Commit graph

1794 commits

Author SHA1 Message Date
Simon
b2ac3a2884 TASK: Add codeblocks to code examples
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-03-04 12:06:54 +01:00
Wang Yan
89337b7a25
Merge pull request #3371 from AkihiroSuda/remove-wrong-arm
docs/spec/manifest-v2-2.md: fix ARM variant
2021-03-04 10:57:22 +08:00
Josh Dolitsky
32ccbf193d
Add configuration option for Redis TLS
Signed-off-by: Josh Dolitsky <josh@dolit.ski>
2021-03-01 18:55:56 -05:00
David Luu
1e625d0076 Added flag for user configurable cipher suites
Configuration of list of cipher suites allows a user to disable use
of weak ciphers or continue to support them for legacy usage if they
so choose.

List of available cipher suites at:
https://golang.org/pkg/crypto/tls/#pkg-constants

Default cipher suites have been updated to:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_AES_128_GCM_SHA256
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_256_GCM_SHA384

MinimumTLS has also been updated to include TLS 1.3 as an option
and now defaults to TLS 1.2 since 1.0 and 1.1 have been deprecated.

Signed-off-by: David Luu <david@davidluu.info>
2021-02-25 14:19:56 -06:00
Akihiro Suda
c432849e44
docs/spec/manifest-v2-2.md: fix ARM variant
The correct `vairant` string for ARM v6 is "v6", not "armv6l".

There is no known implementation that actually uses "armv6l".

See the discussion in opencontainers/image-spec PR 817

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2021-02-25 17:51:26 +09:00
Sebastiaan van Stijn
1d33874951
go.mod: change imports to github.com/distribution/distribution/v3
Go 1.13 and up enforce import paths to be versioned if a project
contains a go.mod and has released v2 or up.

The current v2.x branches (and releases) do not yet have a go.mod,
and therefore are still allowed to be imported with a non-versioned
import path (go modules add a `+incompatible` annotation in that case).

However, now that this project has a `go.mod` file, incompatible
import paths will not be accepted by go modules, and attempting
to use code from this repository will fail.

This patch uses `v3` for the import-paths (not `v2`), because changing
import paths itself is a breaking change, which means that  the
next release should increment the "major" version to comply with
SemVer (as go modules dictate).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-08 18:30:46 +01:00
Novak Ivanovski
e7dc768ae5 Self-signed certificate with Kubernetes fix
In Go 1.15 there is common name deprecation for using Common name:
https://golang.google.cn/doc/go1.15#commonname

This causes the self-signed cert to be rejected by some Kubernetes platforms:
https://stackoverflow.com/questions/64814173/how-do-i-use-sans-with-openssl-instead-of-common-name

Fix is to add this field to the cert.
2021-02-05 23:58:09 -05:00
Patrick Easters
639de6a02f Fix typo for digest regexp
Signed-off-by: Patrick Easters <peasters@redhat.com>
2021-02-05 14:52:27 -05:00
Usha Mandya
977c98e06f Fix broken links
Signed-off-by: Usha Mandya <usha.mandya@docker.com>
2021-01-28 10:07:41 +00:00
t-eimizu
78242c79ea Update insecure.md for Docker Desktop (#11964)
* Update insecure.md for Docker Desktop

Docker Desktop does not have "preferences" menu today.
It's changed to "Settings" > "Docker Engine" .

Co-authored-by: Sebastiaan van Stijn <thaJeztah@users.noreply.github.com>
2021-01-06 13:41:47 +01:00
Sebastiaan van Stijn
430bf25958 update http://dockr.ly links to use TLS
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-27 12:38:17 +01:00
Sebastiaan van Stijn
82f04d0335 Remove references to obsolete engine versions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-26 15:45:07 +01:00
Usha Mandya
2059160c94 Remove Docker Toolbox docs
Signed-off-by: Usha Mandya <usha.mandya@docker.com>
2020-10-20 18:05:36 +01:00
Sebastiaan van Stijn
e02cd8124d Use https:// for links and examples
Found these using `http://[^lp10\*`<][^o]` (to exclude "localhost" and IP-addresses)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 12:09:11 +02:00
Sebastiaan van Stijn
3ec5e7e073 Add rel="noopener" to external links
See https://web.dev/external-anchors-use-rel-noopener/

Using noopener, as that addresses the security issue. "noreferer" blocks
the REFERER header, which may still be useful for some target URLs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-12 13:09:30 +02:00
Dan Fredell
eaeb31604e Add azure config container example (#11152)
* Add azure config container example

I was getting errors on setting up azure, this was because I was putting the full https url into the container field. There error wasn't helpful and nor was the docs.

* Update azure.md

Reword the registry azure container example.
2020-07-22 13:38:20 +01:00
Sebastiaan van Stijn
7728c5e445
docs: add redirect for old URL
Looks like there's some projects refering to this old URL:
https://grep.app/search?q=https%3A//docs.docker.com/reference/api/registry_api/

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-08 12:18:31 +02:00
Usha Mandya
dc7801c55b Add note on Docker Hub 2020-07-03 15:25:54 +01:00
Sebastiaan van Stijn
989101c8c8 Remove some references to enterprise products
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-02 23:36:48 +02:00
Giovanni Toraldo
40f4476dab Remove not really implemented s3accelerate option (#10993)
ref https://github.com/docker/distribution/pull/2166
2020-06-12 14:56:12 +01:00
Sebastiaan van Stijn
b338d2f6ac Get Docker: fix broken links and wrap markdown to 80 char (#10691)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-24 12:20:18 +01:00
Sebastiaan van Stijn
aee0eeb354 registry: use relative markdown links
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-23 13:03:43 +02:00
Sebastiaan van Stijn
267e231de0 Fix various links that were generating URLs with .md (#10548)
* Fix incorrect links in compose section

there's a bug causing wrapped links to not work, and replacing
some links to point to the .md file, so that IDE's can check
if the anchors are valid. Also replaced some links to point
to their new location.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* engine/swarm: update links

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

* Fix various broken links

There's a bug in the "jekyll-relative-links" plugin that causes wrapped links to not work.
Also replacing some links to point to the .md file, so that IDE's can check if the anchors
are valid. Finally, replaced some links to point to their new locations, so that users don't
get redirected..

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-01 12:05:50 +01:00
Usha Mandya
cb2a09fac2 Update tables from html to markdown format (#10360) 2020-02-27 10:34:24 +00:00
Eugene Lubarsky
5e3911c2e6 update registry s3 storage driver docs to add skipverify flag 2020-02-24 21:53:08 +11:00
ollypom
fdb1abd387 Added Nginx Recipe Redirect 2020-01-10 12:39:40 +00:00
Tom Hayward
0f5e2753a6 Fix typo cloudfront updatefrenquency
Signed-off-by: Tom Hayward <thayward@infoblox.com>
2019-12-13 12:11:42 -08:00
Adrian Plata
b4694b0d2d Fixing broken table
Signed-off-by: Adrian Plata <adrian.plata@docker.com>
2019-11-26 17:38:40 -08:00
syntaxkim
f580993c80 fix typo
myregistrydomain.com/my-ubuntu -> myregistry.domain.com/my-ubuntu
2019-10-31 17:46:24 +09:00
Sebastiaan van Stijn
fdee6a2ecf Merge pull request #9270 from das7pad/patch-1
[sec] nginx/compose: Drop aforementioned loophole
2019-09-13 00:39:11 +02:00
Adrian Plata
07a50201c9 Adding deprecated schema instructions
Signed-off-by: Adrian Plata <adrian.plata@docker.com>
2019-09-03 11:44:28 -07:00
Dawn W Docker
d61670894a removing section for Chinese mirror 2019-08-27 14:54:22 -07:00
Jakob Ackermann
dfcc7bccca [sec] nginx/compose: Drop aforementioned loophole 2019-08-18 19:57:15 +02:00
Tariq Ibrahim
8f9c8094fb
replace rsc.io/letsencrypt in favour of golang.org/x/crypto
Signed-off-by: Tariq Ibrahim <tariq181290@gmail.com>
2019-06-04 12:04:18 -07:00
Maria Bermudez
414cebd40e Update link to DTR 2019-05-12 20:02:12 -07:00
Ryan Abrams
3226863cbc
Merge pull request #2849 from Shawnpku/master
support Alibaba Cloud CDN storage middleware
2019-04-16 18:43:06 -07:00
Shawn Chen
fd77cf43a6 change package name & format document
Signed-off-by: Shawn Chen <chen8132@gmail.com>
2019-03-18 11:35:46 +08:00
Vishesh Jindal
e1e72e9563
Fix cloudfront documentation formatting
Signed-off-by: Vishesh Jindal <vishesh92@gmail.com>
2019-03-02 08:58:52 +05:30
Ryan Abrams
c192a281f8
Merge pull request #2813 from lucab/ups/spec-json-binary
registry: fix binary JSON content-type
2019-03-01 14:26:54 -08:00
Maria Bermudez
3be1cdec0e Update help.md 2019-02-15 14:05:58 -08:00
Shawnpku
3aa2a282f7 support alicdn middleware
Signed-off-by: Shawnpku <chen8132@gmail.com>
2019-02-11 15:11:26 +08:00
Sebastiaan van Stijn
297ba124e6 Use consistent formatting for notes
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-02-09 00:49:57 +01:00
Maria Bermudez
415f4f4837 Merge pull request #8057 from Mueslint/patch-2
Update deploying.md
2019-02-04 10:24:21 -08:00
L-Hudson
3aa9c1e8f8 Merge pull request #6912 from perlun/patch-1
nginx.md: Add note about potential security isues
2019-01-23 15:17:53 -05:00
Anne Henmi
43b914b687 Update nginx.md
Fixed security warning, changed to "anyone who can log on to the server where your Docker Registry is running"
2019-01-22 16:16:38 -07:00
Aleksejs Sinicins
b98fb58a09 Document registry s3 transfer acceleration option.
https://github.com/docker/distribution/pull/2166
2019-01-21 21:16:51 +02:00
Muesli
560471b555 Update deploying.md
FIX syntax for zsh / mac os x term
2019-01-21 16:56:33 +01:00
L-Hudson
582d8e62dc Revert "Fix error (small change, only 1 line)" 2019-01-17 13:52:54 -05:00
Cheng Zheng
0620562750 Fix error 2019-01-17 20:42:17 +08:00
Derek McGowan
b75069ef13
Merge pull request #2791 from AliyunContainerService/support-oss-byok
Support BYOK for OSS storage driver
2019-01-16 16:37:37 -08:00
paigehargrave
af3ab22278 Merge branch 'master' into name-change-for-Docker-Desktop 2019-01-14 11:14:48 -05:00
Luca Bruno
15b0204758
registry: fix binary JSON content-type
This fixes registry endpoints to return the proper `application/json`
content-type for JSON content, also updating spec examples for that.

As per IETF specification and IANA registry [0], the `application/json`
type is a binary media, so the content-type label does not need any
text-charset selector. Additionally, the media type definition
explicitly states that it has no required nor optional parameters,
which makes the current registry headers non-compliant.

[0]: https://www.iana.org/assignments/media-types/application/json

Signed-off-by: Luca Bruno <lucab@debian.org>
2019-01-14 09:04:42 +00:00
Greg Rebholz
cdb62b2b77 Registry - make minimum TLS version user configurable
Signed-off-by: J. Gregory Rebholz <gregrebholz@gmail.com>
2019-01-11 18:11:03 -05:00
paigehargrave
c73861540e Update insecure.md 2019-01-11 13:23:58 -05:00
paigehargrave
f9d531c4b7 404 registry API 2019-01-08 14:42:05 -05:00
Ryan Abrams
d1abdeb623 Add docs for autoredirect config parameter
Config parameter is user facing so should be documented.

Signed-off-by: Ryan Abrams <rdabrams@gmail.com>
2019-01-04 13:11:20 -08:00
Anne Henmi
f89f0867e2 Update nginx.md
wording
2019-01-02 08:51:16 -07:00
Anne Henmi
d2bb626afa Merge pull request #6051 from xueshanf/master
Mention that rootdirectory prefix  has to be pre-created
2018-12-26 10:16:40 -07:00
Li Yi
b7839211af Update doc for BYOK support in OSS storage driver
Change-Id: I195f29195f999e3e14ba921fd3435a6dc4788417
Signed-off-by: Li Yi <denverdino@gmail.com>
2018-12-25 09:32:16 +08:00
Maria Bermudez
01ceef9f0a Restoring open source registry garbage collection page 2018-11-15 07:55:03 -08:00
Maria Bermudez
62894d68b6 Merge public:master into private 2018-11-02 10:03:18 -07:00
Oscar Caballero
e92760a3a0 Spelling revision 2018-09-23 21:43:11 +02:00
ruicao
d1f36d46c9 Fix some typos
Signed-off-by: ruicao <ruicao@alauda.io>
2018-09-07 18:13:53 +08:00
Andrey Kostov
3f9f073cef Edit configuration.md to add gcs credentials option
Signed-off-by: Andrey Kostov <kostov.andrey@gmail.com>
2018-09-05 15:48:29 -07:00
Maria Bermudez
b0bb8437cf Delete garbage-collection.md
This relates to CE version of garbage collection. Can you confirm this, @davidswu?
2018-09-05 07:12:12 -07:00
Maria Bermudez
71d02b105c Add online garbage collection feature and known limitation as described on DTR Workshop doc 2018-08-31 22:08:13 -07:00
Olivier Gambier
90705d2fb8
Merge pull request #2362 from twistlock/populate_htpasswd
Create and populate htpasswd file if missing
2018-08-31 00:25:37 -07:00
Maria Bermudez
f04f6208b9 Revert "Revert "Merge branch 'master' of github.com:docker/docs-private into test-branch-2""
This reverts commit 88038ffd3a.
2018-08-29 19:01:03 -07:00
Maria Bermudez
88038ffd3a Revert "Merge branch 'master' of github.com:docker/docs-private into test-branch-2"
This reverts commit af5f2fcc38c39c157180be7b9671fddd1ab3bfc5, reversing
changes made to 338b690d26894aec370337caca1788eeaecbd8de.
2018-08-29 18:37:44 -07:00
Maria Bermudez
b9c4182eb6 Revert "Revert "Merge branch 'master' of github.com:docker/docs-private into test-branch-2""
This reverts commit 2df45044a6.
2018-08-29 18:36:03 -07:00
Maria Bermudez
2df45044a6 Revert "Merge branch 'master' of github.com:docker/docs-private into test-branch-2"
This reverts commit af5f2fcc38c39c157180be7b9671fddd1ab3bfc5, reversing
changes made to 338b690d26894aec370337caca1788eeaecbd8de.
2018-08-29 14:47:31 -07:00
Derek McGowan
b12bd4004a
Merge pull request #2639 from andrew-leung/manifesteventlayers
Add configurable layers in manifest events
2018-08-28 16:03:05 -07:00
Derek McGowan
059f301d54
Merge pull request #2685 from manishtomar/mani-graceful-shutdown
Graceful shutdown
2018-08-27 14:24:53 -07:00
Manish Tomar
f95ac7db95 fix doc - thanks @dmp42
Signed-off-by: Manish Tomar <manish.tomar@docker.com>
2018-08-24 14:57:26 -07:00
Derek McGowan
ef859e1b21
Merge pull request #2474 from vikstrous/disable-v1-master
disable schema1 by default, add a config flag to enable it
2018-08-24 10:58:39 -07:00
Maria Bermudez
7eac5fad26 Revert absolute path change
Existing link works on docs.docker.com
2018-08-21 15:50:35 -07:00
Andrew Leung
5e4b81a578 Use references terminology instead of layers.
Signed-off-by: Andrew Leung <anwleung@gmail.com>
2018-08-20 10:01:40 -07:00
Manish Tomar
40efb602d6
Add support to gracefully shutdown the server
This is done by draining the connections for configured time after registry receives a SIGTERM signal.
This adds a `draintimeout` setting under `HTTP`. Registry doesn't drain
if draintimeout is not provided.

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
2018-08-20 10:01:26 -07:00
Maria Bermudez
bfd7156f33 Grammatical and spelling updates
- Fix misspelling
- Remove unnecessary comma
2018-08-17 17:44:52 -07:00
Andrew Leung
276fdce3d9 Add configurable layers in manifest events
Signed-off-by: Andrew Leung <anwleung@gmail.com>
2018-06-27 09:27:24 -07:00
sun jian
955f7ef68b fix: configuration reference link
configuration.md not found.
2018-06-27 22:21:05 +08:00
Per Lundberg
8112d01b9b nginx.md: Add note about potential security isues
I thought about this while setting this up, and then found this guide (I was setting it up without the guide first.)

The potential security implications are important, so I think we should mention them here on this web page. (We could even go further by outright _warning_ people about this, but perhaps letting people know about it so they can make an informed decision is a better way to go. This can be perfectly fine for certain intranet scenarios.)
2018-06-20 16:28:10 +03:00
E. M. Bray
ff7866442a Update deploying.md
since these docs are demonstrating how to run a swarm service with TLS support I assume port 443 was intended here
2018-06-15 14:53:47 -07:00
T N
1b6e19d694 Update link to Docker Trusted Registry (#6479)
https://docs.docker.com/datacenter/dtr/2.5/guides/ => https://docs.docker.com/ee/dtr/
2018-04-18 15:54:50 -07:00
Nat Zimmermann
9042088fad Fix "Run the registry as a service" link (#6289) 2018-03-30 13:58:20 -07:00
Akihiro Suda
f0fe5c3875 registry/filesystem: mention umask (#6276)
* registry/filesystem; mention umask
2018-03-22 10:12:29 -07:00
Derek McGowan
607ae5d128
Merge pull request #2501 from xiaonancc77/master
Added ignore event types into notifications
2018-03-14 10:37:02 -07:00
elsanli(李楠)
fc1d3647c6 Added ignore event typs into notifications
Signed-off-by: elsanli(李楠) <elsanli@tencent.com>
2018-03-13 16:00:44 +08:00
Wang Jie
e80e5f2eb8 Update swift.md (#6054) 2018-02-23 15:40:51 -08:00
Wang Jie
4a9ec8171d Update azure.md (#6053) 2018-02-23 09:08:06 -08:00
Xueshan Feng
c594eb1ff0 Mention that rootdirectory prefix has to be pre-existcreated
Like bucket, to use a prefix to separate data, the `bucketname/<prefix>` needs to be pre created, otherwise, you get 503 error when starting registry.
2018-02-22 15:40:39 -08:00
Joao Fernandes
198ebadc6d Fix links not rendering properly (#6049) 2018-02-22 13:24:44 -08:00
Wang Jie
35cca3f0f4 Update compatibility.md (#6043) 2018-02-22 04:32:20 -08:00
Akihiro Suda
db6444ace5 Update mirror.md
It was not obvious that additional configuration is needed for the official Registry image.

cc @dmcgowan @stevvooe
2018-02-16 09:35:33 -08:00
Wang Jie
947af10cc0 Update insecure.md
Hi,I‘m back 🐶
2018-02-15 11:26:59 -08:00
Wang Jie
1edd9dcccc Update notifications.md 2018-02-15 11:25:40 -08:00
Stephen Day
6664ec7039
Merge pull request #2466 from tifayuki/prometheus_go_metrics
add prometheus metrics
2018-02-09 15:49:04 -08:00
tifayuki
e3c37a46e2 Add Prometheus Metrics
at the first iteration, only the following metrics are collected:

  - HTTP metrics of each API endpoint
  - cache counter for request/hit/miss
  - histogram of storage actions, including:
    GetContent, PutContent, Stat, List, Move, and Delete

Signed-off-by: tifayuki <tifayuki@gmail.com>
2018-02-09 14:27:51 -08:00
Julien Bordellier
a92ed35ab2 Fix port requirement for SSL of docker registry (#5973)
Just bellow my edit the port 443 is used, not the port 5000 as mentioned. This PR fixes that.
2018-02-09 13:19:38 -08:00
Stephen Day
d707ea2428
Merge pull request #2469 from felixbuenemann/letsencrypt-host-whitelist-support
Let's Encrypt Host Whitelist Support
2018-02-06 16:11:20 -08:00