Commit graph

302 commits

Author SHA1 Message Date
Richard Scothern
7647f7fe76 Merge pull request #1204 from MHBauer/gh1197
Formatting content digest calculation to avoid copyright symbols
2015-11-25 11:24:06 -08:00
farmerworking
8acf5a4d63 Oss secure option default to true, Fix doc error
Signed-off-by: farmerworking <farmerworking@gmail.com>
2015-11-25 12:38:44 +08:00
Avi Miller
a7199f5d7c Fixed whitespace and made the command consistent with the other examples.
Signed-off-by: Avi Miller <avi.miller@oracle.com>
2015-11-25 10:41:40 +11:00
Avi Miller
b27d479ad5 Adding additional comment to enable the shared system certificates store.
Signed-off-by: Avi Miller <avi.miller@oracle.com>
2015-11-25 10:30:12 +11:00
Morgan Bauer
17d4e82944
Formatting content digest calculation to avoid copyright symbols
- resolves #1197

Signed-off-by: Morgan Bauer <mbauer@us.ibm.com>
2015-11-24 10:13:34 -08:00
Sven Dowideit
64bc8af1b9 Doc fixes found by validation job
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2015-11-20 12:21:03 +10:00
Sylvain Baubeau
7c3281861f Add support for temporary URL for Swift driver
Signed-off-by: Sylvain Baubeau <sbaubeau@redhat.com>
2015-11-03 09:59:50 +01:00
Arthur Baars
59784ecdd0 Storage driver for: Google Cloud Storage (gcs)
Signed-off-by: Arthur Baars <arthur@semmle.com>
2015-10-28 20:21:56 +00:00
Matt Moore
0c7cd3fcf8 Add expires_in and issued_at to the auth spec.
This extends the specification for the Bearer token response to include
information pertaining to when an issued Bearer token will expire.

This also allows the client to accept `access_token` as an alias for `token`.

Signed-off-by: Matt Moore <mattmoor@google.com>
2015-10-27 11:05:33 -07:00
Sebastiaan van Stijn
bf6ca6cb53 Docs: replace emoji with regular warning
The docs don't render emoji, so replaced the `⚠️` with
a `**Warning**:` to keep the formatting consisten with
`**Note**:` used in other parts of the docs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2015-10-22 15:59:48 -07:00
Richard Scothern
a266f99418 Merge pull request #1095 from mrwacky42/api-version-annotated
Add annotated example for adding header; +spelling
2015-10-22 14:04:32 -07:00
Sven Dowideit
a5040860f2 Prevent md->html link generation
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2015-10-22 17:27:21 +10:00
Richard Scothern
f9317483d3 Clearer documentation around environment variable overrides
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-10-19 14:52:08 -07:00
Mary Anthony
8e92a8ab00 Updating for Hugo 15 patch
Signed-off-by: Mary Anthony <mary@docker.com>
2015-10-16 12:20:38 -07:00
Stephen Day
dfe60f4cb1 Merge pull request #827 from aaronlehmann/read-only-mode-2
Add a read-only mode as a configuration option
2015-10-15 11:50:31 -07:00
Richard Scothern
539d6312bf Merge pull request #1053 from mrwacky42/patch-1
Fix spelling
2015-10-15 11:44:57 -07:00
Sharif Nassar
0249cc9cb2 Add annotated example for adding header; +spelling
This adds a variable to help nginx add the
Docker-Distribution-Api-Version when using basic auth, and not add the
header when it sees it from the upstream.

Also fix some minor spelling/grammar issues.

Signed-off-by: Sharif Nassar <sharif@mrwacky.com>
2015-10-14 15:21:18 -07:00
Richard Scothern
4c4112bdcf Merge pull request #1035 from aaronlehmann/host-parameter-alternate
Add http.host parameter
2015-10-13 14:03:48 -07:00
Stephen Day
bfd1f423c5 Merge pull request #1033 from jlhawn/api_spec_update_auth_errors
[api spec] Update authN and authZ errors
2015-10-13 13:52:18 -07:00
Sharif Nassar
929595c7d1 Fix spelling
Signed-off-by: Sharif Nassar <sharif@mrwacky.com>
2015-10-12 16:11:30 -07:00
Brian Bland
90fe4b9256 Fixes documentation for swift driver "container" parameter
No longer claims that an additional segments container is used

Signed-off-by: Brian Bland <brian.bland@docker.com>
2015-10-08 16:51:57 -07:00
Richard Scothern
4946d0d035 Merge pull request #1072 from compnski/patch-1
Update configuration.md
2015-10-08 10:12:21 -07:00
Jason Freidman
1c1917fd5a Update configuration.md
It seems that enabling proxy stops my instance from accepting local pushes, but I can't find mention of that in the docs.

Signed-off-by: Jason Freidman <jason@periscope.io>
2015-10-07 20:02:58 -07:00
harche
4ff7656ba1 Typo in command to check registry version
Signed-off-by: Harshal <p.harshal@gmail.com>
2015-10-07 16:38:42 +05:30
Richard Scothern
89bedf1e7f Merge pull request #1048 from docker/docs-secure-default
Correct the default setting of s3's "secure" parameter in configuration.md
2015-10-01 10:26:38 -07:00
Aaron Lehmann
7f83bfd8af Correct the default setting of s3's "secure" parameter in configuration.md
This defaults to true in the code, but the doc claimed it defaults to
false.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-09-30 18:41:06 -07:00
Aaron Lehmann
0a6988195e Add http.host parameter
This allows the administrator to specify an externally-reachable URL for
the registry. It takes precedence over the X-Forwarded-Proto and
X-Forwarded-Host headers, and the hostname in the request.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-09-30 15:12:01 -07:00
Derek McGowan
618ffe118b Merge pull request #1005 from xiekeyang/spec
add description to manifest spec
2015-09-30 11:47:16 -07:00
Richard Scothern
e760fb2dc6 Merge pull request #988 from tt/fix-incorrect-default
Fix incorrect default
2015-09-30 10:40:11 -07:00
Josh Hawn
0f670bdc91 [api spec] Update authN and authZ errors
Associate HTTP 401s with Authentication errors rather than Authorization
errors. Changes the meaning of the UNAUTHORIZED error to be authentication
specific.

Defines DENIED error code to be associated with authorization
errors which result in HTTP 403 responses.

Add 'No Such Repository' errors to more endpoints.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-09-30 09:12:31 -07:00
xiekeyang
da8ef7585d add description to manifest spec
This PR add some description to manifest spec.
It clarifies the relationship between `fsLayers` and `history` fields.

Signed-off-by: xiekeyang <xiekeyang@huawei.com>
2015-09-30 10:16:46 +08:00
Troels Thomsen
cfe50c9ef4 Fix incorrect default
Signed-off-by: Troels Thomsen <troels@thomsen.io>
2015-09-28 10:08:17 +02:00
Richard Scothern
d03c56129c Merge pull request #991 from mattmoor/expires_in_proposal
Fixes #684
2015-09-25 15:23:28 -07:00
Sungho Moon
7bf66b6855 Minor grammar fix : duplicated coordinators.
Signed-off-by: Sungho Moon <sungho.moon@navercorp.com>
2015-09-23 11:40:13 +09:00
Aaron Lehmann
a601f92336 Add an "enabled" parameter under "readonly", and make it as if the mutable handlers don't exist when read-only mode is enabled
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-09-22 15:49:26 -07:00
Aaron Lehmann
c9bb330b71 Add a read-only mode as a configuration option
Add "readonly" under the storage/maintenance section. When this is set
to true, uploads and deletions will return 503 Service Unavailable
errors.

Document the parameter and add some unit testing.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-09-22 15:47:48 -07:00
Matt Moore
ca7c845dc0 Fixes #684
Split the discussion of v2 authentication into two parts:
1) A specification of the handshake between the client, registry and
authentication service.
2) A description of how `docker/distribution` implements this using JWT.

This should make it clearer that `#2` is an implementation detail, and
that clients should regard tokens as opaque entities that only the
registry and authentication service should understand.

Signed-off-by: Matt Moore <mattmoor@google.com>
2015-09-18 15:26:32 -07:00
xiekeyang
78c760f898 typo
Signed-off-by: xiekeyang <xiekeyang@huawei.com>
2015-09-18 17:27:01 +08:00
Aaron Lehmann
f651c5d68e Merge pull request #981 from LouisKottmann/master
Add exemple proxy mistake whith nginx sitting behind an ELB
2015-09-17 14:35:12 -07:00
Louis Kottmann
4075e2bb3d Add exemple proxy mistake whith nginx sitting behind an ELB
closes #970

Signed-off-by: Louis Kottmann <louis.kottmann@gmail.com>
2015-09-17 12:46:12 +02:00
Richard Scothern
4271c60d98 Merge pull request #973 from jlhawn/update_token_spec
[docs/spec/auth] Clarify the Token auth workflow
2015-09-16 10:41:08 -07:00
Josh Hawn
fb481ef843 [docs/spec/auth] Clarify the Token auth workflow
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-09-14 15:57:16 -07:00
Stephen Day
1cdcc0462a Merge pull request #888 from aaronlehmann/config-env-vars
More flexible environment variable overrides
2015-09-10 17:01:30 -07:00
Aaron Lehmann
a49bf24abe More flexible environment variable overrides
Overriding configuration parameters with environment variables used to
work by walking the configuration structure and checking for a
corresponding environment variable for each item. This was very limiting
because only variables corresponding to items that already existed in
the configuration structure would be checked. For example, an
environment variable corresponding to nested maps would only be noticed
if the outer map's key already existed.

This commit changes environment variable overriding to iterate over the
environment instead. For environment variables beginning with the
REGISTRY_ prefix, it splits the rest of their names on "_", and
interprets that as a path to the variable to unmarshal into. Map keys
are created as necessary. If we encounter an empty interface partway
through following the path, it becomes an implicit
map[string]interface{}.

With the new unit tests added here, parser.go now has 89.2% test
coverage.

TestParseWithExtraneousEnvStorageParams was removed, because the limit
of one storage driver is no longer enforced while parsing environment
variables. Now, Storage.Type will panic if multiple drivers are
specified.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-09-03 16:11:53 -07:00
Hua Wang
ddb689ef8b Add TrustId parameter to swift driver
github/ncw/swift has added support for trust, so let's add it.

Signed-off-by: Hua Wang <wanghua.humble@gmail.com>
2015-09-02 15:05:29 +08:00
Olivier Gambier
dbbafe92e9 Merge pull request #941 from liubin/master
add indentations
2015-08-28 12:52:50 -07:00
Olivier Gambier
0c42f0cd63 Granmar and speeling fixes
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-28 12:48:55 -07:00
Olivier Gambier
6197ca7b10 Adding mirror as a recipe
Normalized mirror.md to match other recipes.
Slightly tweaked content, emphasizing the privacy concerns about using login/password on the backend.

Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-28 12:47:39 -07:00
Olivier Gambier
5df53c0681 Documentation enhancements
Making metadata:
- more consistent
- more specific (fixed copy pasting)
- refine coverage

Insecure information cleanup

Removing no longer used files:
- mkdocs is gone
- the registry diagram is not used, and is a bit silly :)

Minor fixes

Fixing links

Recipes:
- harmonized code sections style to the rest of the docs
- harmonized recipe "style"
- listing new recipes

Enhance deploying

Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-28 12:46:53 -07:00
bin liu
e14e40b68c add indentations
Signed-off-by: bin liu <liubin0329@gmail.com>
2015-08-28 20:09:36 +08:00
Olivier Gambier
21edffdee1 Merge pull request #929 from RichardScothern/docs
Add some clarifying documentation for pull through cache configuration
2015-08-27 16:41:22 -07:00
Richard Scothern
246138598d Add some clarifying documentation for pull through cache configuration
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-08-27 10:18:36 -07:00
Aaron Vinson
db36173705 add info about redis eviction policy recommended setting 2015-08-26 18:19:13 -07:00
Olivier Gambier
b78a858b5d Merge pull request #918 from aaronlehmann/json-spec
Update JSON spec to point out escaping of <, >, &
2015-08-24 16:58:11 -07:00
Aaron Lehmann
4cb5626d9e Update JSON spec to point out escaping of <, >, &
...and add blurb about not relying on canonicalization to ensure
identical output.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-08-24 16:28:42 -07:00
Richard Scothern
7a4920d8e5 Merge pull request #897 from dmp42/5.all-ur-proxy-are-belong-to-us
Starting with recipes
2015-08-24 11:28:17 -07:00
Aaron Lehmann
b67aab2f60 Add headers parameter for HTTP checker
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-08-20 15:11:16 -07:00
Aaron Lehmann
e8f088fea6 Add a TCP health checker
Also, add timeout and status code parameters to the HTTP checker, and
remove the threshold parameter for the file checker.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-08-20 15:11:15 -07:00
Aaron Lehmann
216df32510 Add storagedriver section to health check configuration
Add default storagedriver health check to example configuration files
with parameters matching the previous hardcoded configuration.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-08-20 14:50:12 -07:00
Aaron Lehmann
b09b0ffcf9 Add configurable file-existence and HTTP health checks
Add a section to the config file called "health". Within this section,
"filecheckers" and "httpcheckers" list checks to run. Each check
specifies a file or URI, a time interval for the check, and a threshold
specifying how many times the check must fail to reach an unhealthy
state.

Document the new options in docs/configuration.md.

Add unit testing for both types of checkers. Add an UnregisterAll
function in the health package to support the unit tests, and an
Unregister function for consistency with Register.

Fix a string conversion problem in the health package's HTTP checker.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-08-20 14:50:12 -07:00
Olivier Gambier
065bda79bb Starting with recipes
- apache recipe
- streamline nginx recipe
- recipes file

Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-19 16:15:36 -07:00
Richard Scothern
cb6fde2f71 Merge pull request #874 from stevvooe/load-balancer-endpoint
Provide yes man endpoint for inflexible load balancers
2015-08-18 12:54:58 -07:00
Richard Scothern
f169359798 Merge pull request #846 from aaronlehmann/http-header-configuration
Add a section to the config file for HTTP headers to add to responses
2015-08-18 12:53:05 -07:00
Stephen J Day
ad995ab8fa Add guide on load balancing a registry
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-08-17 13:29:48 -07:00
xg.song
2f9f6c08ed Update example config to avoid deprecated option
The storage cache option layerinfo is deprecated,
so use blobdescriptor instead in example config files.

Signed-off-by: xg.song <xg.song@venusource.com>
2015-08-17 08:25:22 +08:00
Miquel Sabaté
d07ae75f90 docs: added the "delete" subsection in the configuration.md file
Signed-off-by: Miquel Sabaté <msabate@suse.com>
2015-08-13 20:18:35 +02:00
Richard Scothern
fee9a9a469 Merge pull request #865 from dmp42/4.docs-2.1
Fix basic auth documentation
2015-08-12 15:00:21 -07:00
Olivier Gambier
5fb6116c2d Fix basic auth documentation
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-12 13:37:33 -07:00
Aaron Lehmann
f813c51857 Merge pull request #856 from dmp42/4.docs-2.1
Fix docs.docker.com
2015-08-11 17:50:10 -07:00
Olivier Gambier
633ac16856 Fix docs.docker.com
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-11 17:48:53 -07:00
Aaron Lehmann
9c3bed6b88 Add a section to the config file for HTTP headers to add to responses
The example configuration files add X-Content-Type-Options: nosniff.

Add coverage in existing registry/handlers unit tests.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-08-11 16:41:38 -07:00
Olivier Gambier
9ca7921603 Merge pull request #848 from RichardScothern/error-type
Error handling fixes
2015-08-11 15:53:13 -07:00
Richard Scothern
7b0d831e6d Merge pull request #853 from dmp42/4.docs-2.1
Additional fixes
2015-08-11 14:32:57 -07:00
Richard Scothern
c78bfc5c59 Merge pull request #852 from ahmetalpbalkan/docs/typo
docs: Small typo fix in config.md
2015-08-11 14:31:35 -07:00
Ahmet Alp Balkan
c471d986d7 docs: Small typo fix
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-08-11 21:29:33 +00:00
Olivier Gambier
c198f8f279 Additional fixes
Couples of nits that where not addressed.

Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-11 14:19:49 -07:00
Richard Scothern
776a4ffbe8 Change some incorrect error types in proxy stores from API errors to
distribution errors.  Fill in missing checks for mutations on a registry pull-through
cache.  Add unit tests and update documentation.

Also, give v2.ErrorCodeUnsupported an HTTP status code, previously it was
defaulting to 500, now its 405 Method Not Allowed.

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-08-11 14:16:24 -07:00
Richard Scothern
528442c015 Merge pull request #831 from stevvooe/add-driver-health-check
Provide simple storage driver health check
2015-08-11 13:30:17 -07:00
Ahmet Alp Balkan
047877c079 docs: Fix markdown in configuration.md
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-08-11 19:03:53 +00:00
Stephen J Day
f141480d98 Move common error codes to errcode package
Several error codes are generally useful but tied to the v2 specification
definitions. This change moves these error code definitions into the common
package for use by the health package, which is not tied to the v2 API.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-08-11 11:50:58 -07:00
Aaron Lehmann
143aae8bc5 Merge pull request #837 from dmp42/4.docs-2.1
[WIP] Updating documentation for 2.1
2015-08-10 14:01:52 -07:00
Olivier Gambier
34067d7d43 Documentation work
- move away insecure & self-signed
- introduce native basic auth
- move "down" nginx based authentication
- overall shortening / smoothing of "deploying" documentation

Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-10 13:57:35 -07:00
Dejan Golja
8221fd39bd Added missing auth type in the documentation
Signed-off-by: Dejan Golja <dejan@golja.org>
2015-08-11 00:11:17 +10:00
Stephen J Day
bc5835ba2d Remove dist tool from distribution
We are headed in a different direction. The dist tool analog will not be a part
of this repository.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-08-06 17:35:36 -07:00
Olivier Gambier
642fb631f4 Merge pull request #818 from dmp42/3.fix-build-docs
Fix relinker
2015-08-06 16:05:24 -07:00
Aaron Lehmann
1670502413 Fix lack of styling on Aliyun OSS documentation page
This page was missing styling once exported to HTML. Adding a
<!--[metadata]> block similar to the ones the other *.md files have
appears to solve the problem.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-08-06 14:59:07 -07:00
Olivier Gambier
3ad11ff363 Fix relinker
This fixes several flaws in the link rewriter:
- broken links on the docs side
- multiple links on one line being mangled
- byzantine logic

Also generalize the logic of the Dockerfile so it is no longer specific to "registry" (env variable), which is a first step in making it possible to upstream all this into the base image and docs project.

Added a number of tests (test.md) to validate the link replacer behavior (against test.compare.md), and embedded the test so that the doc build will fail if the link replacer does not behave.

This is still sed, unfortunately.

Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-04 23:02:34 -07:00
Stephen Day
a0c63372fa Merge pull request #779 from RichardScothern/pull-through-cache
Add pull through cache ability to the Registry.
2015-08-04 17:04:56 -07:00
Richard Scothern
94935f39bc Add pull through cache functionality to the Registry which can be configured
with a new `proxy` section in the configuration file.

Create a new registry type which delegates storage to a proxyBlobStore
and proxyManifestStore.  These stores will pull through data if not present
locally.  proxyBlobStore takes care not to write duplicate data to disk.

Add a scheduler to cleanup expired content. The scheduler runs as a background
goroutine.  When a blob or manifest is pulled through from the remote registry,
an entry is added to the scheduler with a TTL.  When the TTL expires the
scheduler calls a pre-specified function to remove the fetched resource.

Add token authentication to the registry middleware.  Get a token at startup
and preload the credential store with the username and password supplied in the
config file.

Allow resumable digest functionality to be disabled at runtime and disable
it when the registry is a pull through cache.

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-08-04 16:09:55 -07:00
Stephen Day
ef1c72b978 Merge pull request #805 from RichardScothern/811
Spelling corrections
2015-08-04 14:50:32 -07:00
Aaron Lehmann
3a414deddb Merge pull request #514 from denverdino/master
Storage Driver for Aliyun OSS
2015-08-04 12:01:02 -07:00
Li Yi
d7d34a6c5b Add the OSS link
Change-Id: I940fb50f467ce6fc5fbdd9ceb0f9d848e422ced7
Signed-off-by: Li Yi <denverdino@gmail.com>
2015-08-04 09:18:18 +08:00
Richard Scothern
fb9662ad5a Add blob delete entry to api description and regenerate api.md
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-08-03 11:59:19 -07:00
Richard Scothern
bffa20d6bb Spelling corrections
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-07-31 16:43:11 -07:00
Alex Chan
51bd34eaed Fix a few typos in the docs
Signed-off-by: Alex Chan <alex.chan@metaswitch.com>
2015-07-31 13:36:43 +01:00
tgic
3eaab7da95 add link to Aliyun OSS doc
Signed-off-by: tgic <farmer1992@gmail.com>
2015-07-31 13:22:56 +08:00
tgic
76174ad57e update doc add endpoint 2015-07-31 13:22:55 +08:00
Li Yi
c3b42db014 Add the secure access with HTTPS
Signed-off-by: Li Yi <denverdino@gmail.com>
2015-07-31 13:22:54 +08:00
Li Yi
9e4975d8ff Support OSS driver
Signed-off-by: Li Yi <denverdino@gmail.com>
2015-07-31 13:22:54 +08:00
Aaron Lehmann
6c2ef78aa7 Rename dev-config.yml and example-config.yml to config-dev.yml and config-example.yml
Better for sort order.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 15:51:50 -07:00