Merge pull request #95 from btat/figcaption

Convert figcaption tags to Asciidoc block label

versions/latest/modules/en/pages/about-rancher/architecture/communicating-with-downstream-clusters.adoc

@@ -4,8 +4,7 @@ This section describes how Rancher provisions and manages the downstream user cl
 
 The below diagram shows how the cluster controllers, cluster agents, and node agents allow Rancher to control downstream clusters.
 
-+++<figcaption>+++Communicating with Downstream Clusters+++</figcaption>+++
-
+.Communicating with Downstream Clusters
 image::rancher-architecture-cluster-controller.svg[Rancher Components]
 
 The following descriptions correspond to the numbers in the diagram above:

versions/latest/modules/en/pages/about-rancher/architecture/rancher-server-and-components.adoc

@@ -8,8 +8,7 @@ For the best performance and security, we recommend a dedicated Kubernetes clust
 
 The diagram below shows how users can manipulate both xref:cluster-deployment/launch-kubernetes-with-rancher.adoc[Rancher-launched Kubernetes] clusters and xref:cluster-deployment/hosted-kubernetes/hosted-kubernetes.adoc[hosted Kubernetes] clusters through Rancher's authentication proxy:
 
-+++<figcaption>+++Managing Kubernetes Clusters through Rancher's Authentication Proxy+++</figcaption>+++
-
+.Managing Kubernetes Clusters through Rancher's Authentication Proxy
 image::rancher-architecture-rancher-api-server.svg[Architecture]
 
 You can install Rancher on a single node, or on a high-availability Kubernetes cluster.

versions/latest/modules/en/pages/about-rancher/architecture/recommendations.adoc

@@ -22,16 +22,14 @@ We don't recommend installing Rancher in a single Docker container, because if t
 
 One option for the underlying Kubernetes cluster is to use K3s Kubernetes. K3s is Rancher's CNCF certified Kubernetes distribution. It is easy to install and uses half the memory of Kubernetes, all in a binary of less than 100 MB. Another advantage of K3s is that it allows an external datastore to hold the cluster data, allowing the K3s server nodes to be treated as ephemeral.
 
-+++<figcaption>+++Architecture of a K3s Kubernetes Cluster Running the Rancher Management Server+++</figcaption>+++
-
+.Architecture of a K3s Kubernetes Cluster Running the Rancher Management Server
 image::k3s-server-storage.svg[Architecture of a K3s Kubernetes Cluster Running the Rancher Management Server]
 
 === RKE Kubernetes Cluster Installations
 
 In an RKE installation, the cluster data is replicated on each of three etcd nodes in the cluster, providing redundancy and data duplication in case one of the nodes fails.
 
-+++<figcaption>+++Architecture of an RKE Kubernetes Cluster Running the Rancher Management Server+++</figcaption>+++
-
+.Architecture of an RKE Kubernetes Cluster Running the Rancher Management Server
 image::rke-server-storage.svg[Architecture of an RKE Kubernetes cluster running the Rancher management server]
 
 == Recommended Load Balancer Configuration for Kubernetes Installations
@@ -43,8 +41,7 @@ We recommend the following configurations for the load balancer and Ingress cont
 * The Ingress controller will redirect HTTP to HTTPS and terminate SSL/TLS on port TCP/443.
 * The Ingress controller will forward traffic to port TCP/80 on the pod in the Rancher deployment.
 
-+++<figcaption>+++Rancher installed on a Kubernetes cluster with layer 4 load balancer, depicting SSL termination at Ingress controllers+++</figcaption>+++
-
+.Rancher installed on a Kubernetes cluster with layer 4 load balancer, depicting SSL termination at Ingress controllers
 image::ha/rancher2ha.svg[Rancher HA]
 
 == Environment for Kubernetes Installations

versions/latest/modules/en/pages/cluster-admin/helm-charts-in-rancher/create-apps.adoc

@@ -55,10 +55,10 @@ A file that provides descriptive text in the chart's UI header.
 +
 A file that contains questions for a form. These form questions simplify deployment of a chart. Without it, you must configure the deployment using a values YAML config, which is more difficult. The following images display the difference between a Rancher chart (which includes `questions.yml`) and a native Helm chart (which does not).
 
-+++<figcaption>+++Rancher Chart with `questions.yml` (top) vs. Helm Chart without (bottom)+++</figcaption>+++
-
+.Rancher Chart with `questions.yml`
 image::rancher-app-2.6.png[questions.yml]
 
+.Helm Chart without `questions.yml`
 image::helm-app-2.6.png[values.yaml]
 
 === Chart.yaml annotations

versions/latest/modules/en/pages/cluster-deployment/hosted-kubernetes/eks/eks.adoc

@@ -66,8 +66,7 @@ For the full list of EKS cluster configuration options, see xref:cluster-deploym
 
 The figure below illustrates the high-level architecture of Rancher 2.x. The figure depicts a Rancher Server installation that manages two Kubernetes clusters: one created by RKE and another created by EKS.
 
-+++<figcaption>+++Managing Kubernetes Clusters through Rancher's Authentication Proxy+++</figcaption>+++
-
+.Managing Kubernetes Clusters through Rancher's Authentication Proxy
 image::rancher-architecture-rancher-api-server.svg[Architecture]
 
 == AWS Service Events

versions/latest/modules/en/pages/cluster-deployment/infra-providers/infra-providers.adoc

@@ -65,8 +65,7 @@ The recommended setup is to have:
 
 By default, Rancher tries to run the Docker Install script when provisioning RKE1 downstream cluster nodes, such as in vSphere. However, the Rancher Docker installation script would fail in air-gapped environments. To work around this issue, you may choose to skip installing Docker when creating a Node Template where Docker is pre-installed onto a VM image. You can accomplish this by selecting *None* in the dropdown list for `Docker Install URL` under *Engine Options* in the Rancher UI.
 
-+++<figcaption>+++**Engine Options Dropdown:**+++</figcaption>+++
-
+.Engine Options Dropdown
 image::node-template-engine-options-rke1.png[Engine Options Dropdown]
 
 ==== Node Pool Taints

versions/latest/modules/en/pages/cluster-deployment/infra-providers/vsphere/best-practices.adoc

@@ -7,8 +7,7 @@ This guide outlines a reference architecture for provisioning downstream Rancher
 * <<_3_storage_considerations,3. Storage Considerations>>
 * <<_4_backups_and_disaster_recovery,4. Backups and Disaster Recovery>>
 
-+++<figcaption>+++Solution Overview+++</figcaption>+++
-
+.Solution Overview
 image::solution_overview.drawio.svg[Solution Overview]
 
 == 1. VM Considerations

versions/latest/modules/en/pages/cluster-deployment/production-checklist/roles-for-nodes-in-kubernetes.adoc

@@ -4,8 +4,8 @@ This section describes the roles for etcd nodes, controlplane nodes, and worker
 
 This diagram is applicable to Kubernetes clusters xref:cluster-deployment/launch-kubernetes-with-rancher.adoc[launched with Rancher using RKE.].
 
+.Lines show the traffic flow between components. Colors are used purely for visual aid
 image::clusterdiagram.svg[Cluster diagram]
-+++<figcaption>+++^Lines show the traffic flow between components. Colors are used purely for visual aid^+++</figcaption>+++
 
 == etcd
 

versions/latest/modules/en/pages/contribute-to-rancher.adoc

@@ -78,10 +78,9 @@ All of repositories are located within our main GitHub organization. There are m
 
 To see all libraries/projects used in Rancher, see the https://github.com/rancher/rancher/blob/master/go.mod[`go.mod` file] in the `rancher/rancher` repository.
 
+.Rancher components used for provisioning/managing Kubernetes clusters
 image::ranchercomponentsdiagram-2.6.svg[Rancher diagram]
 
-+++<figcaption>+++Rancher components used for provisioning/managing Kubernetes clusters.+++</figcaption>+++
-
 === Building Rancher Repositories
 
 Every repository should have a Makefile and can be built using the `make` command. The `make` targets are based on the scripts in the `/scripts` directory in the repository, and each target will use https://github.com/rancher/dapper[Dapper] to run the target in an isolated environment. The `Dockerfile.dapper` will be used for this process, and includes all the necessary build tooling needed.

versions/latest/modules/en/pages/installation-and-upgrade/best-practices/high-availability-installs.adoc

@@ -17,6 +17,5 @@ For information on how Rancher works, regardless of the installation method, ref
 * The Ingress controller will redirect HTTP to HTTPS and terminate SSL/TLS on port TCP/443.
 * The Ingress controller will forward traffic to port TCP/80 on the pod in the Rancher deployment.
 
-+++<figcaption>+++Kubernetes Rancher install with layer 4 load balancer, depicting SSL termination at ingress controllers+++</figcaption>+++
-
+.Kubernetes Rancher install with layer 4 load balancer, depicting SSL termination at ingress controllers
 image::ha/rancher2ha.svg[High-availability Kubernetes Installation of Rancher]

versions/latest/modules/en/pages/installation-and-upgrade/best-practices/rancher-on-vsphere.adoc

@@ -2,8 +2,7 @@
 
 This guide outlines a reference architecture for installing Rancher on an RKE Kubernetes cluster in a VMware vSphere environment. It also desctibes standard vSphere best practices as documented by VMware.
 
-+++<figcaption>+++Solution Overview+++</figcaption>+++
-
+.Solution Overview
 image::rancher-on-prem-vsphere.svg[Solution Overview]
 
 == 1. Load Balancer Considerations

versions/latest/modules/en/pages/installation-and-upgrade/infrastructure-setup/amazon-elb-load-balancer.adoc

@@ -141,14 +141,12 @@ Select the instances (Linux nodes) you want to add, and click *Add to registered
 
 '''
 
-+++<figcaption>+++Screenshot Add targets to target group TCP port 443*+++</figcaption>+++
-
+.Screenshot Add targets to target group TCP port 443
 image::ha/nlb/add-targets-targetgroup-443.png[]
 
 '''
 
-+++<figcaption>+++Screenshot Added targets to target group TCP port 443*+++</figcaption>+++
-
+.Screenshot Added targets to target group TCP port 443
 image::ha/nlb/added-targets-targetgroup-443.png[]
 
 When the instances are added, click *Save* on the bottom right of the screen.

versions/latest/modules/en/pages/installation-and-upgrade/infrastructure-setup/nginx-load-balancer.adoc

@@ -34,7 +34,7 @@ After installing NGINX, you need to update the NGINX configuration file, `nginx.
 See https://docs.nginx.com/nginx/admin-guide/load-balancer/tcp-udp-load-balancer/[NGINX Documentation: TCP and UDP Load Balancing] for all configuration options.
 ====
 +
-+++<figcaption>+++Example NGINX config+++</figcaption>+++
+Example NGINX config:
 +
 ----
 worker_processes 4;

versions/latest/modules/en/pages/installation-and-upgrade/install-kubernetes/rke1-for-rancher.adoc

@@ -75,8 +75,7 @@ ingress:
 kubernetes_version: v1.25.6-rancher4-1
 ----
 
-+++<figcaption>+++Common RKE Nodes Options+++</figcaption>+++
-
+.Common RKE Nodes Options
 |===
 | Option | Required | Description
 

versions/latest/modules/en/pages/installation-and-upgrade/other-installation-methods/air-gapped/install-kubernetes.adoc

@@ -318,8 +318,8 @@ Replace values in the code sample below with help of the _RKE Options_ table. Us
 
 For more details on the options available, see the RKE https://rancher.com/docs/rke/latest/en/config-options/[Config Options].
 ====
-+++<figcaption>+++RKE Options+++</figcaption>+++
 
+.RKE Options
 |===
 | Option | Required | Description
 

versions/latest/modules/en/pages/installation-and-upgrade/requirements/port-requirements.adoc

@@ -45,8 +45,7 @@ The VXLAN port on nodes should not be exposed to the world as it opens up your c
 
 The following tables break down the port requirements for inbound and outbound traffic:
 
-+++<figcaption>+++Inbound Rules for Rancher Server Nodes+++</figcaption>+++
-
+.Inbound Rules for Rancher Server Nodes
 |===
 | Protocol | Port | Source | Description
 
@@ -76,14 +75,30 @@ The following tables break down the port requirements for inbound and outbound t
 | kubelet
 |===
 
-+++<figcaption>+++Outbound Rules for Rancher Nodes+++</figcaption>+++
+.Outbound Rules for Rancher Nodes
+|===
+| Protocol | Port | Destination | Description
+
+| TCP
+| 22
+| Any node IP from a node created using Node Driver
+| SSH provisioning of nodes using Node Driver
+
+| TCP
+| 443
+| git.rancher.io
+| Rancher catalog
+
+| TCP
+| 2376
+| Any node IP from a node created using Node driver
+| Docker daemon TLS port used by Docker Machine
 
-| Protocol | Port | Destination                                              | Description                                   |
-| ------ | --- | -------------------------------------- | ------------------------------ |
-| TCP      | 22   | Any node IP from a node created using Node Driver        | SSH provisioning of nodes using Node Driver   |
-| TCP      | 443  | git.rancher.io |  Rancher catalog                     |
-| TCP      | 2376 | Any node IP from a node created using Node driver        | Docker daemon TLS port used by Docker Machine |
-| TCP      | 6443 | Hosted/Imported Kubernetes API                           | Kubernetes API server                         |
+| TCP
+| 6443
+| Hosted/Imported Kubernetes API
+| Kubernetes API server
+|===
 ======
 
 === Ports for Rancher Server Nodes on RKE
@@ -95,8 +110,7 @@ Typically Rancher is installed on three RKE nodes that all have the etcd, contro
 
 The following tables break down the port requirements for traffic between the Rancher nodes:
 
-+++<figcaption>+++Rules for traffic between Rancher nodes+++</figcaption>+++
-
+.Rules for traffic between Rancher nodes
 |===
 | Protocol | Port | Description
 
@@ -139,8 +153,7 @@ The following tables break down the port requirements for traffic between the Ra
 
 The following tables break down the port requirements for inbound and outbound traffic:
 
-+++<figcaption>+++Inbound Rules for Rancher Nodes+++</figcaption>+++
-
+.Inbound Rules for Rancher Nodes
 |===
 | Protocol | Port | Source | Description
 
@@ -165,15 +178,35 @@ The following tables break down the port requirements for inbound and outbound t
 | HTTPS traffic to Kubernetes API
 |===
 
-+++<figcaption>+++Outbound Rules for Rancher Nodes+++</figcaption>+++
+.Outbound Rules for Rancher Nodes
+|===
+| Protocol | Port | Destination | Description
+
+| TCP
+| 443
+| git.rancher.io
+| Rancher catalog
+
+| TCP
+| 22
+| Any node created using a node driver
+| SSH provisioning of node by node driver
+
+| TCP
+| 2376
+| Any node created using a node driver
+| Docker daemon TLS port used by node driver
+
+| TCP
+| 6443
+| Hosted/Imported Kubernetes API
+| Kubernetes API server
 
-| Protocol | Port | Destination | Description |
-|----|----|-----------|--|
-| TCP | 443 | git.rancher.io | Rancher catalog |
-| TCP | 22 | Any node created using a node driver | SSH provisioning of node by node driver |
-| TCP | 2376 | Any node created using a node driver | Docker daemon TLS port used by node driver |
-| TCP | 6443 | Hosted/Imported Kubernetes API                           | Kubernetes API server                         |
-| TCP | Provider dependent | Port of the Kubernetes API endpoint in hosted cluster | Kubernetes API |
+| TCP
+| Provider dependent
+| Port of the Kubernetes API endpoint in hosted cluster
+| Kubernetes API
+|===
 ======
 
 === Ports for Rancher Server Nodes on {rke2-product-name}
@@ -193,8 +226,8 @@ If you wish to utilize the metrics server, you will need to open port 10250 on e
 
 The VXLAN port on nodes should not be exposed to the world as it opens up your cluster network to be accessed by anyone. Run your nodes behind a firewall/security group that disables access to port 8472.
 ====
-+++<figcaption>+++Inbound Rules for RKE2 Server Nodes+++</figcaption>+++
 
+.Inbound Rules for RKE2 Server Nodes
 |===
 | Protocol | Port | Source | Description
 
@@ -259,8 +292,7 @@ Typically all outbound traffic is allowed.
 ======
 The following tables break down the port requirements for Rancher nodes, for inbound and outbound traffic:
 
-+++<figcaption>+++Inbound Rules for Rancher Node+++</figcaption>+++
-
+.Inbound Rules for Rancher Node
 |===
 | Protocol | Port | Source | Description
 
@@ -275,14 +307,30 @@ The following tables break down the port requirements for Rancher nodes, for inb
 | Rancher agent, Rancher UI/API, kubectl
 |===
 
-+++<figcaption>+++Outbound Rules for Rancher Node+++</figcaption>+++
+.Outbound Rules for Rancher Node
+|===
+| Protocol | Port | Source | Description
+
+| TCP
+| 22
+| Any node IP from a node created using Node Driver
+| SSH provisioning of nodes using Node Driver
+
+| TCP
+| 443
+| git.rancher.io
+| Rancher catalog
+
+| TCP
+| 2376
+| Any node IP from a node created using a node driver
+| Docker daemon TLS port used by Docker Machine
 
-| Protocol | Port | Source | Description |
-|----|----|-----------|--|
-| TCP | 22 | Any node IP from a node created using Node Driver | SSH provisioning of nodes using Node Driver |
-| TCP | 443 | git.rancher.io |  Rancher catalog |
-| TCP | 2376 | Any node IP from a node created using a node driver | Docker daemon TLS port used by Docker Machine |
-| TCP | 6443 | Hosted/Imported Kubernetes API | Kubernetes API server |
+| TCP
+| 6443
+| Hosted/Imported Kubernetes API
+| Kubernetes API server
+|===
 ======
 
 == Downstream Kubernetes Cluster Nodes
@@ -293,8 +341,7 @@ The port requirements differ depending on how the downstream cluster was launche
 
 The following diagram depicts the ports that are opened for each xref:cluster-deployment/cluster-deployment.adoc[cluster type].
 
-+++<figcaption>+++Port Requirements for the Rancher Management Plane+++</figcaption>+++
-
+.Port Requirements for the Rancher Management Plane
 image::port-communications.svg[Basic Port Requirements]
 
 [TIP]

versions/latest/modules/en/pages/integrations/longhorn/overview.adoc

@@ -15,8 +15,7 @@ With Longhorn, you can:
 * Restore volumes from backup
 * Upgrade Longhorn without disrupting persistent volumes
 
-+++<figcaption>+++Longhorn Dashboard+++</figcaption>+++
-
+.Longhorn Dashboard
 image::longhorn-screenshot.png[Longhorn Dashboard]
 
 == Installing {longhorn-product-name} with Rancher
@@ -63,6 +62,5 @@ The storage controller and replicas are themselves orchestrated using Kubernetes
 
 You can learn more about its architecture https://longhorn.io/docs/latest/concepts/[here.]
 
-+++<figcaption>+++Longhorn Architecture+++</figcaption>+++
-
+.Longhorn Architecture
 image::longhorn-architecture.svg[Longhorn Architecture]

versions/latest/modules/en/pages/integrations/neuvector/overview.adoc

@@ -73,12 +73,10 @@ The NeuVector security solution contains four types of security containers: Cont
 * *Scanner:* Performs the vulnerability and compliance scanning for images, containers, and nodes.
 * *Updater:* Updates the CVE database for Neuvector (when run); redeploys scanner pods.
 
-+++<figcaption>+++**NeuVector Security Containers:**+++</figcaption>+++
-
+.NeuVector Security Containers
 image::neuvector-security-containers.png[NeuVector Security Containers]
 
-+++<figcaption>+++**NeuVector Architecture:**+++</figcaption>+++
-
+.NeuVector Architecture
 image::neuvector-architecture.png[NeuVector Architecture]
 
 To learn more about NeuVector's architecture, please refer https://open-docs.neuvector.com/basics/overview#architecture[here].