1 files changed, 31 insertions, 52 deletions
diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md
index 507ba25850d..3b04c7aac18 100644
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -28,9 +28,9 @@ This namespace:
 To see a list of available applications to install. For a:
 
 - [Project-level cluster](../project/clusters/index.md), navigate to your project's
-  **{cloud-gear}** **Operations > Kubernetes**.
+  **Operations > Kubernetes**.
 - [Group-level cluster](../group/clusters/index.md), navigate to your group's
-  **{cloud-gear}** **Kubernetes** page.
+  **Kubernetes** page.
 
 NOTE: **Note:**
 As of GitLab 11.6, Helm will be upgraded to the latest version supported
@@ -69,47 +69,23 @@ can lead to confusion during deployments.
 
 > - Introduced in GitLab 10.2 for project-level clusters.
 > - Introduced in GitLab 11.6 for group-level clusters.
-> - A local Tiller option was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) in GitLab 13.2 behind a feature flag, enabled by default.
-> - The feature flag for local Tiller is enabled on GitLab.com.
+> - [Uses a local Tiller](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) since GitLab 13.2.
 
 [Helm](https://helm.sh/docs/) is a package manager for Kubernetes and is
 used to install the GitLab-managed apps. GitLab runs each `helm` command
 in a pod within the `gitlab-managed-apps` namespace inside the cluster.
 
-As of GitLab 13.2, the integration uses a local
-[Tiller](https://v2.helm.sh/docs/glossary/#tiller) by default. When using a
-local Tiller, the Helm application does not need to be installed and will not
-be shown in the list of applications.
+GitLab's integration uses Helm 2 with a local
+[Tiller](https://v2.helm.sh/docs/glossary/#tiller) server for managing
+applications. Prior to [GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/209736),
+GitLab used an in-cluster Tiller server in the `gitlab-managed-apps`
+namespace. This server can now be safely removed.
 
 NOTE: **Note:**
 GitLab's Helm integration does not support installing applications behind a proxy,
 but a [workaround](../../topics/autodevops/index.md#install-applications-behind-a-proxy)
 is available.
 
-### Enable or disable local Tiller **(CORE ONLY)**
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) in GitLab 13.2
-> - The option to disable local Tiller is [planned for removal](https://gitlab.com/gitlab-org/gitlab/-/issues/209736) in GitLab 13.3
-
-Local Tiller is under development, but is ready for production use. It is
-deployed behind a feature flag that is **enabled by default**.
-[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md)
-can enable it for your instance.
-
-To enable it:
-
-```ruby
-# Instance-wide
-Feature.enable(:managed_apps_local_tiller)
-```
-
-To disable it:
-
-```ruby
-# Instance-wide
-Feature.disable(:managed_apps_local_tiller)
-```
-
 ### cert-manager
 
 > Introduced in GitLab 11.6 for project- and group-level clusters.
@@ -311,7 +287,7 @@ This feature:
   For example:
 
   ```shell
-  kubectl logs -n gitlab-managed-apps $(kubectl get pod -n gitlab-managed-apps -l app=nginx-ingress,component=controller --no-headers=true -o custom-columns=:metadata.name) modsecurity-log -f
+  kubectl -n gitlab-managed-apps logs -l app=nginx-ingress,component=controller -c modsecurity-log -f
   ```
 
 To enable WAF, switch its respective toggle to the enabled position when installing or updating [Ingress application](#ingress).
@@ -343,7 +319,7 @@ To help you tune your WAF rules, you can globally set your WAF to either
 To change your WAF's mode:
 
 1. [Install ModSecurity](../../topics/web_application_firewall/quick_start_guide.md) if you have not already done so.
-1. Navigate to **{cloud-gear}** **Operations > Kubernetes**.
+1. Navigate to **Operations > Kubernetes**.
 1. In **Applications**, scroll to **Ingress**.
 1. Under **Global default**, select your desired mode.
 1. Click **Save changes**.
@@ -535,7 +511,7 @@ To enable log shipping:
 
 1. Ensure your cluster contains at least 3 nodes of instance types larger than
    `f1-micro`, `g1-small`, or `n1-standard-1`.
-1. Navigate to **{cloud-gear}** **Operations > Kubernetes**.
+1. Navigate to **Operations > Kubernetes**.
 1. In **Kubernetes Cluster**, select a cluster.
 1. In the **Applications** section, find **Elastic Stack** and click **Install**.
 
@@ -547,7 +523,7 @@ file.
 
 NOTE: **Note:**
 The chart deploys 3 identical Elasticsearch pods which can't be colocated, and each
-require 1 CPU and 2 GB of RAM, making them incompatible with clusters containing
+requires 1 CPU and 2 GB of RAM, making them incompatible with clusters containing
 fewer than 3 nodes or consisting of `f1-micro`, `g1-small`, `n1-standard-1`, or
 `*-highcpu-2` instance types.
 
@@ -601,7 +577,7 @@ your data. Fluentd sends logs in syslog format.
 
 To enable Fluentd:
 
-1. Navigate to **{cloud-gear}** **Operations > Kubernetes** and click
+1. Navigate to **Operations > Kubernetes** and click
    **Applications**. You will be prompted to enter a host, port and protocol
    where the WAF logs will be sent to via syslog.
 1. Provide the host domain name or URL in **SIEM Hostname**.
@@ -719,7 +695,7 @@ for the available configuration options.
 
 NOTE: **Note:**
 Support for installing the Ingress managed application is provided by the GitLab Configure group.
-If you run into unknown issues, please [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new) and ping at least 2 people from the [Configure group](https://about.gitlab.com/handbook/product/categories/#configure-group).
+If you run into unknown issues, please [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new) and ping at least 2 people from the [Configure group](https://about.gitlab.com/handbook/product/product-categories/#configure-group).
 
 ### Install cert-manager using GitLab CI/CD
 
@@ -760,7 +736,7 @@ available configuration options.
 
 NOTE: **Note:**
 Support for installing the Cert Manager managed application is provided by the GitLab Configure group.
-If you run into unknown issues, please [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new) and ping at least 2 people from the [Configure group](https://about.gitlab.com/handbook/product/categories/#configure-group).
+If you run into unknown issues, please [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new) and ping at least 2 people from the [Configure group](https://about.gitlab.com/handbook/product/product-categories/#configure-group).
 
 ### Install Sentry using GitLab CI/CD
 
@@ -951,17 +927,15 @@ For an overview, see the [Container Network Security Demo for GitLab 12.8](https
 Enable Cilium in the `.gitlab/managed-apps/config.yaml` file to install it:
 
 ```yaml
-# possible values are gke, eks or you can leave it blank
+# possible values are gke or eks
 clusterType: gke
 
 cilium:
   installed: true
 ```
 
-The `clusterType` variable enables the recommended Helm variables for
-a corresponding cluster type. The default value is blank. You can
-check the recommended variables for each cluster type in the official
-documentation:
+The `clusterType` variable enables the recommended Helm variables for a corresponding cluster type.
+You can check the recommended variables for each cluster type in the official documentation:
 
 - [Google GKE](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-gke/#deploy-cilium)
 - [AWS EKS](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-eks/#deploy-cilium)
@@ -972,6 +946,11 @@ management project. Refer to the
 [Cilium chart](https://github.com/cilium/cilium/tree/master/install/kubernetes/cilium)
 for the available configuration options.
 
+You can check Cilium's installation status on the cluster management page:
+
+- [Project-level cluster](../project/clusters/index.md): Navigate to your project's **Operations > Kubernetes** page.
+- [Group-level cluster](../group/clusters/index.md): Navigate to your group's **Kubernetes** page.
+
 CAUTION: **Caution:**
 Installation and removal of the Cilium requires a **manual**
 [restart](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-gke/#restart-unmanaged-pods)
@@ -1004,7 +983,7 @@ The Cilium monitor log for traffic is logged out by the
 `cilium-monitor` sidecar container. You can check these logs with the following command:
 
 ```shell
-kubectl -n gitlab-managed-apps logs cilium-XXXX cilium-monitor
+kubectl -n gitlab-managed-apps logs -l k8s-app=cilium -c cilium-monitor
 ```
 
 You can disable the monitor log in `.gitlab/managed-apps/cilium/values.yaml`:
@@ -1127,7 +1106,7 @@ falco:
 You can check these logs with the following command:
 
 ```shell
-kubectl logs -l app=falco -n gitlab-managed-apps
+kubectl -n gitlab-managed-apps logs -l app=falco
 ```
 
 NOTE: **Note:**
@@ -1183,7 +1162,7 @@ below are examples and should be replaced with settings specific to your environ
 ui:
   enabled: true
 server:
-  # Disable the built in data storage volume as it's not safe for Hight Availability mode
+  # Disable the built in data storage volume as it's not safe for High Availability mode
   dataStorage:
     enabled: false
   # Enable High Availability Mode
@@ -1210,9 +1189,9 @@ server:
       }
 ```
 
-Once you have successfully installed Vault, you will need to [initialize the Vault](https://learn.hashicorp.com/vault/getting-started/deploy#initializing-the-vault)
+Once you have successfully installed Vault, you will need to [initialize the Vault](https://learn.hashicorp.com/tutorials/vault/getting-started-deploy#initializing-the-vault)
 and obtain the initial root token. You will need access to your Kubernetes cluster that Vault has been deployed into in order to do this.
-To initialise the Vault, get a shell to one of the Vault pods running inside Kubernetes (typically this is done by using the `kubectl` command line tool).
+To initialize the Vault, get a shell to one of the Vault pods running inside Kubernetes (typically this is done by using the `kubectl` command line tool).
 Once you have a shell into the pod, run the `vault operator init` command:
 
 ```shell
@@ -1278,7 +1257,7 @@ available configuration options.
 
 NOTE: **Note:**
 Support for installing the JupyterHub managed application is provided by the GitLab Configure group.
-If you run into unknown issues, please [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new) and ping at least 2 people from the [Configure group](https://about.gitlab.com/handbook/product/categories/#configure-group).
+If you run into unknown issues, please [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new) and ping at least 2 people from the [Configure group](https://about.gitlab.com/handbook/product/product-categories/#configure-group).
 
 ### Install Elastic Stack using GitLab CI/CD
 
@@ -1393,7 +1372,7 @@ If you plan to use GitLab Serverless capabilities, be sure to set an A record wi
 
 NOTE: **Note:**
 Support for installing the Knative managed application is provided by the GitLab Configure group.
-If you run into unknown issues, please [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new) and ping at least 2 people from the [Configure group](https://about.gitlab.com/handbook/product/categories/#configure-group).
+If you run into unknown issues, please [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new) and ping at least 2 people from the [Configure group](https://about.gitlab.com/handbook/product/product-categories/#configure-group).
 
 #### Knative Metrics
 
@@ -1587,7 +1566,7 @@ To avoid installation errors:
 If you're using a managed cluster on AWS EKS, and you are not able to install some of the managed
 apps, consider checking the logs.
 
-You can check the logs by running following commands:
+You can check the logs by running the following commands:
 
 ```shell
 kubectl get pods --all-namespaces