Cleanup of naming in docs

Signed-off-by: James Hewitt <james.hewitt@uk.ibm.com>
This commit is contained in:
James Hewitt 2023-10-12 11:39:36 +01:00
parent 31707d54f3
commit 83dd4ff0a6
No known key found for this signature in database
GPG key ID: EA6C3C654B6193E4
20 changed files with 49 additions and 72 deletions

View file

@ -7,7 +7,7 @@ This is useful if you intend to actively work on the registry.
### Alternatives ### Alternatives
Most people should use the [official Registry docker image](https://hub.docker.com/r/library/registry/). Most people should use prebuilt images, for example, the [Registry docker image](https://hub.docker.com/r/library/registry/) provided by Docker.
People looking for advanced operational use cases might consider rolling their own image with a custom Dockerfile inheriting `FROM registry:2`. People looking for advanced operational use cases might consider rolling their own image with a custom Dockerfile inheriting `FROM registry:2`.

View file

@ -94,7 +94,7 @@ performance must not be discussed on the pull request.
## How are decisions made? ## How are decisions made?
Docker distribution is an open-source project with an open design philosophy. CNCF distribution is an open-source project with an open design philosophy.
This means that the repository is the source of truth for EVERY aspect of the This means that the repository is the source of truth for EVERY aspect of the
project, including its philosophy, design, road map, and APIs. *If it's part of project, including its philosophy, design, road map, and APIs. *If it's part of
the project, it's in the repo. If it's in the repo, it's part of the project.* the project, it's in the repo. If it's in the repo, it's part of the project.*

2
doc.go
View file

@ -1,6 +1,6 @@
// Package distribution will define the interfaces for the components of // Package distribution will define the interfaces for the components of
// docker distribution. The goal is to allow users to reliably package, ship // docker distribution. The goal is to allow users to reliably package, ship
// and store content related to docker images. // and store content related to container images.
// //
// This is currently a work in progress. More details are available in the // This is currently a work in progress. More details are available in the
// README.md. // README.md.

View file

@ -1,13 +1,13 @@
--- ---
description: High-level overview of the Registry description: High-level overview of the Registry
keywords: registry, on-prem, images, tags, repository, distribution keywords: registry, on-prem, images, tags, repository, distribution
title: Docker Registry title: Distribution Registry
--- ---
## What it is ## What it is
The Registry is a stateless, highly scalable server side application that stores The Registry is a stateless, highly scalable server side application that stores
and lets you distribute Docker images. The Registry is open-source, under the and lets you distribute container images. The Registry is open-source, under the
permissive [Apache license](https://en.wikipedia.org/wiki/Apache_License). permissive [Apache license](https://en.wikipedia.org/wiki/Apache_License).
## Why use it ## Why use it
@ -21,13 +21,17 @@ You should use the Registry if you want to:
## Alternatives ## Alternatives
Users looking for a zero maintenance, ready-to-go solution are encouraged to Users looking for a zero maintenance, ready-to-go solution are encouraged to
head-over to the [Docker Hub](https://hub.docker.com), which provides a use one of the existing registry services. Many of these provide support and security
free-to-use, hosted Registry, plus additional features (organization accounts, scanning, and are free for public repositories. For example:
automated builds, and more). - [Docker Hub](https://hub.docker.com)
- [Quay.io](https://quay.io/)
- [GitHub Packages](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry)
## Requirements Cloud infrastructure providers such as [AWS](https://aws.amazon.com/ecr/), [Azure](https://azure.microsoft.com/products/container-registry/), [Google Cloud](https://cloud.google.com/artifact-registry) and [IBM Cloud](https://www.ibm.com/products/container-registry) also have container registry services available at a cost.
The Registry is compatible with Docker engine **version 1.6.0 or higher**. ## Compatibility
The distribution registry implements the [OCI Distribution Spec](https://github.com/opencontainers/distribution-spec) version 1.0.1.
## Basic commands ## Basic commands

View file

@ -4,12 +4,12 @@ keywords: registry, on-prem, images, tags, repository, distribution, use cases,
title: About Registry title: About Registry
--- ---
A registry is a storage and content delivery system, holding named Docker A registry is a storage and content delivery system, holding named container
images, available in different tagged versions. images, available in different tagged versions.
> Example: the image `distribution/registry`, with tags `2.0` and `2.1`. > Example: the image `distribution/registry`, with tags `2.0` and `2.1`.
Users interact with a registry by using docker push and pull commands. Users interact with a registry by pushing and pulling images.
> Example: `docker pull registry-1.docker.io/distribution/registry:2.1`. > Example: `docker pull registry-1.docker.io/distribution/registry:2.1`.
@ -35,11 +35,11 @@ mostly useful for large installations that want to collect metrics.
Image names as used in typical docker commands reflect their origin: Image names as used in typical docker commands reflect their origin:
* `docker pull ubuntu` instructs docker to pull an image named `ubuntu` from the official Docker Hub. This is simply a shortcut for the longer `docker pull docker.io/library/ubuntu` command * `docker pull ubuntu` instructs docker to pull an image named `ubuntu` from Docker Hub. This is simply a shortcut for the longer `docker pull docker.io/library/ubuntu` command
* `docker pull myregistrydomain:port/foo/bar` instructs docker to contact the registry located at `myregistrydomain:port` to find the image `foo/bar` * `docker pull myregistrydomain:port/foo/bar` instructs docker to contact the registry located at `myregistrydomain:port` to find the image `foo/bar`
You can find out more about the various Docker commands dealing with images in You can find out more about the various Docker commands dealing with images in
the [official Docker engine documentation](https://docs.docker.com/engine/reference/commandline/cli/). the [Docker engine documentation](https://docs.docker.com/engine/reference/commandline/cli/).
## Use cases ## Use cases

View file

@ -10,7 +10,7 @@ before moving your systems to production.
## Override specific configuration options ## Override specific configuration options
In a typical setup where you run your Registry from the official image, you can In a typical setup where you run your registry as a container, you can
specify a configuration variable from the environment by passing `-e` arguments specify a configuration variable from the environment by passing `-e` arguments
to your `docker run` stanza or from within a Dockerfile using the `ENV` to your `docker run` stanza or from within a Dockerfile using the `ENV`
instruction. instruction.

View file

@ -401,7 +401,7 @@ authentication to work.
{{< /hint >}} {{< /hint >}}
{{< hint type=warning >}} {{< hint type=warning >}}
The official registry image **only** supports htpasswd credentials in The distribution registry **only** supports htpasswd credentials in
bcrypt format, so if you omit the `-B` option when generating the credential bcrypt format, so if you omit the `-B` option when generating the credential
using htpasswd, all authentication attempts will fail. using htpasswd, all authentication attempts will fail.
{{< /hint >}} {{< /hint >}}

View file

@ -1,20 +0,0 @@
---
description: describes deprecated functionality
keywords: registry, manifest, images, signatures, repository, distribution, digest
title: Docker Registry deprecation
---
This document details functionality or components which are deprecated within
the registry.
### v2.5.0
The signature store has been removed from the registry. Since `v2.4.0` it has
been possible to configure the registry to generate manifest signatures rather
than load them from storage. In this version of the registry this becomes
the default behavior. Signatures which are attached to manifests on put are
not stored in the registry. This does not alter the functional behavior of
the registry.
Old signatures blobs can be removed from the registry storage by running the
garbage-collect subcommand.

View file

@ -9,7 +9,7 @@ This document describes what this command does and how and why it should be used
## About garbage collection ## About garbage collection
In the context of the Docker registry, garbage collection is the process of In the context of the registry, garbage collection is the process of
removing blobs from the filesystem when they are no longer referenced by a removing blobs from the filesystem when they are no longer referenced by a
manifest. Blobs can include both layers and manifests. manifest. Blobs can include both layers and manifests.

View file

@ -17,7 +17,7 @@ This page contains definitions for distribution related terms.
<dt id="image"><h4>Image</h4></dt> <dt id="image"><h4>Image</h4></dt>
<dd> <dd>
<blockquote>An image is a named set of immutable data from which a Docker container can be created.</blockquote> <blockquote>An image is a named set of immutable data from which a container can be created.</blockquote>
<p> <p>
An image is represented by a json file called a <a href="#manifest">manifest</a>, and is conceptually a set of <a href="#layer">layers</a>. An image is represented by a json file called a <a href="#manifest">manifest</a>, and is conceptually a set of <a href="#layer">layers</a>.

View file

@ -6,16 +6,12 @@ title: Registry as a pull through cache
## Use-case ## Use-case
If you have multiple instances of Docker running in your environment, such as If you have multiple consumers of containers running in your environment, such as
multiple physical or virtual machines all running Docker, each daemon goes out multiple physical or virtual machines using containers, or a Kubernetes cluster,
to the internet and fetches an image it doesn't have locally, from the Docker each cunsumer fetches an images it doesn't have locally, from the external registry.
repository. You can run a local registry mirror and point all your daemons You can run a local registry mirror and point all your consumers
there, to avoid this extra internet traffic. there, to avoid this extra internet traffic.
> **Note**
>
> Docker Official Images are an intellectual property of Docker.
### Alternatives ### Alternatives
Alternatively, if the set of images you are using is well delimited, you can Alternatively, if the set of images you are using is well delimited, you can

View file

@ -22,7 +22,7 @@ registry.service
```ini ```ini
[Unit] [Unit]
Description=Docker registry Description=Distribution registry
After=docker.service After=docker.service
Requires=docker.service Requires=docker.service
@ -63,7 +63,7 @@ registry.socket
```ini ```ini
[Unit] [Unit]
Description=container registry Description=Distribution registry
[Socket] [Socket]
ListenStream=5000 ListenStream=5000

View file

@ -1,10 +1,10 @@
--- ---
title: "Docker Registry Token Authentication" title: "Distribution Registry Token Authentication"
description: "Docker Registry v2 authentication schema" description: "Distribution Registry v2 authentication schema"
keywords: registry, on-prem, images, tags, repository, distribution, authentication, advanced keywords: registry, on-prem, images, tags, repository, distribution, authentication, advanced
--- ---
# Docker Registry v2 authentication # Distribution Registry v2 authentication
See the [Token Authentication Specification](token), See the [Token Authentication Specification](token),
[Token Authentication Implementation](jwt), [Token Authentication Implementation](jwt),

View file

@ -1,10 +1,10 @@
--- ---
title: "Token Authentication Implementation" title: "Token Authentication Implementation"
description: "Describe the reference implementation of the Docker Registry v2 authentication schema" description: "Describe the reference implementation of the Distribution Registry v2 authentication schema"
keywords: registry, on-prem, images, tags, repository, distribution, JWT authentication, advanced keywords: registry, on-prem, images, tags, repository, distribution, JWT authentication, advanced
--- ---
# Docker Registry v2 Bearer token specification # Distribution Registry v2 Bearer token specification
This specification covers the `distribution/distribution` implementation of the This specification covers the `distribution/distribution` implementation of the
v2 Registry's authentication schema. Specifically, it describes the JSON v2 Registry's authentication schema. Specifically, it describes the JSON

View file

@ -1,10 +1,10 @@
--- ---
title: "Oauth2 Token Authentication" title: "Oauth2 Token Authentication"
description: "Specifies the Docker Registry v2 authentication" description: "Specifies the Distribution Registry v2 authentication"
keywords: registry, on-prem, images, tags, repository, distribution, oauth2, advanced keywords: registry, on-prem, images, tags, repository, distribution, oauth2, advanced
--- ---
# Docker Registry v2 authentication using OAuth2 # Distribution Registry v2 authentication using OAuth2
This document describes support for the OAuth2 protocol within the authorization This document describes support for the OAuth2 protocol within the authorization
server. [RFC6749](https://tools.ietf.org/html/rfc6749) should be used as a server. [RFC6749](https://tools.ietf.org/html/rfc6749) should be used as a

View file

@ -4,7 +4,7 @@ description: "Describes the scope and access fields used for registry authorizat
keywords: registry, on-prem, images, tags, repository, distribution, advanced, access, scope keywords: registry, on-prem, images, tags, repository, distribution, advanced, access, scope
--- ---
# Docker Registry Token Scope and Access # Distribution Registry Token Scope and Access
Tokens used by the registry are always restricted what resources they may Tokens used by the registry are always restricted what resources they may
be used to access, where those resources may be accessed, and what actions be used to access, where those resources may be accessed, and what actions

View file

@ -1,12 +1,12 @@
--- ---
title: "Token Authentication Specification" title: "Token Authentication Specification"
description: "Specifies the Docker Registry v2 authentication" description: "Specifies the Distribution Registry v2 authentication"
keywords: registry, on-prem, images, tags, repository, distribution, Bearer authentication, advanced keywords: registry, on-prem, images, tags, repository, distribution, Bearer authentication, advanced
--- ---
# Docker Registry v2 authentication via central service # Distribution Registry v2 authentication via central service
This document outlines the v2 Docker registry authentication scheme: This document outlines the v2 Distribution registry authentication scheme:
![v2 registry auth](/images/v2-registry-auth.png) ![v2 registry auth](/images/v2-registry-auth.png)
@ -27,9 +27,9 @@ This document outlines the v2 Docker registry authentication scheme:
- Registry clients which can understand and respond to token auth challenges - Registry clients which can understand and respond to token auth challenges
returned by the resource server. returned by the resource server.
- An authorization server capable of managing access controls to their - An authorization server capable of managing access controls to their
resources hosted by any given service (such as repositories in a Docker resources hosted by any given service (such as repositories in a Distribution
Registry). Registry).
- A Docker Registry capable of trusting the authorization server to sign tokens - A Distribution Registry capable of trusting the authorization server to sign tokens
which clients can use for authorization and the ability to verify these which clients can use for authorization and the ability to verify these
tokens for single use or for use during a sufficiently short period of time. tokens for single use or for use during a sufficiently short period of time.
@ -39,11 +39,8 @@ The described server is meant to serve as a standalone access control manager
for resources hosted by other services which wish to authenticate and manage for resources hosted by other services which wish to authenticate and manage
authorizations using a separate access control manager. authorizations using a separate access control manager.
A service like this is used by the official Docker Registry to authenticate A service like this is used by public and private registries to authenticate
clients and verify their authorization to Docker image repositories. clients and verify their authorization to image repositories.
As of Docker 1.6, the registry client within the Docker Engine has been updated
to handle such an authorization workflow.
## How to authenticate ## How to authenticate

View file

@ -6,9 +6,9 @@ draft: true
This is a list of known implementations of the Distribution API spec. This is a list of known implementations of the Distribution API spec.
## [Docker Distribution Registry](https://github.com/distribution/distribution) ## [CNCF Distribution Registry](https://github.com/distribution/distribution)
Docker distribution is the reference implementation of the distribution API CNCF distribution is the reference implementation of the distribution API
specification. It aims to fully implement the entire specification. specification. It aims to fully implement the entire specification.
### Releases ### Releases

View file

@ -1,15 +1,15 @@
--- ---
draft: true draft: true
title: "Docker Distribution JSON Canonicalization" title: "CNCF Distribution JSON Canonicalization"
description: "Explains registry JSON objects" description: "Explains registry JSON objects"
keywords: ["registry, service, images, repository, json"] keywords: ["registry, service, images, repository, json"]
--- ---
# Docker Distribution JSON Canonicalization # CNCF Distribution JSON Canonicalization
To provide consistent content hashing of JSON objects throughout Docker To provide consistent content hashing of JSON objects throughout CNCF
Distribution APIs, the specification defines a canonical JSON format. Adopting Distribution APIs, the specification defines a canonical JSON format. Adopting
such a canonicalization also aids in caching JSON responses. such a canonicalization also aids in caching JSON responses.

View file

@ -43,4 +43,4 @@ e.g. to release `2.3.1`
`2.3 -> 2.3.1` `2.3 -> 2.3.1`
90. Build a new distribution/registry image on [Docker hub](https://hub.docker.com/u/distribution/dashboard) by adding a new automated build with the new tag and re-building the images. 90. Build a new distribution/registry image on [Docker Hub](https://hub.docker.com/u/distribution/dashboard) by adding a new automated build with the new tag and re-building the images.