add warning class and a linebreake to the warning blogquote (#2937)
* Update fedora.md add warning class to blogquote * Update linux-postinstall.md add warning class to blogquote * Update ubuntu.md add warning class to blogquote * Update https.md add warning class to blogquote * Update swarm_manager_locking.md add warning class to blogquote * Update dockerlinks.md add warning class to blogquote * Update deploying.md add warning class to blogquote * Update deploying.md add warning class to blogquote * Update insecure.md add warning class to blogquote * Update discovery.md add warning class to blogquote * Update dockerd.yaml add warning class to blogquote * Update docker_secret_rm.yaml add warning class to blogquote * Update docker_service_rm.yaml add warning class to blogquote * Update docker_secret_rm.yaml add warning class to blogquote * Update scale-your-cluster.md add warning class to blogquote * Update resource_constraints.md add warning class to blogquote * Update binaries.md add warning class to blogquote * Update content_trust.md add warning class to blogquote * Update secrets.md add warning class to blogquote * Update index.md add warning class to blogquote * Update install-sandbox-2.md add warning class to blogquote * Update docker-toolbox.md add warning class to blogquote * Update index.md add warning class to blogquote * Update centos.md add warning class to blogquote * Update debian.md add warning class to blogquote * Update faqs.md add linebreak after Looking for popular FAQs on Docker for Windows? * Update install.md add linebreake after **Already have Docker for Windows?** * Revert "Update dockerd.yaml" This reverts commit 3a98eb86f700ade8941483546c33f69a9dab8ac3. * Revert "Update docker_secret_rm.yaml" This reverts commit 5dc1e75f37033932486c11287052b7d64bf83e55. * Revert "Update docker_service_rm.yaml" This reverts commit a983380a5625b471f1a03f8ed2301ead72f98f1b. * Revert "Update docker_secret_rm.yaml" This reverts commit 4c454b883c300e26fbb056b954bb49ec2933b172.
This commit is contained in:
parent
7cf8dc7c51
commit
b588970105
2 changed files with 13 additions and 5 deletions
|
@ -147,7 +147,9 @@ Except for registries running on secure local networks, registries should always
|
|||
|
||||
The simplest way to achieve access restriction is through basic authentication (this is very similar to other web servers' basic authentication mechanism).
|
||||
|
||||
> **Warning**: You **cannot** use authentication with an insecure registry. You have to [configure TLS first](deploying.md#running-a-domain-registry) for this to work.
|
||||
> **Warning**:
|
||||
> You **cannot** use authentication with an insecure registry. You have to [configure TLS first](deploying.md#running-a-domain-registry) for this to work.
|
||||
{:.warning}
|
||||
|
||||
First create a password file with one entry for the user "testuser", with password "testpassword":
|
||||
|
||||
|
@ -212,7 +214,9 @@ registry:
|
|||
- /path/auth:/auth
|
||||
```
|
||||
|
||||
> **Warning**: replace `/path` by whatever directory that holds your `certs` and `auth` folder from above.
|
||||
> **Warning**:
|
||||
> replace `/path` by whatever directory that holds your `certs` and `auth` folder from above.
|
||||
{:.warning}
|
||||
|
||||
You can then start your registry with a simple
|
||||
|
||||
|
@ -227,4 +231,4 @@ You will find more specific and advanced information in the following sections:
|
|||
- [Advanced "recipes"](recipes/index.md)
|
||||
- [Registry API](spec/api.md)
|
||||
- [Storage driver model](storage-drivers/index.md)
|
||||
- [Token authentication](spec/auth/token.md)
|
||||
- [Token authentication](spec/auth/token.md)
|
||||
|
|
|
@ -13,7 +13,9 @@ configuration.
|
|||
|
||||
## Deploying a plain HTTP registry
|
||||
|
||||
> **Warning**: it's not possible to use an insecure registry with basic authentication.
|
||||
> **Warning**:
|
||||
> it's not possible to use an insecure registry with basic authentication.
|
||||
{:.warning}
|
||||
|
||||
This basically tells Docker to entirely disregard security for your registry.
|
||||
While this is relatively easy to configure the daemon in this way, it is
|
||||
|
@ -44,7 +46,9 @@ environment.
|
|||
|
||||
## Using self-signed certificates
|
||||
|
||||
> **Warning**: using this along with basic authentication requires to **also** trust the certificate into the OS cert store for some versions of docker (see below)
|
||||
> **Warning**:
|
||||
> using this along with basic authentication requires to **also** trust the certificate into the OS cert store for some versions of docker (see below)
|
||||
{:.warning}
|
||||
|
||||
This is more secure than the insecure registry solution. You must configure every docker daemon that wants to access your registry
|
||||
|
||||
|
|
Loading…
Reference in a new issue