docs: please make linkcheck, remove very old rbac section

doc/source/administrator/advanced.md

@@ -10,6 +10,7 @@ Most people setting up JupyterHubs on popular public clouds should not have
 to use any of this information, but these topics are essential for more complex
 installations.
 
+(ingress)=
 ## Ingress
 
 If you are using a Kubernetes Cluster that does not provide public IPs for

doc/source/administrator/optimization.md

@@ -56,6 +56,7 @@ singleuser:
     guarantee: 512M
 ```
 
+(pulling-images-before-users-arrive)=
 ## Pulling images before users arrive
 
 If a user pod is scheduled on a node requesting a Docker image that isn't
@@ -119,6 +120,7 @@ situations:
     added, but at that point users are already waiting. To scale up nodes ahead
     of time we can use [user-placeholders](#scaling-up-in-time-user-placeholders).
 
+(images-that-will-be-pulled)=
 ### The images that will be pulled
 
 The hook-image-puller and the continuous-image-puller has various sources
@@ -233,7 +235,7 @@ and some JupyterHub pods (without a permissive
 Consider for example that many users arrive to your JupyterHub during the
 daytime. New nodes are added by the CA. Some system pod ends up on the new nodes
 along with the user pods for some reason. At night when the
-[*culler*](/customizing/user-management.html#culling-user-pods) has removed many inactive
+[*culler*](culling-user-pods) has removed many inactive
 pods from some nodes. They are now free from user pods but there is still a
 single system pod stopping the CA from removing the node.
 
@@ -334,7 +336,7 @@ scheduling:
 
 **NOTE**: For the user scheduler to work well, you need old user pods to shut
 down at some point. Make sure to properly configure the
-[*culler*](user-management.html#culling-user-pods).
+[*culler*](culling-user-pods).
 
 ## Balancing "guaranteed" vs "maximum" memory and CPU
 

doc/source/administrator/security.md

@@ -13,6 +13,7 @@ model itself, please report it to [[email protected]](mailto:security@ipython
 If you prefer to encrypt your security reports, you can use
 [this PGP public key](https://ipython.org/ipython-doc/2/_downloads/ipython_security.asc).
 
+(https)=
 ## HTTPS
 
 This section describes how to enable HTTPS on your JupyterHub. The easiest way to do so is by using [Let's Encrypt](https://letsencrypt.org/), though we'll also cover how to set up your own HTTPS credentials. For more information
@@ -28,6 +29,7 @@ on HTTPS security see the certificates section of [this blog post](https://blog.
 
    It is important that you wait - prematurely going to the next step might cause problems!
 
+(setup-automatic-https)=
 ### Set up automatic HTTPS
 
 JupyterHub uses [Let's Encrypt](https://letsencrypt.org/) to automatically create
@@ -68,6 +70,7 @@ The IP can be provided like:
 More info about this can be found on the [Configuration Reference](helm-chart-configuration-reference) page.
 ***
 
+(setup-manual-https)=
 ### Set up manual HTTPS
 
 If you have your own HTTPS certificates & want to use those instead of the automatically provisioned Let's Encrypt ones, that's also possible. Note that this is considered an advanced option, so we recommend not doing it unless you have good reasons.
@@ -182,6 +185,7 @@ In older clusters, you might have to do:
 kubectl --namespace=kube-system delete rc kubernetes-dashboard
 ```
 
+(rbac)=
 ## Use Role Based Access Control (RBAC)
 
 Kubernetes supports, and often requires, using [Role Based Access Control (RBAC)](https://kubernetes.io/docs/reference/access-authn-authz/rbac/)

doc/source/administrator/upgrading.md

@@ -97,31 +97,6 @@ will be performed automatically when you do a `helm upgrade`.
 5. Remove the lines added in step 3, and do another [`helm upgrade`](#upgrade-command).
 
 
-### [Role based access control](/security.html#use-role-based-access-control-rbac)
-
-[RBAC](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) is the user security model
-in Kubernetes that gives applications only as much access they need to the kubernetes
-API and not more. Prior to this, applications were all running with the equivalent
-of root on your Kubernetes cluster. This release adds appropriate roles for the
-various components of JupyterHub, for much better ability to secure clusters.
-
-RBAC is turned on by default. But, if your cluster is older than 1.8, or you have RBAC
-enforcement turned off, you might want to explicitly disable it. You can do so by adding
-the following snippet to your `config.yaml`:
-
-```yaml
-rbac:
-  enabled: false
-```
-
-This is especially true if you get an error like:
-
-```
-Error: the server rejected our request for an unknown reason (get clusterrolebindings.rbac.authorization.k8s.io)
-```
-
-when doing the upgrade!
-
 ### Custom Docker Images: JupyterHub version match
 
 If you are using a custom built image, make sure that the version of the

doc/source/conf.py

@@ -247,6 +247,8 @@ def parse_schema(d, md=[], depth=0, pre=""):
     "https://your-domain-name.com",  # example
     "https://kubernetes.io/docs/tutorials/kubernetes-basics/",  # works
     "https://cloud.ibm.com/kubernetes/catalog/create",  # works
+    "https://portal.azure.com", # sign-in redirect noise
+    "https://console.cloud.google.com", # sign-in redirect noise
 ]
 linkcheck_anchors_ignore = [
     "/#!",

doc/source/jupyterhub/customizing/user-management.md

@@ -3,6 +3,7 @@
 This section describes management of users and their
 permissions on JupyterHub.
 
+(culling-user-pods)=
 ## Culling user pods
 JupyterHub will automatically delete any user pods that have no activity
 for a period of time. This helps free up computational resources and keeps

doc/source/kubernetes/amazon/step-zero-aws.md

@@ -152,7 +152,7 @@ template you will use to setup and shape your cluster.
 
     You should see a list of two nodes, each beginning with `ip`.
 
-    If you want to use kubectl and helm locally (necessary for step #3 in [Setting up Helm](setup-helm#initialization)):
+    If you want to use kubectl and helm locally:
 
     * run the following on CI host: `kops export kubecfg`
     * copy the contents of `~/.kube/config` to the same place on your local system

doc/source/kubernetes/google/step-zero-gcp.md

@@ -38,7 +38,7 @@ your google cloud account.
    2. **Use your own computer's terminal:**
 
       1. Download and install the `gcloud` command line tool at its [install
-         page](https://cloud.google.com/sdk/install). It will help you
+         page](https://cloud.google.com/sdk/docs/install). It will help you
          create and communicate with a Kubernetes cluster.
       2. Install `kubectl` (reads *kube control*), it is a tool for controlling
          Kubernetes clusters in general. From your terminal, enter:

doc/source/kubernetes/ovh/step-zero-ovh.md

@@ -1,8 +1,8 @@
 (ovh)=
 
-# Kubernetes on [OVHcloud](https://ovh.com/) (OVH)
+# Kubernetes on [OVHcloud](https://www.ovh.ie/) (OVH)
 
-[OVHcloud](https://ovh.com/) is a leader in the hosted private cloud services space in Europe.
+[OVHcloud](https://www.ovh.ie/) is a leader in the hosted private cloud services space in Europe.
 
 They offer a managed Kubernetes service as well as a managed private registry for Docker images.
 

doc/source/kubernetes/setup-helm2.md

@@ -69,7 +69,7 @@ cluster:
    kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
    ```
 
-   See [our RBAC documentation](../administrator/security.html#use-role-based-access-control-rbac) for more information.
+   See [our RBAC documentation](rbac) for more information.
 3. Initialize `helm` and `tiller`.
 
    ```

doc/source/repo2docker.md

@@ -20,7 +20,7 @@ matching version with the Helm chart. This documentation is for Helm chart
 If you can't find a pre-existing image that suits your needs, you can create
 your own image. An easy way to do this is with the package {term}`repo2docker`.
 
-[repo2docker](https://github.com/jupyter/repo2docker) lets you quickly convert
+[repo2docker](https://github.com/jupyterhub/repo2docker) lets you quickly convert
 a Git repository into a Docker image that can be used as a base for your
 JupyterHub instance. Anything inside the Git repository will exist in a user’s
 environment when they access your JupyterHub.

doc/source/resources/glossary.md

@@ -97,7 +97,7 @@ Additions to the glossary are welcomed. Please add in alphabetical order.
       there is always X running pods of a kind.
 
       See the `Kubernetes documentation
-      <https://kubernetes.io/docs/concepts/workloads/pods/pod/>`__ for more
+      <https://kubernetes.io/docs/concepts/workloads/pods/>`__ for more
       information.
 
    Kubernetes resource
@@ -118,7 +118,7 @@ Additions to the glossary are welcomed. Please add in alphabetical order.
       With cluster autoscaling, a node pool can grow and shrink based on demand
       allowing you to save computational resources.
 
-   `repo2docker <https://github.com/jupyter/repo2docker>`_
+   `repo2docker <https://github.com/jupyterhub/repo2docker>`_
       A tool which lets you quickly convert a Git repository into a
       :term:`Docker image`.
 

doc/source/resources/tools.md

@@ -123,7 +123,7 @@ service that you want to run, which makes things easier to manage and
 keeps things more stable.
 
 For more information about pods, see the
-[Kubernetes documentation about pods](https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/).
+[Kubernetes documentation about pods](https://kubernetes.io/docs/concepts/workloads/pods/).
 
 ### Deployments
 

jupyterhub/schema.yaml

@@ -819,7 +819,7 @@ properties:
         type: object
         description: |
           Object for customizing the settings for HTTPS used by the JupyterHub's proxy.
-          For more information on configuring HTTPS for your JupyterHub, see the [HTTPS section in our security guide](/administrator/security.html#https)
+          For more information on configuring HTTPS for your JupyterHub, see the [HTTPS section in our security guide](https)
         properties:
           enabled:
             type: boolean
@@ -842,13 +842,13 @@ properties:
               contactEmail:
                 type: string
                 description: |
-                  The contact email to be used for automatically provisioned HTTPS certificates by Let's Encrypt. For more information see [Set up automatic HTTPS](/administrator/security.html#set-up-automatic-https).
+                  The contact email to be used for automatically provisioned HTTPS certificates by Let's Encrypt. For more information see [Set up automatic HTTPS](setup-automatic-https).
                   Required for automatic HTTPS.
           manual:
             type: object
             description: |
               Object for providing own certificates for manual HTTPS configuration. To be provided when setting `https.type` to `manual`.
-              See [Set up manual HTTPS](/administrator/security.html#set-up-manual-https)
+              See [Set up manual HTTPS](setup-manual-https)
             properties:
               key:
                 type: string
@@ -897,7 +897,7 @@ properties:
             type: list
             description: |
               You domain in list form.
-              Required for automatic HTTPS. See [Set up automatic HTTPS](/administrator/security.html#set-up-automatic-https).
+              Required for automatic HTTPS. See [Set up automatic HTTPS](setup-automatic-https).
               To be provided like:
               ```
               hosts:
@@ -967,7 +967,7 @@ properties:
             type: boolean
             description: |
               Enable persisting auth_state (if available).
-              See: [the documentation on authenticators](http://jupyterhub.readthedocs.io/en/latest/api/auth.html)
+              See: [the documentation on authenticators](https://jupyterhub.readthedocs.io/en/latest/api/auth.html)
           cryptoKey:
             type:
               - string
@@ -1344,7 +1344,7 @@ properties:
           Enable the creation of a Kubernetes Ingress to proxy-public service.
 
           See [Advanced Topics — Zero to JupyterHub with Kubernetes
-          0.7.0 documentation](/administrator/advanced.html#ingress)
+          0.7.0 documentation](ingress)
           for more details.
       annotations:
         type: object
@@ -1395,7 +1395,7 @@ properties:
       hook:
         description: |
           See the [*optimization
-          section*](/administrator/optimization.html#pulling-images-before-users-arrive)
+          section*](pulling-images-before-users-arrive)
           for more details.
         type: object
         properties:
@@ -1423,7 +1423,7 @@ properties:
       continuous:
         description: |
           See the [*optimization
-          section*](/administrator/optimization.html#pulling-images-before-users-arrive)
+          section*](pulling-images-before-users-arrive)
           for more details.
 
           **NOTE**: If used with a Cluster Autoscaler (an autoscaling node
@@ -1447,9 +1447,8 @@ properties:
       extraImages:
         type: object
         description: |
-          See the [*optimization
-          section*](/administrator/optimization.html#the-images-that-will-be-pulled)
-          for more details.
+          See the [*optimization section*](images-that-will-be-pulled) for more
+          details.
 
           ```yaml
           prePuller: