Commit graph

441 commits

Author SHA1 Message Date
Derek McGowan
279c02a3ce
Add note about required let's encrypt port
Let's Encrypt uses tls-sni to validate the certificate
on the standard https port 443. If the registry is
outwardly listening on a different port Let's Encrypt
will not issue a certificate.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-09-01 15:11:44 -07:00
Fabio Berchtold
7dcac52f18 Add v2 signature signing to S3 storage driver (#1800)
* Add v2 signature signing to S3 storage driver

Closes #1796
Closes #1606

Signed-off-by: Fabio Berchtold <fabio.berchtold@swisscom.com>

* use Logrus for debug logging

Signed-off-by: Fabio Berchtold <fabio.berchtold@swisscom.com>

* use 'date' instead of 'x-amz-date' in request header

Signed-off-by: Fabio Berchtold <fabio.berchtold@swisscom.com>

* only allow v4 signature signing against AWS S3

Signed-off-by: Fabio Berchtold <fabio.berchtold@swisscom.com>
2016-09-01 13:52:40 -07:00
Stephen J Day
6bcdb38b92
spec/manifest: clarify relationship between urls and foreign layers
Previously, the specificiation incorrectly bound the fates of `urls` and
foreign layers. These are complementary but unrelated features, in that
the `urls` field may be populated for layers that aren't foreign. The
type of the layer only dictates the push behavior of the layer, rather
than involving where it came from.

For example, one may pull a foreign layer from a registry, but they may
not push it back to another registry. Conversely, a layer that has no
restrictions on push/pull behavior may be fetched via `urls` entries.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2016-08-29 18:34:55 -07:00
Randy Barlow
63b2e74b46
Fix an erroneous comma in documentation JSON.
Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
2016-08-23 13:39:24 -04:00
Ben Bodenmiller
1f248a80a6 improve command formatting
Signed-off-by: Ben Bodenmiller <bbodenmiller@hotmail.com>
2016-08-19 02:33:02 -07:00
Richard Scothern
010e063270 Merge pull request #1906 from nwt/s3-multipart-copy
Use multipart upload API in S3 Move method
2016-08-17 15:22:32 -07:00
Richard Scothern
c4297ef9da Merge pull request #1839 from adamvduke/adamvduke/allow-http2-registry-clients
Allow registry clients to connect via http2
2016-08-16 11:48:06 -07:00
Noah Treuhaft
63468ef4a8 Use multipart upload API in S3 Move method
This change to the S3 Move method uses S3's multipart upload API to copy
objects whose size exceeds a threshold.  Parts are copied concurrently.
The level of concurrency, part size, and threshold are all configurable
with reasonable defaults.

Using the multipart upload API has two benefits.

* The S3 Move method can now handle objects over 5 GB, fixing #886.

* Moving most objects, and espectially large ones, is faster.  For
  example, moving a 1 GB object averaged 30 seconds but now averages 10.

Signed-off-by: Noah Treuhaft <noah.treuhaft@docker.com>
2016-08-16 10:53:24 -07:00
Stefan Majewsky
a7c6bfd59f [swift] support different user-domain and tenant-domain
This is already supported by ncw/swift, so we just need to pass the
parameters from the storage driver.

Signed-off-by: Stefan Majewsky <stefan.majewsky@sap.com>
2016-08-15 11:21:42 +02:00
Adam Duke
ac009c86f1 Allow registry clients to connect via http2
Http2 will be enabled by default and can be disabled with a configuration option.

Signed-off-by: Adam Duke <adam.v.duke@gmail.com>
2016-08-13 22:07:42 -04:00
Frank Chen
87917f3052 Add 'objectAcl' Option to the S3 Storage Backend (#1867)
* Add Object ACL Support to the S3 Storage Backend

Signed-off-by: Frank Chen <frankchn@gmail.com>

* Made changes per @RichardScothern's comments

Signed-off-by: Frank Chen <frankchn@gmail.com>

* Fix Typos

Signed-off-by: Frank Chen <frankchn@gmail.com>
2016-07-27 12:26:57 -07:00
Richard Scothern
2b72dd3927 Merge pull request #1829 from nwt/foreign-layer-host-whitelist
Add a foreign layer URL host whitelist
2016-07-21 16:02:20 -07:00
Noah Treuhaft
61e5803b56 Add control over validation of URLs in pushed manifests
Until we have some experience hosting foreign layer manifests, the Hub
operators wish to limit foreign layers on Hub. To that end, this change
adds registry configuration options to restrict the URLs that may appear
in pushed manifests.

Signed-off-by: Noah Treuhaft <noah.treuhaft@docker.com>
2016-07-19 14:38:42 -07:00
Aaron Lehmann
b0099004e2 Document TOOMANYREQUESTS error code
Add entries with this error code in registry/api/v2/descriptors.go.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-07-12 12:18:54 -06:00
Sven Dowideit
a1c1349eac Stop hugo from making the example URL into a link
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-06-27 10:15:26 +10:00
Sven Dowideit
82bdab7d48 Replace google docs image link with one in this repo
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-06-22 13:08:56 +00:00
Richard Scothern
edd7cb5249 Merge pull request #1739 from cezarsa/master
[Swift] Expose EndpointType parameter in driver
2016-06-15 10:33:48 -07:00
Sven Dowideit
51be30beb1 Move the building.md doc to the top of the git repo
Closes #1776

Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-06-15 20:26:16 +10:00
Victoria Bialas
c0987a9e1b fixed broken link due to topic re-org in PR#23492
Signed-off-by: Victoria Bialas <victoria.bialas@docker.com>
2016-06-14 13:56:17 -07:00
Cezar Sa Espinola
afb262bd5f
Update swift driver docs removing dup table and adding endpointtype
Signed-off-by: Cezar Sa Espinola <cezarsa@gmail.com>
2016-06-13 19:30:24 -03:00
Aaron Lehmann
9198d642ba Merge pull request #1779 from dmcgowan/letsencrypt-support
Let's Encrypt support
2016-06-13 10:48:55 -10:00
Richard Scothern
015df6cdea Add documentation for let's encrypt
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-06-13 11:45:18 -07:00
Richard Scothern
352924cd85 Clarify API documentation around catalog fetch behavior
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-06-08 10:39:17 -07:00
Sven Dowideit
b448455011 Revert to using the full URL, as the OSS checker doesn't have access to the non-OSS docs
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-06-02 18:22:02 +00:00
allencloud
db90724ab0 fix typos
Signed-off-by: allencloud <allen.sun@daocloud.io>
2016-06-02 23:03:27 +08:00
Sven Dowideit
bb330cd684 Merge pull request #1762 from SvenDowideit/more-docs-validation-cleanups
Next load of docs validation fixes
2016-06-01 11:25:54 -07:00
Richard Scothern
df2184c810 Merge pull request #1627 from luckyraul/swift_auth_url
Swift auth version param
2016-06-01 11:23:23 -07:00
Sven Dowideit
e4acec1806 Next load of docs validation fixes
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-06-01 18:18:17 +00:00
Sven Dowideit
bf4eb92f56 Add topics to the menu
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-05-31 21:31:25 +00:00
Sven Dowideit
1b9ab303a4 Merge pull request #1735 from SvenDowideit/move-menu-page
Make the index.html files the visible overview menu entry
2016-05-31 09:32:53 -07:00
Sven Dowideit
3069a04b8c Make the index.html files the visible overview menu entry
And move menu entry definition into a page that the user has no reason to navigate to

Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-05-28 01:02:40 +00:00
Richard Scothern
febcee6564 Add a deprecation document detailing signature store removal
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-05-27 14:51:59 -07:00
Richard Scothern
0c15ab6952 Remove signature store from registry. Return a generated signature for manifest
pull.

Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-05-27 13:19:26 -07:00
Derek McGowan
3207e0c112 Update auth documentation examples to show "expires in" as int
Go will fail to parse the examples since an int is expected rather than a string for the "expires in" value

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-05-25 11:43:36 -07:00
Ke Xu
79d6008a54 fix broken markdown
Signed-off-by: Ke Xu <leonhartx.k@gmail.com>
2016-05-24 16:33:30 +09:00
John Starks
f0052b8434 Add support for layers from foreign sources
This will be used to support downloading Windows base layers from
Microsoft URLs.

Signed-off-by: John Starks <jostarks@microsoft.com>
2016-05-20 12:31:10 -07:00
Nikita Tarasov
f18da7d3a3 update docs
Signed-off-by: Nikita Tarasov <nikita@mygento.ru>
2016-05-16 16:09:26 +03:00
cyli
8854eed7ab Update the auth spec scope grammar to reflect the fact that hostnames are optionally supported.
Signed-off-by: cyli <cyli@twistedmatrix.com>
2016-05-11 15:19:50 -07:00
Richard Scothern
050a30eac0 Merge pull request #1702 from RichardScothern/api.md
Remove the unimplemented monolithic upload section from the API
2016-05-10 13:43:25 +01:00
Richard Scothern
2a4deee441 Remove the unimplemented monolithic upload section from the API documentation.
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-05-04 15:58:08 -07:00
Mary Anthony
b0db8d49bd Fixing issue identified by customer
Entering Seb's comment
Fix the flags

Signed-off-by: Mary Anthony <mary@docker.com>
2016-05-04 13:34:23 -07:00
Richard Scothern
c047d34b22 Merge pull request #1695 from tonyhb/add-regulator-to-filesystem
Add regulator to filesystem
2016-05-04 10:05:51 -07:00
Tony Holdstock-Brown
d0352a7448 Add documentation
Signed-off-by: Tony Holdstock-Brown <tony@docker.com>
2016-05-03 09:33:25 -07:00
Sven Dowideit
b7088d29c6 Merge pull request #1680 from SvenDowideit/use-docs-base-oss
convert docs Dockerfiles to use docs/base:oss
2016-05-03 10:48:11 +10:00
Sven Dowideit
e728c8bbed convert docs Dockerfiles to use docs/base:oss
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2016-04-28 12:57:10 +00:00
Richard Scothern
a7dda2ce93 Merge pull request #1665 from andrewhsu/middleware-redirect
add middleware storage driver for redirect
2016-04-27 15:05:52 -07:00
Andrew Hsu
fe9509f8f3 added config doc for redirect middleware
Signed-off-by: Andrew Hsu <andrewhsu@acm.org> (github: andrewhsu)
2016-04-25 11:52:39 -07:00
Nikita Tarasov
b4f060599a docs + fix test
Signed-off-by: Nikita Tarasov <nikita@mygento.ru>
2016-04-17 20:05:51 +03:00
Fabio Huser
17756eb43e Clarify kid format for JWT token auth in docs
The kid value can have an arbitrary format according JOSE specification, but Docker distribution expects a specific format (libtrust fingerprint) to work. This is not written in the documentation so far and is only mentioned in the libtrust source code itself.

Signed-off-by: Fabio Huser <fabio@fh1.ch>
2016-04-17 12:04:15 +02:00
Richard Scothern
b72d74464a Correction for JSON example.
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-04-15 09:22:44 -07:00
Mary Anthony
6bce49d51d Updated per conversation with Richard
Removing draft
Richard's comments and some fixes

Signed-off-by: Mary Anthony <mary@docker.com>
2016-04-13 06:43:11 -07:00
Richard Scothern
f9bcbd44ca Extend garbage collection documentation.
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-04-11 17:43:25 -07:00
Richard Scothern
55f1b7651f Merge pull request #1590 from RichardScothern/s3-permission-scopes
Document required IAM permissions for S3 storage driver.
2016-04-06 14:46:12 -07:00
Richard Scothern
e4817cfc94 Remove ListAllMyBuckets from the S3 permission scope.
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-04-06 14:22:08 -07:00
Phil Estes
bf9f80eaff Correct examples and architecture references in v2.2 spec
Add link to the official list of $GOOS and $GOARCH values and correct
values that were incorrectly listed in the spec examples.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
2016-04-03 17:50:22 -04:00
Richard Scothern
0f4427b3c3 Document required IAM permissions for S3 storage driver.
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-03-31 14:34:59 -07:00
Olivier Gambier
2c803d6fd0 Merge pull request #1587 from aaronlehmann/build-docs
docs: No need to change GOPATH to use vendored code
2016-03-31 14:04:57 -07:00
Aaron Lehmann
c3ec1745c0 docs: No need to change GOPATH to use vendored code
Now that we are using "native" Go vendoring, there is no need to
manipulate GOPATH.

Fixes #1586

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-03-31 10:46:02 -07:00
Aaron Lehmann
a11f6b6cfd Merge pull request #1418 from dmcgowan/oauth-spec
Add specification for using OAuth with the token server
2016-03-31 10:42:12 -07:00
Richard Scothern
eb0b7f0173 Update the gc documentation.
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2016-03-30 16:57:21 -07:00
Richard Scothern
ee8450ff13 Merge pull request #1581 from RichardScothern/docs
Manifest delete documentation enhancement
2016-03-30 16:05:57 -07:00
Richard Scothern
9b5caf64cf Add a note to the delete manifest section to aid getting the correct
digest to delete manifests.

Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-03-30 10:59:26 -07:00
Mary Anthony
6018bdf58a Updating example
Signed-off-by: Mary Anthony <mary@docker.com>
2016-03-29 09:53:13 -07:00
Mary Anthony
188206eede Fixes and closes #925
Seconds to minutes as per code
Correction per Derek
Clarifying failure case

Signed-off-by: Mary Anthony <mary@docker.com>

Clarifying failure case

Signed-off-by: Mary Anthony <mary@docker.com>
2016-03-29 06:17:29 -07:00
Daniel Huhn
321e0420bf added heading to get more focus into the headers that need to be set
Signed-off-by: Daniel Huhn <daniel@danielhuhn.de>
2016-03-28 18:07:03 +02:00
Sebastiaan van Stijn
a92c93d770 Fix broken links in configuration
HTML links are not converted by HUGO, so will work
on GitHub, but not in the online documentation.

Converted the HTML table (and links) to Markdown
to fix broken links.

Also added a header for the table, because none
was present.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2016-03-24 10:28:36 -07:00
Richard Scothern
b787035d8b Merge pull request #1545 from jonjohnsonjr/typos
Fix typos in docs/spec/api.md
2016-03-23 16:41:44 -07:00
Richard Scothern
87a997249d Merge pull request #1522 from RichardScothern/tag-events
Send tag events to notification listeners
2016-03-23 16:41:29 -07:00
Stephen Day
9e690c7fa2 Merge pull request #1491 from RichardScothern/relative-url
Return relative URLs
2016-03-23 16:19:39 -07:00
Richard Scothern
7e552e1972 Update documentation and examples in notifications.md
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2016-03-23 15:51:32 -07:00
Richard Scothern
bc9c820e4b Enable URLs returned from the registry to be configured as relative.
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2016-03-23 15:14:32 -07:00
Jon Johnson
f64981b472 Fix typos in docs/spec/api.md
Fix grammatical and formatting issues.
Add links to sections or other documents where appropriate.

Signed-off-by: Jon Johnson <jonjohnson@google.com>
2016-03-18 15:01:20 -07:00
John Starks
5b0a484739 Add os.version and os.features to platform spec
These changes are needed to differentiate Windows images.

Signed-off-by: John Starks <jostarks@microsoft.com>
2016-03-17 16:54:21 -07:00
Matt Duch
fcb247dfce registry/storage/driver/s3-aws kms support
Signed-off-by: Matt Duch <matt@learnmetrics.com>
2016-03-11 17:19:01 -06:00
Brian Bland
c03b5fc5ee Merge pull request #1438 from BrianBland/newStorageDriverWriter
Adds new StorageDriver.FileWriter interface
2016-03-11 15:06:07 -08:00
Brian Bland
5967d33342 Removes ceph rados driver in favor of Swift API gateway support
Signed-off-by: Brian Bland <brian.bland@docker.com>
2016-03-10 16:49:08 -08:00
Keerthan Mala
2be1b4ef4f Added support to specifiy custom endpoint
Signed-off-by: Keerthan Reddy Mala <keerthan.mala@gmail.com>
2016-03-09 16:12:20 -07:00
Derek McGowan
093fbdbfc4 Add client_id to get token endpoint
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-03-09 12:35:20 -08:00
Arthur Baars
307504713f Storagedriver: GCS: add chunksize parameter
Signed-off-by: Arthur Baars <arthur@semmle.com>
2016-03-08 16:38:39 -08:00
Eric Yang
85eadae19a command correction in documentation
the original ```$GOPATH/bin/registry $GOPATH/src/github.com/docker/distribution/cmd/registry/config-example.yml``` leads to the error like

```
Error: unknown command "/Users/EricYang/go/src/github.com/docker/distribution/cmd/registry/config-example.yml" for "registry"
Run 'registry --help' for usage.
```

I think the correct command should be ```registry serve```

Signed-off-by: Eric Yang <EricYang@EricdeMacBook-Pro.local>
2016-03-07 10:42:35 +08:00
Derek McGowan
66d6eaa83f Update scope list to use space separator
The oauth spec defines using a space to separate parts of a scope.
To better comply with future implementations built on oauth use a space to separate the resource scopes.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-03-03 17:44:09 -08:00
Derek McGowan
d51f76f903 Update oauth documentation to include returned scope
Add post response values
Update password grant type to match oauth spec

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-03-03 17:44:09 -08:00
Richard Scothern
c8dff1bb57 Merge pull request #1364 from aaronlehmann/content-type-in-api-docs
Add information about manifest content types to API spec
2016-03-01 13:53:49 -08:00
Andrew T Nguyen
feab4aafbc Implements garbage collection subcommand
- Includes a change in the command to run the registry. The registry
  server itself is now started up as a subcommand.
- Includes changes to the high level interfaces to support enumeration
  of various registry objects.

Signed-off-by: Andrew T Nguyen <andrew.nguyen@docker.com>
2016-02-29 14:15:21 -08:00
Stefan Weil
615c6dfced Fix some typos in comments and strings
All of them were found and fixed by codespell.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-02-23 22:33:38 +01:00
Derek McGowan
3fc4e4cdc8 Add resource scope list definition
Allow providing multiple scopes in a single scope string

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-02-12 16:07:21 -08:00
Derek McGowan
6d6c37c06a Update client section
Use client_id as defined in oauth rfc instead of custom client field

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-02-11 13:57:23 -08:00
Derek McGowan
32931689d5 Add scope documentation
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-02-11 13:57:23 -08:00
Derek McGowan
d8b59ab637 Add specification for using oauth with the token server
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-02-11 13:57:23 -08:00
Mary Anthony
78aa1d2bb1 Updating Dockerfile
Signed-off-by: Mary Anthony <mary@docker.com>
2016-02-10 21:12:45 -08:00
Aaron Lehmann
a3213ff331 Merge pull request #1420 from dmcgowan/configurable-trust-key
Add option to disable signatures
2016-02-10 16:15:59 -08:00
Derek McGowan
e8eca4db17 Add documentation for compatibility configuration
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-02-10 15:20:55 -08:00
igayoso
a940a07fa9 Change certificate hypothetic path
Signed-off-by: igayoso <igayoso@gmail.com>
2016-02-10 01:03:28 +01:00
Richard Scothern
fd7ccc0bdf Add documentation about what is sent for delete events
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2016-02-08 13:37:35 -08:00
Aaron Lehmann
7761a70389 Add information about manifest content types to API spec
Bring the spec up to date for schema2 changes.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-02-05 11:27:20 -08:00
Richard Scothern
2cc6ccbded Merge pull request #1401 from BrianBland/s3StorageClass
Adds "storageclass" configuration parameter for S3 driver.
2016-02-04 16:44:13 -08:00
Olivier Gambier
5596e787b6 Merge pull request #1409 from RichardScothern/recipe-menu
Move 'Recipes' into the Registry menu
2016-02-04 10:32:39 -08:00
Mary Anthony
8fdd7f5dfe Update title of Registry to Docker Registry
Signed-off-by: Mary Anthony <mary@docker.com>
2016-02-04 08:37:45 -08:00
Omer Cohen
d842645de9 Update configuration.md
fixed broken links

Signed-off-by: Omer Cohen <git@omer.io>
2016-02-03 15:57:55 +02:00
Richard Scothern
bd8b81a686 Make 'Recipes' the last item in the list
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2016-02-02 10:18:35 -08:00