forked from TrueCloudLab/distribution
Add few more sentences for the debug endpoint
Initially I misunderstood that the debug endpoint has to be disabled in production environments. That's why I created https://github.com/distribution/distribution/issues/4084 and https://github.com/distribution/distribution/issues/4085. But it turns out that the docs want to state the the debug endpoint should not be exposed publicly to the internet. Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>
This commit is contained in:
parent
3fc1216dc3
commit
993af6fefd
1 changed files with 2 additions and 0 deletions
|
@ -821,6 +821,8 @@ can be helpful in diagnosing problems. The debug endpoint can be used for
|
||||||
monitoring registry metrics and health, as well as profiling. Sensitive
|
monitoring registry metrics and health, as well as profiling. Sensitive
|
||||||
information may be available via the debug endpoint. Please be certain that
|
information may be available via the debug endpoint. Please be certain that
|
||||||
access to the debug endpoint is locked down in a production environment.
|
access to the debug endpoint is locked down in a production environment.
|
||||||
|
The debug endpoint should not be exposed publicly to the internet.
|
||||||
|
Instead, keep the debug endpoint private or enforce authentication for it.
|
||||||
|
|
||||||
The `debug` section takes a single required `addr` parameter, which specifies
|
The `debug` section takes a single required `addr` parameter, which specifies
|
||||||
the `HOST:PORT` on which the debug server should accept connections.
|
the `HOST:PORT` on which the debug server should accept connections.
|
||||||
|
|
Loading…
Reference in a new issue