service-parameter-list platform docker
 
-   #. Refer to :ref:`docker_proxy_config` for
-      details about Docker proxy settings.
+   #. Refer to |docker_proxy_config| for details about Docker proxy settings.
 
 
 OpenStack-specific host configuration
@@ -411,11 +412,11 @@ Install software on controller-1 and worker nodes
      .. Note::
 
         A node with Edgeworker personality is also available. See
-        :ref:`deploy-edgeworker-nodes` for details.
+        |deploy-edgeworker-nodes| for details.
 
 #. Wait for the software installation on controller-1, worker-0, and worker-1
    to complete, for all servers to reboot, and for all to show as
-   locked/disabled/online in 'system host-list'.
+   locked/disabled/online in ``system host-list``.
 
    ::
 
@@ -753,4 +754,6 @@ On host storage-0 and storage-1:
 Next steps
 ----------
 
-.. include:: /_includes/kubernetes_install_next.txt
+- |index-security-kub-81153c1254c3|
+- |index-sysconf-kub-78f0e1e9ca5a|
+- |index-admintasks-kub-ebc55fefc368|
diff --git a/doc/source/deploy_install_guides/release/virtual/aio_simplex_install_kubernetes.txt b/doc/source/deploy_install_guides/release/virtual/aio_simplex_install_kubernetes.txt
index 6ab31c667..12e49d048 100644
--- a/doc/source/deploy_install_guides/release/virtual/aio_simplex_install_kubernetes.txt
+++ b/doc/source/deploy_install_guides/release/virtual/aio_simplex_install_kubernetes.txt
@@ -126,11 +126,11 @@ On virtual controller-0:
 
         EOF
 
-   Refer to :ref:`Ansible Bootstrap Configurations <ansible_bootstrap_configs_r7>`
-   for information on additional Ansible bootstrap configurations for advanced
-   Ansible bootstrap scenarios, such as Docker proxies when deploying behind a
-   firewall, etc. Refer to :ref:`Docker Proxy Configuration <docker_proxy_config>`
-   for details about Docker proxy settings.
+   Refer to :ref:`Ansible Bootstrap Configurations
+   <ansible_bootstrap_configs_r7>` for information on additional Ansible
+   bootstrap configurations for advanced Ansible bootstrap scenarios, such as
+   Docker proxies when deploying behind a firewall, etc. Refer to
+   |docker_proxy_config| for details about Docker proxy settings.
 
 #. Run the Ansible bootstrap playbook:
 
@@ -239,8 +239,7 @@ For Rook container-based Ceph:
 
        system service-parameter-list platform docker
 
-   #. Refer to :ref:`docker_proxy_config` for
-      details about Docker proxy settings.
+   #. Refer to |docker_proxy_config| for details about Docker proxy settings.
 
 *************************************
 OpenStack-specific host configuration
diff --git a/doc/source/deploy_install_guides/release/virtual/rook_storage.rst b/doc/source/deploy_install_guides/release/virtual/rook_storage.rst
index 7bb140bf1..b4f4ea475 100644
--- a/doc/source/deploy_install_guides/release/virtual/rook_storage.rst
+++ b/doc/source/deploy_install_guides/release/virtual/rook_storage.rst
@@ -1,3 +1,5 @@
+.. include:: /_vendor/rl-strings.txt
+
 ===============================================
 Virtual Standard with Rook Storage Installation
 ===============================================
diff --git a/doc/source/node_management/openstack/adding-compute-nodes-to-an-existing-duplex-system.rst b/doc/source/node_management/openstack/adding-compute-nodes-to-an-existing-duplex-system.rst
index c8fb85299..192ee4ca1 100644
--- a/doc/source/node_management/openstack/adding-compute-nodes-to-an-existing-duplex-system.rst
+++ b/doc/source/node_management/openstack/adding-compute-nodes-to-an-existing-duplex-system.rst
@@ -1,5 +1,6 @@
 .. include:: /_stx-related-links/adding-compute-nodes-to-an-existing-duplex-system.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. sjf1596039104044
 .. _adding-compute-nodes-to-an-existing-duplex-system:
 
@@ -47,8 +48,8 @@ The requirements for each added compute node are as follows:
 #.  Provision the resources.
 
     To allocate resources to the controller, update the controller resource
-    inventory in |prod-os|. See |node-doc|: :ref:`Memory Tab <memory-tab>` and
-    :ref:`Processor Tab <processor-tab>`.
+    inventory in |prod-os|. See |node-doc|: |memory-tab| and
+    |processor-tab|.
 
 #.  Add the hosts (compute nodes).
 
diff --git a/doc/source/planning/kubernetes/starlingx-hardware-requirements.rst b/doc/source/planning/kubernetes/starlingx-hardware-requirements.rst
index 24444cd25..97366b50b 100755
--- a/doc/source/planning/kubernetes/starlingx-hardware-requirements.rst
+++ b/doc/source/planning/kubernetes/starlingx-hardware-requirements.rst
@@ -1,5 +1,8 @@
 
 .. kdl1464894372485
+
+.. include:: /_vendor/rl-strings.txt
+
 .. _starlingx-hardware-requirements:
 
 ============================
diff --git a/doc/source/security/openstack/install-rest-api-and-horizon-certificate.rst b/doc/source/security/openstack/install-rest-api-and-horizon-certificate.rst
index c6a05438a..c82647bc9 100644
--- a/doc/source/security/openstack/install-rest-api-and-horizon-certificate.rst
+++ b/doc/source/security/openstack/install-rest-api-and-horizon-certificate.rst
@@ -1,5 +1,6 @@
 .. include:: /_stx-related-links/install-rest-api-and-horizon-certificate.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. pmb1590001656644
 .. _install-rest-api-and-horizon-certificate:
 
@@ -49,9 +50,8 @@ Horizon endpoints by configuring a certificate for these endpoints.
             ~(keystone_admin)$ system service-parameter-apply openstack
             Applying openstack service parameters
 
--   HTTPS must be enabled for |prod|, see :ref:`Configure REST API Applications
-    and Web Administration Server Certificate
-    <configure-rest-api-applications-and-web-administration-server-certificates-after-installation-6816457ab95f>`.
+-   HTTPS must be enabled for |prod|, see
+    |configure-rest-api-applications-and-web-administration-server-certificates-after-installation-6816457ab95f|.
 
 .. rubric:: |proc|
 
@@ -76,5 +76,5 @@ Horizon endpoints by configuring a certificate for these endpoints.
 
         ~(keystone_admin)$ system application-apply |prefix|-openstack
 
-#.  Ensure port 443 is open in |prod| firewall. For details see :ref:`Modify
-    Firewall Options <security-firewall-options>`.
+#.  Ensure port 443 is open in |prod| firewall. For details see
+    |security-firewall-options|.
diff --git a/doc/source/security/openstack/use-local-clis.rst b/doc/source/security/openstack/use-local-clis.rst
index d0ba8e6ed..c717dc13b 100644
--- a/doc/source/security/openstack/use-local-clis.rst
+++ b/doc/source/security/openstack/use-local-clis.rst
@@ -1,5 +1,6 @@
 .. include:: /_stx-related-links/use-local-clis.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. tok1566218039402
 .. _use-local-clis:
 
@@ -41,7 +42,7 @@ A **Local LDAP Linux User Account**, on the other hand, is an account with SSH
 privileges that is typically configured with only access to the credentials of
 a Keystone user *who has the same username* as the |LDAP| account. To create
 such a composite Local |LDAP| and Keystone user account, see
-:ref:`Manage Composite Local LDAP Accounts at Scale <manage-local-ldap-39fe3a85a528>`.
+|manage-local-ldap-39fe3a85a528|.
 
 .. important::
     The Local |LDAP| Linux User Account *must* be a member of the |LDAP| group
@@ -55,8 +56,7 @@ such a composite Local |LDAP| and Keystone user account, see
 
         sudo ldapaddusertogroup <USER> openstack
 
-    See :ref:`Local LDAP Linux User Accounts <local-ldap-linux-user-accounts>`
-    for more details.
+    See |local-ldap-linux-user-accounts| for more details.
 
 If this is your first access to the system, you can use the **Sysadmin Local
 Linux Account** for Local CLI access.
diff --git a/doc/source/shared/_includes/aio_duplex_extend.rest b/doc/source/shared/_includes/aio_duplex_extend.rest
index 3c9fc7f14..c2e16a49a 100644
--- a/doc/source/shared/_includes/aio_duplex_extend.rest
+++ b/doc/source/shared/_includes/aio_duplex_extend.rest
@@ -1,3 +1,5 @@
+.. include:: /_stx-related-links/aio_duplex_extend.rln
+
 =================================
 Extend Capacity with Worker Nodes
 =================================
@@ -86,7 +88,7 @@ Install software on worker nodes
      .. Note::
 
         A node with Edgeworker personality is also available. See
-        :ref:`deploy-edgeworker-nodes` for details.
+        |deploy-edgeworker-nodes| for details.
 
 #. Wait for the install of software on the worker nodes to complete, for the
    worker nodes to reboot, and for both to show as locked/disabled/online in
diff --git a/doc/source/shared/_includes/aio_duplex_install_kubernetes.rest b/doc/source/shared/_includes/aio_duplex_install_kubernetes.rest
index 729ef4794..7e707d88f 100644
--- a/doc/source/shared/_includes/aio_duplex_install_kubernetes.rest
+++ b/doc/source/shared/_includes/aio_duplex_install_kubernetes.rest
@@ -45,8 +45,7 @@ your deployment environment, for example eth0:
 
     ~(keystone_admin)$ system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org
 
-To configure |PTP| instead of |NTP|, see :ref:`PTP Server
-Configuration <ptp-server-config-index>`.
+To configure |PTP| instead of |NTP|, see |ptp-server-config-index|.
 
 .. end-config-controller-0-ntp-interface-dx
 
diff --git a/doc/source/shared/_includes/aio_simplex_install_kubernetes.rest b/doc/source/shared/_includes/aio_simplex_install_kubernetes.rest
index 831b1bbe3..228aa6388 100644
--- a/doc/source/shared/_includes/aio_simplex_install_kubernetes.rest
+++ b/doc/source/shared/_includes/aio_simplex_install_kubernetes.rest
@@ -36,7 +36,7 @@ your deployment environment, for example eth0:
   ~(keystone_admin)$ system interface-network-assign controller-0 $OAM_IF oam
 
 To configure a vlan or aggregated ethernet interface, see
-:ref:`Node Interfaces <node-interfaces-index>`.
+|node-interfaces-index|.
 
 .. end-config-controller-0-oam-interface-sx
 
@@ -47,8 +47,7 @@ To configure a vlan or aggregated ethernet interface, see
 
       ~(keystone_admin)$ system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org
 
-To configure |PTP| instead of |NTP|, see :ref:`PTP Server
-Configuration <ptp-server-config-index>`.
+To configure |PTP| instead of |NTP|, see |ptp-server-config-index|.
 
 .. end-config-controller-0-ntp-interface-sx
 
diff --git a/doc/source/shared/_includes/alarm-messages-overview-9d087b0170cf.rest b/doc/source/shared/_includes/alarm-messages-overview-9d087b0170cf.rest
index 7269fadb7..e4cd3b0f6 100644
--- a/doc/source/shared/_includes/alarm-messages-overview-9d087b0170cf.rest
+++ b/doc/source/shared/_includes/alarm-messages-overview-9d087b0170cf.rest
@@ -1,3 +1,6 @@
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
+
 The system inventory and maintenance service reports system changes with
 different degrees of severity. Use the reported alarms to monitor the overall
 health of the system.
@@ -8,7 +11,7 @@ A management-affecting alarm is one that cannot be ignored at the indicated
 severity level or higher by using relaxed alarm rules during an orchestrated
 patch or upgrade operation.
 
-For more information, see :ref:`fault-management-overview`.
+For more information, see |fault-management-overview|.
 
 .. note::
 
diff --git a/doc/source/shared/_includes/controller_storage_install_kubernetes.rest b/doc/source/shared/_includes/controller_storage_install_kubernetes.rest
index 788822bd0..af0da3996 100644
--- a/doc/source/shared/_includes/controller_storage_install_kubernetes.rest
+++ b/doc/source/shared/_includes/controller_storage_install_kubernetes.rest
@@ -51,7 +51,7 @@
      .. Note::
 
         A node with Edgeworker personality is also available. See
-        :ref:`deploy-edgeworker-nodes` for details.
+        |deploy-edgeworker-nodes| for details.
 
 #. Wait for the software installation on controller-1, worker-0, and
    worker-1 to complete, for all servers to reboot, and for all to show
diff --git a/doc/source/shared/_includes/dedicated_storage_install_kubernetes.rest b/doc/source/shared/_includes/dedicated_storage_install_kubernetes.rest
index a76b96bec..8d3ad0fb3 100644
--- a/doc/source/shared/_includes/dedicated_storage_install_kubernetes.rest
+++ b/doc/source/shared/_includes/dedicated_storage_install_kubernetes.rest
@@ -76,7 +76,7 @@
      .. Note::
 
         A node with Edgeworker personality is also available. See
-        :ref:`deploy-edgeworker-nodes` for details.
+        |deploy-edgeworker-nodes| for details.
 
 #. Wait for the software installation on controller-1, storage-0,
    storage-1, worker-0, and worker-1 to complete, for all servers to
diff --git a/doc/source/shared/_includes/desc_aio_duplex.txt b/doc/source/shared/_includes/desc_aio_duplex.txt
index de271637c..02de2190e 100644
--- a/doc/source/shared/_includes/desc_aio_duplex.txt
+++ b/doc/source/shared/_includes/desc_aio_duplex.txt
@@ -1,3 +1,5 @@
+
+
 The All-in-one Duplex (AIO-DX) deployment option provides a pair of high
 availability (HA) servers with each server providing all three cloud functions
 (controller, worker, and storage).
@@ -20,8 +22,7 @@ An AIO-DX configuration provides the following benefits:
 .. note::
 
    If you are behind a corporate firewall or proxy, you need to set proxy
-   settings. Refer to :ref:`docker_proxy_config` for
-   details.
+   settings. Refer to |docker_proxy_config| for details.
 
 .. figure:: /shared/figures/deploy_install_guides/starlingx-deployment-options-duplex.png
    :scale: 50%
diff --git a/doc/source/shared/_includes/desc_aio_simplex.txt b/doc/source/shared/_includes/desc_aio_simplex.txt
index fccf3330d..395bf671b 100644
--- a/doc/source/shared/_includes/desc_aio_simplex.txt
+++ b/doc/source/shared/_includes/desc_aio_simplex.txt
@@ -10,7 +10,7 @@ following benefits:
 .. note::
 
    If you are behind a corporate firewall or proxy, you need to set proxy
-   settings. Refer to :ref:`docker_proxy_config` for details.
+   settings. Refer to |docker_proxy_config| for details.
 
 .. figure:: /shared/figures/deploy_install_guides/starlingx-deployment-options-simplex.png
    :scale: 50%
diff --git a/doc/source/shared/_includes/desc_controller_storage.txt b/doc/source/shared/_includes/desc_controller_storage.txt
index 54a786142..03318add9 100644
--- a/doc/source/shared/_includes/desc_controller_storage.txt
+++ b/doc/source/shared/_includes/desc_controller_storage.txt
@@ -18,7 +18,7 @@ A Standard with Controller Storage configuration provides the following benefits
 .. note::
 
    If you are behind a corporate firewall or proxy, you need to set proxy
-   settings. Refer to :ref:`docker_proxy_config` for details.
+   settings. Refer to |docker_proxy_config| for details.
 
 .. figure:: /shared/figures/deploy_install_guides/starlingx-deployment-options-controller-storage.png
    :scale: 50%
diff --git a/doc/source/shared/_includes/desc_dedicated_storage.txt b/doc/source/shared/_includes/desc_dedicated_storage.txt
index 233ee197f..6e0865755 100644
--- a/doc/source/shared/_includes/desc_dedicated_storage.txt
+++ b/doc/source/shared/_includes/desc_dedicated_storage.txt
@@ -17,7 +17,7 @@ A Standard with Dedicated Storage configuration provides the following benefits:
 .. note::
 
    If you are behind a corporate firewall or proxy, you need to set proxy
-   settings. Refer to :ref:`docker_proxy_config` for details.
+   settings. Refer to |docker_proxy_config| for details.
 
 .. figure:: /shared/figures/deploy_install_guides/starlingx-deployment-options-dedicated-storage.png
    :scale: 50%
diff --git a/doc/source/shared/_includes/desc_rook_storage.txt b/doc/source/shared/_includes/desc_rook_storage.txt
index a9e98a7e0..32ee24adf 100644
--- a/doc/source/shared/_includes/desc_rook_storage.txt
+++ b/doc/source/shared/_includes/desc_rook_storage.txt
@@ -12,7 +12,7 @@ A Standard with Rook Storage configuration provides the following benefits:
 .. note::
 
    If you are behind a corporate firewall or proxy, you need to set proxy
-   settings. Refer to :ref:`docker_proxy_config` for
+   settings. Refer to |docker_proxy_config| for
    details.
 
 .. figure:: /deploy_install_guides/release/figures/starlingx-deployment-options-controller-storage.png
diff --git a/doc/source/shared/_includes/inc-install-software-on-controller.rest b/doc/source/shared/_includes/inc-install-software-on-controller.rest
index 094f0d8df..8e9285372 100644
--- a/doc/source/shared/_includes/inc-install-software-on-controller.rest
+++ b/doc/source/shared/_includes/inc-install-software-on-controller.rest
@@ -1,5 +1,6 @@
 .. incl-install-software-controller-0-aio-start
 
+
 .. note::
 
    The disks and disk partitions need to be wiped before the install. Installing
@@ -16,13 +17,13 @@
 
    .. note::
 
-      Refer to :ref:`bootable_usb` for instructions on how
-      to create a bootable USB with the |prod| ISO.
+      Refer to |bootable_usb| for instructions on how to create a bootable USB
+      with the |prod| ISO.
 
    .. note::
 
       Alternatively one can PXEBOOT controller-0. See
-      :ref:`pxe-boot-controller-0-d5da025c2524` for details on how to setup a
+      |pxe-boot-controller-0-d5da025c2524| for details on how to setup a
       PXEBOOT Server and pxe-boot the |prod| load on controller-0
 
 #. Power on the host.
diff --git a/doc/source/shared/_includes/incl-bootstrap-controller-0-virt-controller-storage-start.rest b/doc/source/shared/_includes/incl-bootstrap-controller-0-virt-controller-storage-start.rest
index 1b6ada7df..1ad2ddb6f 100644
--- a/doc/source/shared/_includes/incl-bootstrap-controller-0-virt-controller-storage-start.rest
+++ b/doc/source/shared/_includes/incl-bootstrap-controller-0-virt-controller-storage-start.rest
@@ -90,11 +90,10 @@ On virtual controller-0:
         EOF
 
    Refer to :ref:`Ansible Bootstrap Configurations
-   <ansible_bootstrap_configs_r7>` for information on additional
-   Ansible bootstrap configurations for advanced Ansible bootstrap
-   scenarios, such as Docker proxies when deploying behind a firewall,
-   etc. Refer to :ref:`Docker Proxy Configuration
-   <docker_proxy_config>` for details about Docker proxy settings.
+   <ansible_bootstrap_configs_r7>` for information on additional Ansible
+   bootstrap configurations for advanced Ansible bootstrap scenarios, such as
+   Docker proxies when deploying behind a firewall, etc. Refer to
+   |docker_proxy_config| for details about Docker proxy settings.
 
 #. Run the Ansible bootstrap playbook:
 
diff --git a/doc/source/shared/_includes/incl-bootstrap-sys-controller-0-standard.rest b/doc/source/shared/_includes/incl-bootstrap-sys-controller-0-standard.rest
index c19f9f95f..3da459297 100644
--- a/doc/source/shared/_includes/incl-bootstrap-sys-controller-0-standard.rest
+++ b/doc/source/shared/_includes/incl-bootstrap-sys-controller-0-standard.rest
@@ -145,10 +145,9 @@
       .. only:: starlingx
 
          If a firewall is blocking access to Docker hub or your private
-         registry from your StarlingX deployment, you will need to add
-         the following lines in $HOME/localhost.yml  (see :ref:`Docker
-         Proxy Configuration <docker_proxy_config>` for more details
-         about Docker proxy settings):
+         registry from your StarlingX deployment, you will need to add the
+         following lines in ``$HOME/localhost.yml``  (see |docker_proxy_config|
+         for more details about Docker proxy settings):
 
       .. only:: partner
 
diff --git a/doc/source/shared/_includes/incl-config-controller-0-storage.rest b/doc/source/shared/_includes/incl-config-controller-0-storage.rest
index e441ceb52..bab325e10 100644
--- a/doc/source/shared/_includes/incl-config-controller-0-storage.rest
+++ b/doc/source/shared/_includes/incl-config-controller-0-storage.rest
@@ -19,8 +19,8 @@
      system host-if-modify controller-0 $OAM_IF -c platform
      system interface-network-assign controller-0 $OAM_IF oam
 
-   To configure a vlan or aggregated ethernet interface, see :ref:`Node
-   Interfaces <node-interfaces-index>`.
+   To configure a vlan or aggregated ethernet interface, see
+   |node-interfaces-index|.
 
 #. Configure the MGMT interface of controller-0 and specify the attached
    networks of both "mgmt" and "cluster-host".
@@ -46,8 +46,8 @@
      system interface-network-assign controller-0 $MGMT_IF mgmt
      system interface-network-assign controller-0 $MGMT_IF cluster-host
 
-   To configure a vlan or aggregated ethernet interface, see :ref:`Node
-   Interfaces <node-interfaces-index>`.
+   To configure a vlan or aggregated ethernet interface, see
+   |node-interfaces-index|.
 
 #. Configure |NTP| servers for network time synchronization:
 
@@ -55,8 +55,7 @@
 
      system ntp-modify ntpservers=0.pool.ntp.org,1.pool.ntp.org
 
-   To configure |PTP| instead of |NTP|, see :ref:`PTP Server Configuration
-   <ptp-server-config-index>`.
+   To configure |PTP| instead of |NTP|, see |ptp-server-config-index|.
 
 #. If required, configure Ceph storage backend:
 
diff --git a/doc/source/shared/_includes/incl-config-controller-0-virt-controller-storage.rest b/doc/source/shared/_includes/incl-config-controller-0-virt-controller-storage.rest
index a6f8e15b1..e008398a4 100644
--- a/doc/source/shared/_includes/incl-config-controller-0-virt-controller-storage.rest
+++ b/doc/source/shared/_includes/incl-config-controller-0-virt-controller-storage.rest
@@ -62,7 +62,6 @@ On virtual controller-0:
 
        system service-parameter-list platform docker
 
-   #. Refer to :ref:`docker_proxy_config` for
-      details about Docker proxy setting
+   #. Refer to |docker_proxy_config| for details about Docker proxy setting.
 
 .. incl-config-controller-0-virt-controller-storage-end:      
diff --git a/doc/source/shared/_includes/incl-config-controller-1.rest b/doc/source/shared/_includes/incl-config-controller-1.rest
index 7ab3d0a1d..a65f245dd 100644
--- a/doc/source/shared/_includes/incl-config-controller-1.rest
+++ b/doc/source/shared/_includes/incl-config-controller-1.rest
@@ -14,7 +14,7 @@
       system interface-network-assign controller-1 $OAM_IF oam
 
    To configure a vlan or aggregated ethernet interface, see
-   :ref:`Node Interfaces <node-interfaces-index>`.
+   |node-interfaces-index|.
 
 #. The MGMT interface is partially set up by the network install
    procedure; configuring the port used for network install as the MGMT
diff --git a/doc/source/shared/_includes/installation-prereqs.rest b/doc/source/shared/_includes/installation-prereqs.rest
index 8b20fe773..8835aed53 100644
--- a/doc/source/shared/_includes/installation-prereqs.rest
+++ b/doc/source/shared/_includes/installation-prereqs.rest
@@ -1,5 +1,6 @@
 .. _installation-prereqs:
 
+.. .. include:: /_vendor/rl-strings.txt
 
 ==========================
 Installation Prerequisites
@@ -117,12 +118,12 @@ Before attempting to install |prod|, ensure that you have the following:
 
     -   a bootable USB drive with the |prod-long| host installer ISO.
 
-        Refer to :ref:`bootable_usb` for instructions on how to create a
+        Refer to |bootable_usb| for instructions on how to create a
         bootable USB with the StarlingX ISO on your system.
 
     -   the ISO image on a |PXE| boot server on the same network as the server
         that will be used as the initial controller-0. See Appendix
-        :ref:`pxe-boot-controller-0-d5da025c2524` for details.
+        |pxe-boot-controller-0-d5da025c2524| for details.
 
 
 -   For all controller or AIO controller servers, |OAM| Network connectivity to:
diff --git a/doc/source/shared/_includes/prepare-servers-for-installation-91baad307173.rest b/doc/source/shared/_includes/prepare-servers-for-installation-91baad307173.rest
index fb56aa1c3..d42d3ec39 100644
--- a/doc/source/shared/_includes/prepare-servers-for-installation-91baad307173.rest
+++ b/doc/source/shared/_includes/prepare-servers-for-installation-91baad307173.rest
@@ -20,8 +20,8 @@ This section describes the hardware requirements and server preparation for a
    :local:
    :depth: 1
 
-The recommended minimum hardware requirements for |bare-metal| servers for various
-host types are:
+The recommended minimum hardware requirements for |bare-metal| servers for
+various host types are:
 
 .. end-min-hw-reqs-common-intro
 
@@ -33,8 +33,8 @@ host types are:
 .. begin-min-hw-reqs-sx
 
 
-The recommended minimum hardware requirements for |bare-metal| servers for various
-host types are:
+The recommended minimum hardware requirements for |bare-metal| servers for
+various host types are:
 
 
 .. list-table::
@@ -49,18 +49,19 @@ host types are:
 
        or
 
-       Single-CPU Intel® Xeon® D-15xx family, 8 cores (low-power/low-cost option)
+       Single-CPU Intel® Xeon® D-15xx family, 8 cores (low-power/low-cost
+       option)
 
        .. note::
 
-          * Platform: 1 physical core with HT enabled or 2 physical cores with HT
-            disabled, (by default, configurable)
+          * Platform: 1 physical core with HT enabled or 2 physical cores with
+            HT disabled, (by default, configurable)
 
-            The use of single physical core for platform function is only suitable for
-            Intel® 4th Generation Xeon® Scalable Processors or above and should not be
-            configured for previous Intel® Xeon® CPU families. For All-In-One systems
-            with older generation processors, two physical cores (or more) must be
-            configured.
+            The use of single physical core for platform function is only
+            suitable for Intel® 4th Generation Xeon® Scalable Processors or
+            above and should not be configured for previous Intel® Xeon® CPU
+            families. For All-In-One systems with older generation processors,
+            two physical cores (or more) must be configured.
 
           * Application: Remaining cores
    * - Minimum memory
@@ -79,24 +80,24 @@ host types are:
          - Socket 1: Remaining memory
 
    * - Primary disk
-     -  500 GB SSD or |NVMe| (see :ref:`nvme_config`)
+     -  500 GB SSD or |NVMe| (see |nvme_config|)
    * - Additional disks
      - * 1 or more 500 GB (min. 10K RPM) for Ceph |OSD|
 
        * Recommended, but not required: 1 or more |SSDs| or |NVMe| drives for
          Ceph journals (min. 1024 MiB per |OSD| journal)
 
-       * Recommended, but not required: 1 or more 500G HDs (min. 10K RPM), |SSDs|
-         or |NVMe| drives for Container ephemeral disk storage.
+       * Recommended, but not required: 1 or more 500G HDs (min. 10K RPM),
+         |SSDs| or |NVMe| drives for Container ephemeral disk storage.
 
        .. only:: openstack
 
-          * For |prod-os|, we recommend 1 or more 500 GB (min. 10K RPM) for |VM| local
-            ephemeral storage
+          * For |prod-os|, we recommend 1 or more 500 GB (min. 10K RPM) for
+            |VM| local ephemeral storage
 
    * - Minimum network ports
-     - * MGMT: 1x1GE ( Recommended: MGMT 2x10GE LAG ) *Only required if subcloud is
-         in Distributed Cloud*.
+     - * MGMT: 1x1GE ( Recommended: MGMT 2x10GE LAG ) *Only required if
+         subcloud is in Distributed Cloud*.
        * |OAM|: 1x1GE (Recommended: |OAM|: 2x1GE LAG)
 
        * Data: 1 or more x 10GE (Recommended: Data: 2x10GE |LAG|)
@@ -104,8 +105,8 @@ host types are:
    * - USB
      - 1  (Only required if used for initial installation of controller-0).
    * - Power profile
-     - C-states (up to C6) may be configured for some use cases where application
-       workloads can tolerate additional scheduling/timer latency.
+     - C-states (up to C6) may be configured for some use cases where
+       application workloads can tolerate additional scheduling/timer latency.
 
        .. note::
 
@@ -117,10 +118,11 @@ host types are:
 
        .. note::
 
-          |UEFI| Secure Boot and |UEFI| |PXE| boot over IPv6 are not supported. On
-          systems with an IPv6 management network, you can use a separate IPv4
-          network for |PXE| boot. For more information, see
-          :ref:`pxe-boot-controller-0-d5da025c2524`.
+          |UEFI| Secure Boot and |UEFI| |PXE| boot over IPv6 are not supported.
+          On systems with an IPv6 management network, you can use a separate
+          IPv4 network for |PXE| boot. For more information, see
+          |pxe-boot-controller-0-d5da025c2524|.
+      
    * - BIOS settings
      - * Hyper-Threading technology enabled
 
@@ -172,8 +174,8 @@ Prepare bare metal servers
 This section describes the hardware requirements and server preparation for a
 |prod-long| |this-ver| |bare-metal| Duplex deployment configuration.
 
-The recommended minimum hardware requirements for |bare-metal| servers for various
-host types are:
+The recommended minimum hardware requirements for |bare-metal| servers for
+various host types are:
 
 .. list-table::
    :header-rows: 1
@@ -189,18 +191,19 @@ host types are:
 
        or
 
-       * Single-CPU Intel® Xeon® D-15xx family, 8 cores (low-power/low-cost option)
+       * Single-CPU Intel® Xeon® D-15xx family, 8 cores (low-power/low-cost
+         option)
 
        .. note::
 
-          * Platform: 1 physical core with HT enabled or 2 physical cores with HT
-            disabled, (by default, configurable)
+          * Platform: 1 physical core with HT enabled or 2 physical cores with
+            HT disabled, (by default, configurable)
 
-            The use of single physical core for platform function is only suitable for
-            Intel® 4th Generation Xeon® Scalable Processors or above and should not be
-            configured for previous Intel® Xeon® CPU families. For All-In-One systems
-            with older generation processors, two physical cores (or more) must be
-            configured.
+            The use of single physical core for platform function is only
+            suitable for Intel® 4th Generation Xeon® Scalable Processors or
+            above and should not be configured for previous Intel® Xeon® CPU
+            families. For All-In-One systems with older generation processors,
+            two physical cores (or more) must be configured.
 
           * Application: Remaining cores
      - (Same as controller node)
@@ -220,7 +223,7 @@ host types are:
          - Socket 1: Remaining memory
      - 32 GB
    * - Primary disk
-     - 500 GB SSD or |NVMe| (see :ref:`nvme_config`)
+     - 500 GB SSD or |NVMe| (see |nvme_config|)
      - 120 GB (Minimum 10k RPM)
    * - Additional disks
      - * 1 or more 500 GB (min. 10K RPM) for Ceph |OSD|
@@ -228,14 +231,14 @@ host types are:
        * Recommended, but not required: 1 or more |SSDs| or |NVMe| drives for
          Ceph journals (min. 1024 MiB per |OSD| journal)
 
-       * Recommended, but not required: 1 or more 500G HDs (min. 10K RPM), |SSDs|
-         or |NVMe| drives for Container ephemeral disk storage.
+       * Recommended, but not required: 1 or more 500G HDs (min. 10K RPM),
+         |SSDs| or |NVMe| drives for Container ephemeral disk storage.
 
-       * For |prod-os|, we recommend 1 or more 500 GB (min. 10K RPM) for |VM| local
-         ephemeral storage
+       * For |prod-os|, we recommend 1 or more 500 GB (min. 10K RPM) for |VM|
+         local ephemeral storage
 
-     - For |prod-os|, we recommend 1 or more 500 GB (min. 10K RPM) for |VM| local
-       ephemeral storage
+     - For |prod-os|, we recommend 1 or more 500 GB (min. 10K RPM) for |VM|
+       local ephemeral storage
    * - Minimum network ports
      - * MGMT: 1x1GE ( Recommended: MGMT 2x10GE LAG ).
 
@@ -255,8 +258,8 @@ host types are:
      - 1 |BMC|
    * - Power profile
      -
-     - C-states (up to C6) may be configured for some use cases where application
-       workloads can tolerate additional scheduling/timer latency.
+     - C-states (up to C6) may be configured for some use cases where
+       application workloads can tolerate additional scheduling/timer latency.
 
        .. note::
 
@@ -269,10 +272,11 @@ host types are:
 
        .. note::
 
-          |UEFI| Secure Boot and |UEFI| |PXE| boot over IPv6 are not supported. On
-          systems with an IPv6 management network, you can use a separate IPv4
-          network for |PXE| boot. For more information, see
-          :ref:`pxe-boot-controller-0-d5da025c2524`.
+          |UEFI| Secure Boot and |UEFI| |PXE| boot over IPv6 are not supported.
+          On systems with an IPv6 management network, you can use a separate
+          IPv4 network for |PXE| boot. For more information, see
+          |pxe-boot-controller-0-d5da025c2524|.
+
      - BIOS or UEFI
    * - Bios settings
      - * Hyper-Threading technology enabled
@@ -303,8 +307,8 @@ Prepare bare metal servers
 
 * Cabled for networking
 
-  * Far-end switch ports should be properly configured to realize the networking
-    shown in the diagram above.
+  * Far-end switch ports should be properly configured to realize the
+    networking shown in the diagram above.
 
 
 .. end-prepare-servers-dx
@@ -320,8 +324,8 @@ This section describes the hardware requirements and server preparation for a
 |prod-long| |this-ver| |bare-metal| Standard with Controller Storage deployment
 configuration.
 
-The recommended minimum hardware requirements for |bare-metal| servers for various
-host types are:
+The recommended minimum hardware requirements for |bare-metal| servers for
+various host types are:
 
 .. list-table::
    :header-rows: 1
@@ -347,18 +351,18 @@ host types are:
      - 64 GB
      - 32 GB
    * - Primary disk
-     - 500 GB SSD or |NVMe| (see :ref:`nvme_config`)
+     - 500 GB SSD or |NVMe| (see |nvme_config|)
      - 120 GB (Minimum 10k RPM)
    * - Additional disks
      - * 1 or more 500 GB (min. 10K RPM) for Ceph |OSD|
 
        * Recommended, but not required: 1 or more |SSDs| or |NVMe| drives for
          Ceph journals (min. 1024 MiB per |OSD| journal)
-     - For |prod-os|, we recommend 1 or more 500 GB (min. 10K RPM) for |VM| local
-       ephemeral storage
+     - For |prod-os|, we recommend 1 or more 500 GB (min. 10K RPM) for |VM|
+       local ephemeral storage
 
-       Recommended but not required: 1 or more 500G HDs (min. 10K RPM), |SSDs| or
-       |NVMe| drives for Container ephemeral disk storage.
+       Recommended but not required: 1 or more 500G HDs (min. 10K RPM), |SSDs|
+       or |NVMe| drives for Container ephemeral disk storage.
    * - Minimum network ports
      - * MGMT: 1x1GE (Recommended: MGMT 2x10GE LAG)
        * |OAM|: 1x1GE (Recommended: |OAM|: 2x1GE LAG)
@@ -380,10 +384,11 @@ host types are:
 
        .. note::
 
-          |UEFI| Secure Boot and |UEFI| |PXE| boot over IPv6 are not supported. On
-          systems with an IPv6 management network, you can use a separate IPv4
-          network for |PXE| boot. For more information, see
-          :ref:`pxe-boot-controller-0-d5da025c2524`.
+          |UEFI| Secure Boot and |UEFI| |PXE| boot over IPv6 are not supported.
+          On systems with an IPv6 management network, you can use a separate
+          IPv4 network for |PXE| boot. For more information, see
+          |pxe-boot-controller-0-d5da025c2524|.
+
      - BIOS or UEFI
    * - Bios settings
      - * Hyper-Threading technology enabled
@@ -410,8 +415,8 @@ Prepare bare metal servers
 
 * Cabled for networking
 
-  * Far-end switch ports should be properly configured to realize the networking
-    shown in the diagram above.
+  * Far-end switch ports should be properly configured to realize the
+    networking shown in the diagram above.
 
 
 .. end-prepare-servers-std
@@ -428,8 +433,8 @@ This section describes the hardware requirements and server preparation for a
 |prod-long| |this-ver| |bare-metal| Standard with Dedicated Storage deployment
 configuration.
 
-The recommended minimum hardware requirements for |bare-metal| servers for various
-host types are:
+The recommended minimum hardware requirements for |bare-metal| servers for
+various host types are:
 
 .. list-table::
    :header-rows: 1
@@ -464,7 +469,7 @@ host types are:
      - 64 GB
      - 32 GB
    * - Primary disk
-     - 500 GB SSD or |NVMe| (see :ref:`nvme_config`)
+     - 500 GB SSD or |NVMe| (see |nvme_config|)
      - 120 GB (min. 10k RPM)
      - 120 GB (min. 10k RPM)
    * - Additional disks
@@ -473,8 +478,8 @@ host types are:
 
        * Recommended, but not required: 1 or more |SSDs| or |NVMe| drives for
          Ceph journals (min. 1024 MiB per |OSD| journal)
-     - For |prod-os|, we recommend 1 or more 500 GB (min. 10K RPM) for |VM| ephemeral
-       storage
+     - For |prod-os|, we recommend 1 or more 500 GB (min. 10K RPM) for |VM|
+       ephemeral storage
 
        Recommended, but not required: 1 or more 500G HDs (min. 10K RPM), |SSDs|
        or |NVMe| drives for Container ephemeral disk storage.
@@ -504,10 +509,11 @@ host types are:
 
        .. note::
 
-          |UEFI| Secure Boot and |UEFI| |PXE| boot over IPv6 are not supported. On
-          systems with an IPv6 management network, you can use a separate IPv4
-          network for |PXE| boot. For more information, see
-          :ref:`pxe-boot-controller-0-d5da025c2524`.
+          |UEFI| Secure Boot and |UEFI| |PXE| boot over IPv6 are not supported.
+          On systems with an IPv6 management network, you can use a separate
+          IPv4 network for |PXE| boot. For more information, see
+          |pxe-boot-controller-0-d5da025c2524|.
+
      - BIOS or UEFI
      - BIOS or UEFI
    * - Bios settings
@@ -535,8 +541,8 @@ Prepare bare metal servers
 
 * Cabled for networking
 
-  * Far-end switch ports should be properly configured to realize the networking
-    shown in the diagram above.
+  * Far-end switch ports should be properly configured to realize the
+    networking shown in the diagram above.
 
 
 .. end-prepare-servers-ded
@@ -579,7 +585,8 @@ servers are in the following state:
 
     -  Disabled for controller-only servers and storage servers.
 
-    -  Enabled for :hideable:`controller+worker (All-in-one) servers and` worker servers.
+    -  Enabled for :hideable:`controller+worker (All-in-one) servers and`
+       worker servers.
 
 -   The servers are powered off.
 
@@ -631,8 +638,9 @@ servers are in the following state:
          .. note::
 
             |UEFI| Secure Boot and |UEFI| |PXE| boot over IPv6 are not
-            supported. On systems with an IPv6 management network, you can use a
-            separate IPv4 network for |PXE| boot.
+            supported. On systems with an IPv6 management network, you can use
+            a separate IPv4 network for |PXE| boot.
+
        * Hyperthreading: Same as for controllers
        * Power profile: Same as for controllers
        * Intel Virtualization (VTD, VTX): Enabled
@@ -680,8 +688,9 @@ servers are in the following state:
          .. note::
 
             |UEFI| Secure Boot and |UEFI| |PXE| boot over IPv6 are not
-            supported. On systems with an IPv6 management network, you can use a
-            separate IPv4 network for |PXE| boot.
+            supported. On systems with an IPv6 management network, you can use
+            a separate IPv4 network for |PXE| boot.
+
        * Hyperthreading: Same as for controllers
        * Power profile: Same as for controllers
        * Intel Virtualization (VTD, VTX): Disabled
diff --git a/doc/source/storage/openstack/config-and-management-ceph-placement-group-number-dimensioning-for-storage-cluster.rst b/doc/source/storage/openstack/config-and-management-ceph-placement-group-number-dimensioning-for-storage-cluster.rst
index a5a375c17..bbc99b138 100644
--- a/doc/source/storage/openstack/config-and-management-ceph-placement-group-number-dimensioning-for-storage-cluster.rst
+++ b/doc/source/storage/openstack/config-and-management-ceph-placement-group-number-dimensioning-for-storage-cluster.rst
@@ -1,5 +1,6 @@
 .. include:: /_stx-related-links/config-and-management-ceph-placement-group-number-dimensioning-for-storage-cluster.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. cic1603143369680
 .. _config-and-management-ceph-placement-group-number-dimensioning-for-storage-cluster:
 
@@ -13,7 +14,8 @@ pools are created after the Ceph cluster is provisioned (monitor\(s) enabled
 and |OSDs| defined) until it is created by an application or the Rados Gateway
 \(RADOS GW) is configured.
 
-The following is a list of pools created by |prod-os|, and Rados Gateway applications.
+The following is a list of pools created by |prod-os|, and Rados Gateway
+applications.
 
 
 .. _config-and-management-ceph-placement-group-number-dimensioning-for-storage-cluster-table-gvc-3h5-jnb:
@@ -123,9 +125,7 @@ groups for individual pools:
 
 **Too few PGs per OSD**
     Occurs when a new disk is added to the cluster. For more information on how
-    to add a disk as an |OSD|, see, |stor-doc|: :ref:`Provisioning Storage on a
-    Storage Host Using the CLI
-    <provision-storage-on-a-storage-host-using-the-cli>`.
+    to add a disk as an |OSD|, see, |stor-doc|: |provision-storage-on-a-storage-host-using-the-cli|.
 
 To fix this warning, the number of placement groups should be increased, using
 the following commands:
diff --git a/doc/source/storage/openstack/configuration-and-management-storage-on-controller-hosts.rst b/doc/source/storage/openstack/configuration-and-management-storage-on-controller-hosts.rst
index bd32db4ce..0d7a33811 100644
--- a/doc/source/storage/openstack/configuration-and-management-storage-on-controller-hosts.rst
+++ b/doc/source/storage/openstack/configuration-and-management-storage-on-controller-hosts.rst
@@ -1,5 +1,6 @@
 .. include:: /_stx-related-links/configuration-and-management-storage-on-controller-hosts.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. mkh1590590274215
 .. _configuration-and-management-storage-on-controller-hosts:
 
@@ -31,8 +32,7 @@ two-disk controller) or use a third disk for nova-local storage.
 Underlying Platform Filesystem Storage
 --------------------------------------
 
-See the :ref:`platform Planning <overview-of-starlingx-planning>` documentation
-for details.
+See the |overview-of-starlingx-planning| documentation for details.
 
 To pass the disk-space checks, any replacement disks must be installed before
 the allotments are changed.
diff --git a/doc/source/storage/openstack/replacing-a-nova-local-disk.rst b/doc/source/storage/openstack/replacing-a-nova-local-disk.rst
index c2e040ec4..c69dde537 100644
--- a/doc/source/storage/openstack/replacing-a-nova-local-disk.rst
+++ b/doc/source/storage/openstack/replacing-a-nova-local-disk.rst
@@ -1,5 +1,6 @@
 .. include:: /_stx-related-links/replacing-a-nova-local-disk.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. tjr1539798511628
 .. _replacing-a-nova-local-disk:
 
@@ -12,8 +13,7 @@ You can replace failed nova-local disks on compute nodes.
 .. rubric:: |context|
 
 To replace a nova-local storage disk on a compute node, follow the instructions
-in |node-doc|: :ref:`Changing Hardware Components for a Worker Host
-<changing-hardware-components-for-a-worker-host>`.
+in |node-doc|: |changing-hardware-components-for-a-worker-host|.
 
 To avoid reconfiguration, ensure that the replacement disk is assigned to the
 same location on the host, and is the same size as the original. The new disk
diff --git a/doc/source/storage/openstack/specifying-the-storage-type-for-vm-ephemeral-disks.rst b/doc/source/storage/openstack/specifying-the-storage-type-for-vm-ephemeral-disks.rst
index 9fdb72265..77df52c79 100644
--- a/doc/source/storage/openstack/specifying-the-storage-type-for-vm-ephemeral-disks.rst
+++ b/doc/source/storage/openstack/specifying-the-storage-type-for-vm-ephemeral-disks.rst
@@ -1,6 +1,7 @@
 
 .. include:: /_stx-related-links/specifying-the-storage-type-for-vm-ephemeral-disks.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. zjx1464641246986
 .. _specifying-the-storage-type-for-vm-ephemeral-disks:
 
@@ -46,7 +47,7 @@ default. On a system that offers both LVM and Ceph storage backends for Cinder
 storage, you can specify to use the LVM backend when you launch an instance.
 
 To specify the type of storage offered by a compute host, see |stor-doc|:
-:ref:`Work with Local Volume Groups <work-with-local-volume-groups>`.
+|work-with-local-volume-groups|.
 
 .. rubric:: |context|
 
diff --git a/doc/source/storage/openstack/storage-configuration-and-management-storage-on-storage-hosts.rst b/doc/source/storage/openstack/storage-configuration-and-management-storage-on-storage-hosts.rst
index ae090070a..cf8ac3671 100644
--- a/doc/source/storage/openstack/storage-configuration-and-management-storage-on-storage-hosts.rst
+++ b/doc/source/storage/openstack/storage-configuration-and-management-storage-on-storage-hosts.rst
@@ -1,6 +1,7 @@
 
 .. include:: /_stx-related-links/storage-configuration-and-management-storage-on-storage-hosts.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. tfu1590592352767
 .. _storage-configuration-and-management-storage-on-storage-hosts:
 
@@ -11,7 +12,7 @@ Storage on Storage Hosts
 |prod-os| creates default Ceph storage pools for Glance images, Cinder volumes,
 Cinder backups, and Nova ephemeral data object data.
 
-For more information, see the |stor-doc|: :ref:`Storage Resources
-<storage-configuration-storage-resources>` guide for details on configuring the
+For more information, see the |stor-doc|:
+|storage-configuration-storage-resources| guide for details on configuring the
 internal Ceph cluster on either controller or storage hosts.
 
diff --git a/doc/source/storage/openstack/storage-configuring-and-management-storage-related-cli-commands.rst b/doc/source/storage/openstack/storage-configuring-and-management-storage-related-cli-commands.rst
index 516983465..6121b0241 100644
--- a/doc/source/storage/openstack/storage-configuring-and-management-storage-related-cli-commands.rst
+++ b/doc/source/storage/openstack/storage-configuring-and-management-storage-related-cli-commands.rst
@@ -1,6 +1,7 @@
 
 .. include:: /_stx-related-links/storage-configuring-and-management-storage-related-cli-commands.rln
-
+.. RL strings
+.. include:: /_vendor/rl-strings.txt
 .. jem1464901298578
 .. _storage-configuring-and-management-storage-related-cli-commands:
 
@@ -10,8 +11,7 @@ Storage-Related CLI Commands
 
 You can use |CLI| commands when working with storage specific to OpenStack.
 
-For more information, see |stor-doc| :ref:`Storage Resources
-<storage-configuration-storage-resources>`.
+For more information, see |stor-doc| |storage-configuration-storage-resources|.
 
 .. _storage-configuring-and-management-storage-related-cli-commands-section-N10044-N1001C-N10001:
 
diff --git a/mk-link-subs.sh b/mk-link-subs.sh
new file mode 100755
index 000000000..46940f55b
--- /dev/null
+++ b/mk-link-subs.sh
@@ -0,0 +1,60 @@
+#!/bin/bash
+
+l_pattern='\.\.\s+_([a-zA-Z0-9_-]+):\s*$'
+out_file="doc/source/_vendor/rl-strings.txt"
+
+# rewrite from scratch
+if [[ $1 == "-t" ]] || [[ $1 == "-l" ]]; then
+   echo "" > $out_file
+fi
+
+for f in $(find . -name "*.rst"); do 
+
+   label=""
+   title=""
+   in_title_block=0
+
+   while IFS= read -r line || [[ -n "$line" ]]; do
+
+     if [[ "$line" =~ $l_pattern ]]; then
+        label="${BASH_REMATCH[1]}"
+     fi
+
+
+     if [[ "$in_title_block" -eq 1 ]]; then
+     
+        if [[ "$line" == "$title_marker" ]]; then
+           break
+        else
+           in_title_block=0
+           title=""
+        fi
+     fi
+
+     if [[ "$line" =~ ^=+$ ]]; then
+     
+        prev_line=""
+        IFS= read -r prev_line
+     
+        if [[ "$prev_line" =~ ^[^=]+$ && "${#line}" -eq "${#prev_line}" ]]; then
+        
+           title="$prev_line"
+           title_marker="$line"
+           in_title_block=1
+        
+        fi
+     fi
+
+   done <$f
+
+   if [[ $title != "" ]] && [[ $label != "" ]]; then
+      if [[ $1 == "-l" ]]; then
+         echo ".. |${label}| replace:: :ref:\`${title} <${label}>\`" >> $out_file
+      elif [[ $1 == "-t" ]]; then
+         echo ".. |${label}| replace:: *${title}*" >> $out_file
+      else
+         echo -e ".. |${label}| replace:: :ref:\`${label}\`\n.. |${label}| replace:: *${title}*"
+      fi
+   fi
+ 
+done
\ No newline at end of file