From e70eed209028f431df6202bf9f1fcb5bb7bf091c Mon Sep 17 00:00:00 2001 From: Richard Scothern Date: Fri, 15 Apr 2016 09:52:20 -0700 Subject: [PATCH 01/11] Merge pull request #1641 from RichardScothern/ifollowtherules Correction for JSON example. (cherry picked from commit 9d491698ccf3eba4e87213350518dbaacf8e9650) Signed-off-by: Sven Dowideit --- docs/storage-drivers/s3.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/storage-drivers/s3.md b/docs/storage-drivers/s3.md index 2a7aa9f5..d78fc988 100644 --- a/docs/storage-drivers/s3.md +++ b/docs/storage-drivers/s3.md @@ -198,7 +198,7 @@ The following IAM permissions are required by the registry for push and pull. S "Action": [ "s3:ListBucket", "s3:GetBucketLocation", - "s3:ListBucketMultipartUploads", + "s3:ListBucketMultipartUploads" ], "Resource": "arn:aws:s3:::mybucket" }, From 338d3ad6b6c5318d0bcaf7588d8f838e4dd6486a Mon Sep 17 00:00:00 2001 From: Richard Scothern Date: Mon, 25 Apr 2016 17:01:15 -0700 Subject: [PATCH 02/11] Merge pull request #1644 from fh1ch/clarify-kid-format Clarify kid format for JWT token auth in docs (cherry picked from commit 47d14555c02463c062e920198f3aeb2fcd6bcdb4) Signed-off-by: Sven Dowideit --- docs/spec/auth/jwt.md | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/docs/spec/auth/jwt.md b/docs/spec/auth/jwt.md index f627b17a..87de62af 100644 --- a/docs/spec/auth/jwt.md +++ b/docs/spec/auth/jwt.md @@ -69,8 +69,17 @@ Token has 3 main parts: The header of a JSON Web Token is a standard JOSE header. The "typ" field will be "JWT" and it will also contain the "alg" which identifies the - signing algorithm used to produce the signature. It will also usually have - a "kid" field, the ID of the key which was used to sign the token. + signing algorithm used to produce the signature. It also must have a "kid" + field, representing the ID of the key which was used to sign the token. + + The "kid" field has to be in a libtrust fingerprint compatible format. + Such a format can be generated by following steps: + + 1. Take the DER encoded public key which the JWT token was signed against. + + 2. Create a SHA256 hash out of it and truncate to 240bits. + + 3. Split the result into 12 base32 encoded groups with `:` as delimiter. Here is an example JOSE Header for a JSON Web Token (formatted with whitespace for readability): From 901abf95d54f3ad705c8e5c170f8956d7b0a3d2b Mon Sep 17 00:00:00 2001 From: Sven Dowideit Date: Tue, 3 May 2016 10:48:11 +1000 Subject: [PATCH 03/11] Merge pull request #1680 from SvenDowideit/use-docs-base-oss convert docs Dockerfiles to use docs/base:oss (cherry picked from commit b7088d29c6ee508881153aed3bb46290f521e15d) Signed-off-by: Sven Dowideit --- docs/Dockerfile | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/docs/Dockerfile b/docs/Dockerfile index 44128086..8fa63a33 100644 --- a/docs/Dockerfile +++ b/docs/Dockerfile @@ -1,18 +1,9 @@ -FROM docs/base:latest +FROM docs/base:oss MAINTAINER Mary Anthony (@moxiegirl) -RUN svn checkout https://github.com/docker/docker/trunk/docs /docs/content/engine -RUN svn checkout https://github.com/docker/compose/trunk/docs /docs/content/compose -RUN svn checkout https://github.com/docker/swarm/trunk/docs /docs/content/swarm -RUN svn checkout https://github.com/docker/machine/trunk/docs /docs/content/machine -RUN svn checkout https://github.com/docker/notary/trunk/docs /docs/content/notary -RUN svn checkout https://github.com/docker/kitematic/trunk/docs /docs/content/kitematic -RUN svn checkout https://github.com/docker/toolbox/trunk/docs /docs/content/toolbox -RUN svn checkout https://github.com/docker/opensource/trunk/docs /docs/content/opensource - ENV PROJECT=registry # To get the git info for this repo COPY . /src - +RUN rm -r /docs/content/$PROJECT/ COPY . /docs/content/$PROJECT/ From d15375897b95efbcd396cb220488463cfe3a4fa3 Mon Sep 17 00:00:00 2001 From: Olivier Gambier Date: Wed, 4 May 2016 13:52:21 -0700 Subject: [PATCH 04/11] Merge pull request #1663 from moxiegirl/fix-flags Fixing nginx flag issue identified by customer (cherry picked from commit 4ecea4b311d968fb789e30a78c8c6510996a9183) Signed-off-by: Sven Dowideit --- docs/nginx.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/docs/nginx.md b/docs/nginx.md index 17b92f44..361a1063 100644 --- a/docs/nginx.md +++ b/docs/nginx.md @@ -76,7 +76,7 @@ events { } http { - + upstream docker-registry { server registry:5000; } @@ -98,34 +98,34 @@ http { # SSL ssl_certificate /etc/nginx/conf.d/domain.crt; ssl_certificate_key /etc/nginx/conf.d/domain.key; - + # Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; - + # disable any limits to avoid HTTP 413 for large image uploads client_max_body_size 0; - + # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486) chunked_transfer_encoding on; - + location /v2/ { # Do not allow connections from docker 1.5 and earlier # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents if (\$http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*\$" ) { return 404; } - + # To add basic authentication to v2 use auth_basic setting. auth_basic "Registry realm"; auth_basic_user_file /etc/nginx/conf.d/nginx.htpasswd; - + ## If $docker_distribution_api_version is empty, the header will not be added. ## See the map directive above where this variable is defined. add_header 'Docker-Distribution-Api-Version' \$docker_distribution_api_version always; - + proxy_pass http://docker-registry; proxy_set_header Host \$http_host; # required for docker client's sake proxy_set_header X-Real-IP \$remote_addr; # pass on real client's IP @@ -182,7 +182,7 @@ Now, start your stack: Login with a "push" authorized user (using `testuser` and `testpassword`), then tag and push your first image: - docker login -p=testuser -u=testpassword -e=root@example.ch myregistrydomain.com:5043 + docker login -u=testuser -p=testpassword -e=root@example.ch myregistrydomain.com:5043 docker tag ubuntu myregistrydomain.com:5043/test docker push myregistrydomain.com:5043/test docker pull myregistrydomain.com:5043/test From 354d7351ffc9b95bb3a7028257c13e626f007329 Mon Sep 17 00:00:00 2001 From: Richard Scothern Date: Tue, 10 May 2016 13:43:25 +0100 Subject: [PATCH 05/11] Merge pull request #1702 from RichardScothern/api.md Remove the unimplemented monolithic upload section from the API (cherry picked from commit 050a30eac04cc83894e80f3e4525db0b14f474bb) Signed-off-by: Sven Dowideit --- docs/spec/api.md | 20 -------------------- docs/spec/api.md.tmpl | 20 -------------------- 2 files changed, 40 deletions(-) diff --git a/docs/spec/api.md b/docs/spec/api.md index fc074ffb..56e9242c 100644 --- a/docs/spec/api.md +++ b/docs/spec/api.md @@ -618,26 +618,6 @@ The "digest" parameter must be included with the PUT request. Please see the [_Completed Upload_](#completed-upload) section for details on the parameters and expected responses. -Additionally, the upload can be completed with a single `POST` request to -the uploads endpoint, including the "size" and "digest" parameters: - -``` -POST /v2//blobs/uploads/?digest= -Content-Length: -Content-Type: application/octet-stream - - -``` - -On the registry service, this should allocate a download, accept and verify -the data and return the same response as the final chunk of an upload. If the -POST request fails collecting the data in any way, the registry should attempt -to return an error response to the client with the `Location` header providing -a place to continue the download. - -The single `POST` method is provided for convenience and most clients should -implement `POST` + `PUT` to support reliable resume of uploads. - ##### Chunked Upload To carry out an upload of a chunk, the client can specify a range header and diff --git a/docs/spec/api.md.tmpl b/docs/spec/api.md.tmpl index 1a879ba0..1a9e9f89 100644 --- a/docs/spec/api.md.tmpl +++ b/docs/spec/api.md.tmpl @@ -618,26 +618,6 @@ The "digest" parameter must be included with the PUT request. Please see the [_Completed Upload_](#completed-upload) section for details on the parameters and expected responses. -Additionally, the upload can be completed with a single `POST` request to -the uploads endpoint, including the "size" and "digest" parameters: - -``` -POST /v2//blobs/uploads/?digest= -Content-Length: -Content-Type: application/octet-stream - - -``` - -On the registry service, this should allocate a download, accept and verify -the data and return the same response as the final chunk of an upload. If the -POST request fails collecting the data in any way, the registry should attempt -to return an error response to the client with the `Location` header providing -a place to continue the download. - -The single `POST` method is provided for convenience and most clients should -implement `POST` + `PUT` to support reliable resume of uploads. - ##### Chunked Upload To carry out an upload of a chunk, the client can specify a range header and From be3289bfe10ea4ac554e764ddfc236b8868ab2e6 Mon Sep 17 00:00:00 2001 From: Derek McGowan Date: Wed, 11 May 2016 16:30:28 -0700 Subject: [PATCH 06/11] Merge pull request #1721 from cyli/change-auth-scope-grammar Hostnames can be optionally supported by the auth spec scope grammar (cherry picked from commit 4a915d6efdea23f437cb4144211aaf2faed27774) Signed-off-by: Sven Dowideit --- docs/spec/auth/scope.md | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/docs/spec/auth/scope.md b/docs/spec/auth/scope.md index 76e6f8cf..e626b6e1 100644 --- a/docs/spec/auth/scope.md +++ b/docs/spec/auth/scope.md @@ -56,7 +56,7 @@ it. The resource name represent the name which identifies a resource for a resource provider. A resource is identified by this name and the provided resource type. An example of a resource name would be the name component of an image tag, such -as "samalba/myapp". +as "samalba/myapp" or "hostname/samalba/myapp". ### Resource Actions @@ -83,16 +83,24 @@ scopes. scope := resourcescope [ ' ' resourcescope ]* resourcescope := resourcetype ":" resourcename ":" action [ ',' action ]* resourcetype := /[a-z]*/ -resourcename := component [ '/' component ]* +resourcename := [ hostname '/' ] component [ '/' component ]* +hostname := hostcomponent ['.' hostcomponent]* [':' port-number] +hostcomponent := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/ +port-number := /[0-9]+/ action := /[a-z]*/ component := alpha-numeric [ separator alpha-numeric ]* alpha-numeric := /[a-z0-9]+/ separator := /[_.]|__|[-]*/ ``` Full reference grammar is defined -(here)[https://godoc.org/github.com/docker/distribution/reference]. Currently -the scope name grammar is a subset of the reference grammar without support -for hostnames. +[here](https://godoc.org/github.com/docker/distribution/reference). Currently +the scope name grammar is a subset of the reference grammar. + +> **NOTE:** that the `resourcename` may contain one `:` due to a possible port +> number in the hostname component of the `resourcename`, so a naive +> implementation that interprets the first three `:`-delimited tokens of a +> `scope` to be the `resourcetype`, `resourcename`, and a list of `action` +> would be insufficient. ## Resource Provider Use From 61e91a181e85c22cedb8ea1d7ca207e6b48fc62e Mon Sep 17 00:00:00 2001 From: Richard Scothern Date: Tue, 24 May 2016 11:04:31 -0700 Subject: [PATCH 07/11] Merge pull request #1741 from leonhartX/master fix broken markdown (cherry picked from commit b9d6c7c9fbd8b2db7902f0bab1f882565f848565) Signed-off-by: Sven Dowideit --- docs/spec/auth/oauth.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/spec/auth/oauth.md b/docs/spec/auth/oauth.md index b0f9a13f..1b4c0d9c 100644 --- a/docs/spec/auth/oauth.md +++ b/docs/spec/auth/oauth.md @@ -171,11 +171,11 @@ HTTP/1.1 200 OK Content-Type: application/json {"refresh_token":"kas9Da81Dfa8","access_token":"eyJhbGciOiJFUzI1NiIsInR5","expires_in":"900","scope":""} -```` +``` #### Example refreshing an Access Token -```` +``` POST /token HTTP/1.1 Host: auth.docker.io Content-Type: application/x-www-form-urlencoded @@ -186,5 +186,5 @@ HTTP/1.1 200 OK Content-Type: application/json {"refresh_token":"kas9Da81Dfa8","access_token":"eyJhbGciOiJFUzI1NiIsInR5":"expires_in":"900","scope":"repository:samalba/my-app:pull,repository:samalba/my-app:push"} -```` +``` From 804ad4f00178767447eb8d7664385bd8c9a8f90b Mon Sep 17 00:00:00 2001 From: Richard Scothern Date: Wed, 25 May 2016 12:48:01 -0700 Subject: [PATCH 08/11] Merge pull request #1748 from dmcgowan/fix-expires-in-documentation Update auth documentation examples to show "expires in" as int (cherry picked from commit 7f5c6dd882d60c7deef6c54045fdb3925716bcb3) Signed-off-by: Sven Dowideit --- docs/spec/auth/oauth.md | 4 ++-- docs/spec/auth/token.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/spec/auth/oauth.md b/docs/spec/auth/oauth.md index 1b4c0d9c..1311df5d 100644 --- a/docs/spec/auth/oauth.md +++ b/docs/spec/auth/oauth.md @@ -170,7 +170,7 @@ grant_type=password&username=johndoe&password=A3ddj3w&service=hub.docker.io&clie HTTP/1.1 200 OK Content-Type: application/json -{"refresh_token":"kas9Da81Dfa8","access_token":"eyJhbGciOiJFUzI1NiIsInR5","expires_in":"900","scope":""} +{"refresh_token":"kas9Da81Dfa8","access_token":"eyJhbGciOiJFUzI1NiIsInR5","expires_in":900,"scope":""} ``` #### Example refreshing an Access Token @@ -185,6 +185,6 @@ grant_type=refresh_token&refresh_token=kas9Da81Dfa8&service=registry-1.docker.io HTTP/1.1 200 OK Content-Type: application/json -{"refresh_token":"kas9Da81Dfa8","access_token":"eyJhbGciOiJFUzI1NiIsInR5":"expires_in":"900","scope":"repository:samalba/my-app:pull,repository:samalba/my-app:push"} +{"refresh_token":"kas9Da81Dfa8","access_token":"eyJhbGciOiJFUzI1NiIsInR5":"expires_in":900,"scope":"repository:samalba/my-app:pull,repository:samalba/my-app:push"} ``` diff --git a/docs/spec/auth/token.md b/docs/spec/auth/token.md index 9f3167be..65482699 100644 --- a/docs/spec/auth/token.md +++ b/docs/spec/auth/token.md @@ -238,7 +238,7 @@ authenticate to the audience service (within the indicated window of time): HTTP/1.1 200 OK Content-Type: application/json -{"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IlBZWU86VEVXVTpWN0pIOjI2SlY6QVFUWjpMSkMzOlNYVko6WEdIQTozNEYyOjJMQVE6WlJNSzpaN1E2In0.eyJpc3MiOiJhdXRoLmRvY2tlci5jb20iLCJzdWIiOiJqbGhhd24iLCJhdWQiOiJyZWdpc3RyeS5kb2NrZXIuY29tIiwiZXhwIjoxNDE1Mzg3MzE1LCJuYmYiOjE0MTUzODcwMTUsImlhdCI6MTQxNTM4NzAxNSwianRpIjoidFlKQ08xYzZjbnl5N2tBbjBjN3JLUGdiVjFIMWJGd3MiLCJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6InNhbWFsYmEvbXktYXBwIiwiYWN0aW9ucyI6WyJwdXNoIl19XX0.QhflHPfbd6eVF4lM9bwYpFZIV0PfikbyXuLx959ykRTBpe3CYnzs6YBK8FToVb5R47920PVLrh8zuLzdCr9t3w", "expires_in": "3600","issued_at": "2009-11-10T23:00:00Z"} +{"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IlBZWU86VEVXVTpWN0pIOjI2SlY6QVFUWjpMSkMzOlNYVko6WEdIQTozNEYyOjJMQVE6WlJNSzpaN1E2In0.eyJpc3MiOiJhdXRoLmRvY2tlci5jb20iLCJzdWIiOiJqbGhhd24iLCJhdWQiOiJyZWdpc3RyeS5kb2NrZXIuY29tIiwiZXhwIjoxNDE1Mzg3MzE1LCJuYmYiOjE0MTUzODcwMTUsImlhdCI6MTQxNTM4NzAxNSwianRpIjoidFlKQ08xYzZjbnl5N2tBbjBjN3JLUGdiVjFIMWJGd3MiLCJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6InNhbWFsYmEvbXktYXBwIiwiYWN0aW9ucyI6WyJwdXNoIl19XX0.QhflHPfbd6eVF4lM9bwYpFZIV0PfikbyXuLx959ykRTBpe3CYnzs6YBK8FToVb5R47920PVLrh8zuLzdCr9t3w", "expires_in": 3600,"issued_at": "2009-11-10T23:00:00Z"} ``` From 408c4684fafce7567398efb540ead9c250968698 Mon Sep 17 00:00:00 2001 From: Sven Dowideit Date: Tue, 31 May 2016 09:32:53 -0700 Subject: [PATCH 09/11] Merge pull request #1735 from SvenDowideit/move-menu-page Make the index.html files the visible overview menu entry (cherry picked from commit 1b9ab303a477ded9bdd3fc97e9119fa8f9e58fca) Signed-off-by: Sven Dowideit --- docs/Dockerfile | 4 +- docs/Makefile | 29 ++------- docs/configuration.md | 2 +- docs/deploying.md | 12 ++-- docs/help.md | 2 +- docs/index.md | 6 +- docs/introduction.md | 4 +- docs/{overview.md => menu.md} | 8 ++- docs/{ => recipes}/apache.md | 6 +- docs/{ => recipes}/building.md | 2 + docs/{recipes.md => recipes/index.md} | 8 +-- docs/recipes/menu.md | 22 +++++++ docs/{ => recipes}/mirror.md | 2 + docs/{ => recipes}/nginx.md | 6 +- docs/{ => recipes}/osx-setup-guide.md | 4 +- .../osx/com.docker.registry.plist | 0 docs/{ => recipes}/osx/config.yml | 0 docs/spec/auth/index.md | 3 + docs/spec/auth/jwt.md | 1 + docs/spec/auth/oauth.md | 1 + docs/spec/auth/scope.md | 1 + docs/spec/auth/token.md | 1 + docs/spec/index.md | 9 ++- docs/spec/menu.md | 13 ++++ docs/storage-drivers/azure.md | 2 + docs/storage-drivers/filesystem.md | 2 + docs/storage-drivers/gcs.md | 2 + docs/storage-drivers/index.md | 65 ++++++++++++++++++- docs/storage-drivers/inmemory.md | 2 + docs/storage-drivers/menu.md | 13 ++++ docs/storage-drivers/oss.md | 2 + docs/storage-drivers/s3.md | 2 + docs/storage-drivers/swift.md | 2 + docs/storagedrivers.md | 64 ------------------ 34 files changed, 180 insertions(+), 122 deletions(-) rename docs/{overview.md => menu.md} (82%) rename docs/{ => recipes}/apache.md (97%) rename docs/{ => recipes}/building.md (99%) rename docs/{recipes.md => recipes/index.md} (89%) create mode 100644 docs/recipes/menu.md rename docs/{ => recipes}/mirror.md (99%) rename docs/{ => recipes}/nginx.md (97%) rename docs/{ => recipes}/osx-setup-guide.md (94%) rename docs/{ => recipes}/osx/com.docker.registry.plist (100%) rename docs/{ => recipes}/osx/config.yml (100%) create mode 100644 docs/spec/menu.md create mode 100644 docs/storage-drivers/menu.md delete mode 100644 docs/storagedrivers.md diff --git a/docs/Dockerfile b/docs/Dockerfile index 8fa63a33..fcc63422 100644 --- a/docs/Dockerfile +++ b/docs/Dockerfile @@ -1,9 +1,9 @@ FROM docs/base:oss -MAINTAINER Mary Anthony (@moxiegirl) +MAINTAINER Docker Docs ENV PROJECT=registry # To get the git info for this repo COPY . /src -RUN rm -r /docs/content/$PROJECT/ +RUN rm -rf /docs/content/$PROJECT/ COPY . /docs/content/$PROJECT/ diff --git a/docs/Makefile b/docs/Makefile index 021e8f6e..585bc871 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -1,17 +1,4 @@ -.PHONY: all binary build cross default docs docs-build docs-shell shell test test-unit test-integration test-integration-cli test-docker-py validate - -# env vars passed through directly to Docker's build scripts -# to allow things like `make DOCKER_CLIENTONLY=1 binary` easily -# `docs/sources/contributing/devenvironment.md ` and `project/PACKAGERS.md` have some limited documentation of some of these -DOCKER_ENVS := \ - -e BUILDFLAGS \ - -e DOCKER_CLIENTONLY \ - -e DOCKER_EXECDRIVER \ - -e DOCKER_GRAPHDRIVER \ - -e TESTDIRS \ - -e TESTFLAGS \ - -e TIMEOUT -# note: we _cannot_ add "-e DOCKER_BUILDTAGS" here because even if it's unset in the shell, that would shadow the "ENV DOCKER_BUILDTAGS" set in our Dockerfile, which is very important for our official builds +.PHONY: all default docs docs-build docs-shell shell test # to allow `make DOCSDIR=docs docs-shell` (to create a bind mount in docs) DOCS_MOUNT := $(if $(DOCSDIR),-v $(CURDIR)/$(DOCSDIR):/$(DOCSDIR)) @@ -25,9 +12,8 @@ HUGO_BASE_URL=$(shell test -z "$(DOCKER_IP)" && echo localhost || echo "$(DOCKER HUGO_BIND_IP=0.0.0.0 GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null) -DOCKER_IMAGE := docker$(if $(GIT_BRANCH),:$(GIT_BRANCH)) -DOCKER_DOCS_IMAGE := docs-base$(if $(GIT_BRANCH),:$(GIT_BRANCH)) - +GIT_BRANCH_CLEAN := $(shell echo $(GIT_BRANCH) | sed -e "s/[^[:alnum:]]/-/g") +DOCKER_DOCS_IMAGE := registry-docs$(if $(GIT_BRANCH_CLEAN),:$(GIT_BRANCH_CLEAN)) DOCKER_RUN_DOCS := docker run --rm -it $(DOCS_MOUNT) -e AWS_S3_BUCKET -e NOCACHE @@ -42,14 +28,11 @@ docs: docs-build docs-draft: docs-build $(DOCKER_RUN_DOCS) -p $(if $(DOCSPORT),$(DOCSPORT):)8000 -e DOCKERHOST "$(DOCKER_DOCS_IMAGE)" hugo server --buildDrafts="true" --port=$(DOCSPORT) --baseUrl=$(HUGO_BASE_URL) --bind=$(HUGO_BIND_IP) - docs-shell: docs-build $(DOCKER_RUN_DOCS) -p $(if $(DOCSPORT),$(DOCSPORT):)8000 "$(DOCKER_DOCS_IMAGE)" bash - docs-build: -# ( git remote | grep -v upstream ) || git diff --name-status upstream/release..upstream/docs ./ > ./changed-files -# echo "$(GIT_BRANCH)" > GIT_BRANCH -# echo "$(AWS_S3_BUCKET)" > AWS_S3_BUCKET -# echo "$(GITCOMMIT)" > GITCOMMIT docker build -t "$(DOCKER_DOCS_IMAGE)" . + +test: docs-build + $(DOCKER_RUN_DOCS) "$(DOCKER_DOCS_IMAGE)" diff --git a/docs/configuration.md b/docs/configuration.md index f9b89feb..4319417e 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -1667,7 +1667,7 @@ The TCP address to connect to, including a port number. username: [username] password: [password] -Proxy enables a registry to be configured as a pull through cache to the official Docker Hub. See [mirror](mirror.md) for more information. Pushing to a registry configured as a pull through cache is currently unsupported. +Proxy enables a registry to be configured as a pull through cache to the official Docker Hub. See [mirror](recipes/mirror.md) for more information. Pushing to a registry configured as a pull through cache is currently unsupported. diff --git a/docs/deploying.md b/docs/deploying.md index 1e7f5dd6..b67d5396 100644 --- a/docs/deploying.md +++ b/docs/deploying.md @@ -11,7 +11,7 @@ weight=3 # Deploying a registry server -You need to [install Docker version 1.6.0 or newer](https://docs.docker.com/installation/). +You need to [install Docker version 1.6.0 or newer](/engine/installation/index.md). ## Running on localhost @@ -39,7 +39,7 @@ To stop your registry, you would: ## Storage -By default, your registry data is persisted as a [docker volume](https://docs.docker.com/userguide/dockervolumes/) on the host filesystem. Properly understanding volumes is essential if you want to stick with a local filesystem storage. +By default, your registry data is persisted as a [docker volume](/engine/userguide/containers/dockervolumes.md) on the host filesystem. Properly understanding volumes is essential if you want to stick with a local filesystem storage. Specifically, you might want to point your volume location to a specific place in order to more easily access your registry data. To do so you can: @@ -180,7 +180,7 @@ Seeing X509 errors is usually a sign you are trying to use self-signed certifica ### Alternatives -1. You may want to leverage more advanced basic auth implementations through a proxy design, in front of the registry. You will find examples of such patterns in the [recipes list](recipes.md). +1. You may want to leverage more advanced basic auth implementations through a proxy design, in front of the registry. You will find examples of such patterns in the [recipes list](recipes/index.md). 2. Alternatively, the Registry also supports delegated authentication, redirecting users to a specific, trusted token server. That approach requires significantly more investment, and only makes sense if you want to fully configure ACLs and more control over the Registry integration into your global authorization and authentication systems. @@ -192,7 +192,7 @@ Beware that you will have to implement your own authentication service for this As your registry configuration grows more complex, dealing with it can quickly become tedious. -It's highly recommended to use [Docker Compose](https://docs.docker.com/compose/) to facilitate operating your registry. +It's highly recommended to use [Docker Compose](/compose/index.md) to facilitate operating your registry. Here is a simple `docker-compose.yml` example that condenses everything explained so far: @@ -226,7 +226,7 @@ You will find more specific and advanced informations in the following sections: - [Configuration reference](configuration.md) - [Working with notifications](notifications.md) - - [Advanced "recipes"](recipes.md) + - [Advanced "recipes"](recipes/index.md) - [Registry API](spec/api.md) - - [Storage driver model](storagedrivers.md) + - [Storage driver model](storage-drivers/index.md) - [Token authentication](spec/auth/token.md) diff --git a/docs/help.md b/docs/help.md index c6ac7ad9..77ec378f 100644 --- a/docs/help.md +++ b/docs/help.md @@ -21,4 +21,4 @@ If you want to report a bug: - be sure to first read about [how to contribute](https://github.com/docker/distribution/blob/master/CONTRIBUTING.md) - you can then do so on the [GitHub project bugtracker](https://github.com/docker/distribution/issues) -You can also find out more about the Docker's project [Getting Help resources](https://docs.docker.com/opensource/get-help/). +You can also find out more about the Docker's project [Getting Help resources](/opensource/get-help.md). diff --git a/docs/index.md b/docs/index.md index 0252fcb5..2eb5f767 100644 --- a/docs/index.md +++ b/docs/index.md @@ -1,11 +1,11 @@ diff --git a/docs/introduction.md b/docs/introduction.md index e8b05d8c..eceb5ffc 100644 --- a/docs/introduction.md +++ b/docs/introduction.md @@ -19,7 +19,7 @@ Users interact with a registry by using docker push and pull commands. > Example: `docker pull registry-1.docker.io/distribution/registry:2.1`. -Storage itself is delegated to drivers. The default storage driver is the local posix filesystem, which is suitable for development or small deployments. Additional cloud-based storage drivers like S3, Microsoft Azure, OpenStack Swift and Aliyun OSS are also supported. People looking into using other storage backends may do so by writing their own driver implementing the [Storage API](storagedrivers.md). +Storage itself is delegated to drivers. The default storage driver is the local posix filesystem, which is suitable for development or small deployments. Additional cloud-based storage drivers like S3, Microsoft Azure, OpenStack Swift and Aliyun OSS are also supported. People looking into using other storage backends may do so by writing their own driver implementing the [Storage API](storage-drivers/index.md). Since securing access to your hosted images is paramount, the Registry natively supports TLS and basic authentication. @@ -34,7 +34,7 @@ Image names as used in typical docker commands reflect their origin: * `docker pull ubuntu` instructs docker to pull an image named `ubuntu` from the official Docker Hub. This is simply a shortcut for the longer `docker pull docker.io/library/ubuntu` command * `docker pull myregistrydomain:port/foo/bar` instructs docker to contact the registry located at `myregistrydomain:port` to find the image `foo/bar` -You can find out more about the various Docker commands dealing with images in the [official Docker engine documentation](https://docs.docker.com/reference/commandline/cli/). +You can find out more about the various Docker commands dealing with images in the [official Docker engine documentation](/engine/reference/commandline/cli.md). ## Use cases diff --git a/docs/overview.md b/docs/menu.md similarity index 82% rename from docs/overview.md rename to docs/menu.md index d3532b62..7e24a690 100644 --- a/docs/overview.md +++ b/docs/menu.md @@ -1,10 +1,12 @@ @@ -17,5 +19,5 @@ The Docker Registry documentation includes the following topics: * [Deploying a registry server](deploying.md) * [Registry Configuration Reference](configuration.md) * [Notifications](notifications.md) -* [Recipes](recipes.md) +* [Recipes](recipes/index.md) * [Getting help](help.md) diff --git a/docs/apache.md b/docs/recipes/apache.md similarity index 97% rename from docs/apache.md rename to docs/recipes/apache.md index f694ca3e..ac24113b 100644 --- a/docs/apache.md +++ b/docs/recipes/apache.md @@ -3,6 +3,8 @@ title = "Authenticating proxy with apache" description = "Restricting access to your registry using an apache proxy" keywords = ["registry, on-prem, images, tags, repository, distribution, authentication, proxy, apache, httpd, TLS, recipe, advanced"] +[menu.main] +parent="smn_recipes" +++ @@ -16,7 +18,7 @@ Usually, that includes enterprise setups using LDAP/AD on the backend and a SSO ### Alternatives -If you just want authentication for your registry, and are happy maintaining users access separately, you should really consider sticking with the native [basic auth registry feature](deploying.md#native-basic-auth). +If you just want authentication for your registry, and are happy maintaining users access separately, you should really consider sticking with the native [basic auth registry feature](../deploying.md#native-basic-auth). ### Solution @@ -34,7 +36,7 @@ Furthermore, introducing an extra http layer in your communication pipeline will ## Setting things up -Read again [the requirements](recipes.md#requirements). +Read again [the requirements](index.md#requirements). Ready? diff --git a/docs/building.md b/docs/recipes/building.md similarity index 99% rename from docs/building.md rename to docs/recipes/building.md index 126a455a..4d67593a 100644 --- a/docs/building.md +++ b/docs/recipes/building.md @@ -3,6 +3,8 @@ title = "Build instructions" description = "Explains how to build & hack on the registry" keywords = ["registry, on-prem, images, tags, repository, distribution, build, recipe, advanced"] +[menu.main] +parent="smn_recipes" +++ diff --git a/docs/recipes.md b/docs/recipes/index.md similarity index 89% rename from docs/recipes.md rename to docs/recipes/index.md index c9f64d53..df74ca2b 100644 --- a/docs/recipes.md +++ b/docs/recipes/index.md @@ -1,11 +1,11 @@ @@ -17,7 +17,7 @@ Most users are not expected to have a use for these. ## Requirements -You should have followed entirely the basic [deployment guide](deploying.md). +You should have followed entirely the basic [deployment guide](../deploying.md). If you have not, please take the time to do so. diff --git a/docs/recipes/menu.md b/docs/recipes/menu.md new file mode 100644 index 00000000..5fdbec5b --- /dev/null +++ b/docs/recipes/menu.md @@ -0,0 +1,22 @@ + + +# Recipes + +## The List + + * [using Apache as an authenticating proxy](apache.md) + * [using Nginx as an authenticating proxy](nginx.md) + * [running a Registry on OS X](osx-setup-guide.md) + * [hacking the registry: build instructions](building.md) + * [mirror the Docker Hub](mirror.md) diff --git a/docs/mirror.md b/docs/recipes/mirror.md similarity index 99% rename from docs/mirror.md rename to docs/recipes/mirror.md index feb2630c..ff437ba4 100644 --- a/docs/mirror.md +++ b/docs/recipes/mirror.md @@ -3,6 +3,8 @@ title = "Mirroring Docker Hub" description = "Setting-up a local mirror for Docker Hub images" keywords = ["registry, on-prem, images, tags, repository, distribution, mirror, Hub, recipe, advanced"] +[menu.main] +parent="smn_recipes" +++ diff --git a/docs/nginx.md b/docs/recipes/nginx.md similarity index 97% rename from docs/nginx.md rename to docs/recipes/nginx.md index 361a1063..f4a67679 100644 --- a/docs/nginx.md +++ b/docs/recipes/nginx.md @@ -3,6 +3,8 @@ title = "Authenticating proxy with nginx" description = "Restricting access to your registry using a nginx proxy" keywords = ["registry, on-prem, images, tags, repository, distribution, nginx, proxy, authentication, TLS, recipe, advanced"] +[menu.main] +parent="smn_recipes" +++ @@ -17,7 +19,7 @@ Usually, that includes enterprise setups using LDAP/AD on the backend and a SSO ### Alternatives -If you just want authentication for your registry, and are happy maintaining users access separately, you should really consider sticking with the native [basic auth registry feature](deploying.md#native-basic-auth). +If you just want authentication for your registry, and are happy maintaining users access separately, you should really consider sticking with the native [basic auth registry feature](../deploying.md#native-basic-auth). ### Solution @@ -53,7 +55,7 @@ Otherwise nginx will reset the ELB's values, and the requests will not be routed ## Setting things up -Read again [the requirements](recipes.md#requirements). +Read again [the requirements](index.md#requirements). Ready? diff --git a/docs/osx-setup-guide.md b/docs/recipes/osx-setup-guide.md similarity index 94% rename from docs/osx-setup-guide.md rename to docs/recipes/osx-setup-guide.md index 15a26ff4..d47d31c1 100644 --- a/docs/osx-setup-guide.md +++ b/docs/recipes/osx-setup-guide.md @@ -3,6 +3,8 @@ title = "Running on OS X" description = "Explains how to run a registry on OS X" keywords = ["registry, on-prem, images, tags, repository, distribution, OS X, recipe, advanced"] +[menu.main] +parent="smn_recipes" +++ @@ -16,7 +18,7 @@ This is useful if you intend to run a registry server natively on OS X. You can start a VM on OS X, and deploy your registry normally as a container using Docker inside that VM. -The simplest road to get there is traditionally to use the [docker Toolbox](https://www.docker.com/toolbox), or [docker-machine](https://docs.docker.com/machine/), which usually relies on the [boot2docker](http://boot2docker.io/) iso inside a VirtualBox VM. +The simplest road to get there is traditionally to use the [docker Toolbox](https://www.docker.com/toolbox), or [docker-machine](/machine/index.md), which usually relies on the [boot2docker](http://boot2docker.io/) iso inside a VirtualBox VM. ### Solution diff --git a/docs/osx/com.docker.registry.plist b/docs/recipes/osx/com.docker.registry.plist similarity index 100% rename from docs/osx/com.docker.registry.plist rename to docs/recipes/osx/com.docker.registry.plist diff --git a/docs/osx/config.yml b/docs/recipes/osx/config.yml similarity index 100% rename from docs/osx/config.yml rename to docs/recipes/osx/config.yml diff --git a/docs/spec/auth/index.md b/docs/spec/auth/index.md index b123af1a..f6ee8e1f 100644 --- a/docs/spec/auth/index.md +++ b/docs/spec/auth/index.md @@ -3,6 +3,9 @@ title = "Docker Registry Token Authentication" description = "Docker Registry v2 authentication schema" keywords = ["registry, on-prem, images, tags, repository, distribution, authentication, advanced"] +[menu.main] +parent="smn_registry_ref" +weight=100 +++ diff --git a/docs/spec/auth/jwt.md b/docs/spec/auth/jwt.md index 87de62af..c90bd6e8 100644 --- a/docs/spec/auth/jwt.md +++ b/docs/spec/auth/jwt.md @@ -5,6 +5,7 @@ description = "Describe the reference implementation of the Docker Registry v2 a keywords = ["registry, on-prem, images, tags, repository, distribution, JWT authentication, advanced"] [menu.main] parent="smn_registry_ref" +weight=101 +++ diff --git a/docs/spec/auth/oauth.md b/docs/spec/auth/oauth.md index 1311df5d..3d1ae0aa 100644 --- a/docs/spec/auth/oauth.md +++ b/docs/spec/auth/oauth.md @@ -5,6 +5,7 @@ description = "Specifies the Docker Registry v2 authentication" keywords = ["registry, on-prem, images, tags, repository, distribution, oauth2, advanced"] [menu.main] parent="smn_registry_ref" +weight=102 +++ diff --git a/docs/spec/auth/scope.md b/docs/spec/auth/scope.md index e626b6e1..a8f6c062 100644 --- a/docs/spec/auth/scope.md +++ b/docs/spec/auth/scope.md @@ -5,6 +5,7 @@ description = "Describes the scope and access fields used for registry authoriza keywords = ["registry, on-prem, images, tags, repository, distribution, advanced, access, scope"] [menu.main] parent="smn_registry_ref" +weight=103 +++ diff --git a/docs/spec/auth/token.md b/docs/spec/auth/token.md index 65482699..12dfc685 100644 --- a/docs/spec/auth/token.md +++ b/docs/spec/auth/token.md @@ -5,6 +5,7 @@ description = "Specifies the Docker Registry v2 authentication" keywords = ["registry, on-prem, images, tags, repository, distribution, Bearer authentication, advanced"] [menu.main] parent="smn_registry_ref" +weight=104 +++ diff --git a/docs/spec/index.md b/docs/spec/index.md index dddaa528..474bd455 100644 --- a/docs/spec/index.md +++ b/docs/spec/index.md @@ -1,18 +1,17 @@ # Docker Registry Reference * [HTTP API V2](api.md) -* [Storage Driver](../storagedrivers.md) +* [Storage Driver](../storage-drivers/index.md) * [Token Authentication Specification](auth/token.md) * [Token Authentication Implementation](auth/jwt.md) diff --git a/docs/spec/menu.md b/docs/spec/menu.md new file mode 100644 index 00000000..ebc52327 --- /dev/null +++ b/docs/spec/menu.md @@ -0,0 +1,13 @@ + + diff --git a/docs/storage-drivers/azure.md b/docs/storage-drivers/azure.md index 2783c427..a84888de 100644 --- a/docs/storage-drivers/azure.md +++ b/docs/storage-drivers/azure.md @@ -3,6 +3,8 @@ title = "Microsoft Azure storage driver" description = "Explains how to use the Azure storage drivers" keywords = ["registry, service, driver, images, storage, azure"] +[menu.main] +parent = "smn_storagedrivers" +++ diff --git a/docs/storage-drivers/filesystem.md b/docs/storage-drivers/filesystem.md index 476edcf5..65d39bce 100644 --- a/docs/storage-drivers/filesystem.md +++ b/docs/storage-drivers/filesystem.md @@ -3,6 +3,8 @@ title = "Filesystem storage driver" description = "Explains how to use the filesystem storage drivers" keywords = ["registry, service, driver, images, storage, filesystem"] +[menu.main] +parent="smn_storagedrivers" +++ diff --git a/docs/storage-drivers/gcs.md b/docs/storage-drivers/gcs.md index 0aa9b30d..1bc67f9e 100644 --- a/docs/storage-drivers/gcs.md +++ b/docs/storage-drivers/gcs.md @@ -3,6 +3,8 @@ title = "GCS storage driver" description = "Explains how to use the Google Cloud Storage drivers" keywords = ["registry, service, driver, images, storage, gcs, google, cloud"] +[menu.main] +parent="smn_storagedrivers" +++ diff --git a/docs/storage-drivers/index.md b/docs/storage-drivers/index.md index 2de729ad..89635bd3 100644 --- a/docs/storage-drivers/index.md +++ b/docs/storage-drivers/index.md @@ -1,7 +1,66 @@ + + +# Docker Registry Storage Driver + +This document describes the registry storage driver model, implementation, and explains how to contribute new storage drivers. + +## Provided Drivers + +This storage driver package comes bundled with several drivers: + +- [inmemory](inmemory.md): A temporary storage driver using a local inmemory map. This exists solely for reference and testing. +- [filesystem](filesystem.md): A local storage driver configured to use a directory tree in the local filesystem. +- [s3](s3.md): A driver storing objects in an Amazon Simple Storage Solution (S3) bucket. +- [azure](azure.md): A driver storing objects in [Microsoft Azure Blob Storage](http://azure.microsoft.com/en-us/services/storage/). +- [swift](swift.md): A driver storing objects in [Openstack Swift](http://docs.openstack.org/developer/swift/). +- [oss](oss.md): A driver storing objects in [Aliyun OSS](http://www.aliyun.com/product/oss). +- [gcs](gcs.md): A driver storing objects in a [Google Cloud Storage](https://cloud.google.com/storage/) bucket. + +## Storage Driver API + +The storage driver API is designed to model a filesystem-like key/value storage in a manner abstract enough to support a range of drivers from the local filesystem to Amazon S3 or other distributed object storage systems. + +Storage drivers are required to implement the `storagedriver.StorageDriver` interface provided in `storagedriver.go`, which includes methods for reading, writing, and deleting content, as well as listing child objects of a specified prefix key. + +Storage drivers are intended to be written in Go, providing compile-time +validation of the `storagedriver.StorageDriver` interface. + +## Driver Selection and Configuration + +The preferred method of selecting a storage driver is using the `StorageDriverFactory` interface in the `storagedriver/factory` package. These factories provide a common interface for constructing storage drivers with a parameters map. The factory model is based off of the [Register](http://golang.org/pkg/database/sql/#Register) and [Open](http://golang.org/pkg/database/sql/#Open) methods in the builtin [database/sql](http://golang.org/pkg/database/sql) package. + +Storage driver factories may be registered by name using the +`factory.Register` method, and then later invoked by calling `factory.Create` +with a driver name and parameters map. If no such storage driver can be found, +`factory.Create` will return an `InvalidStorageDriverError`. + +## Driver Contribution + +### Writing new storage drivers + +To create a valid storage driver, one must implement the +`storagedriver.StorageDriver` interface and make sure to expose this driver +via the factory system. + +#### Registering + +Storage drivers should call `factory.Register` with their driver name in an `init` method, allowing callers of `factory.New` to construct instances of this driver without requiring modification of imports throughout the codebase. + +## Testing + +Storage driver test suites are provided in +`storagedriver/testsuites/testsuites.go` and may be used for any storage +driver written in Go. Tests can be registered using the `RegisterSuite` +function, which run the same set of tests for any registered drivers. diff --git a/docs/storage-drivers/inmemory.md b/docs/storage-drivers/inmemory.md index 3109891e..1a14e77a 100644 --- a/docs/storage-drivers/inmemory.md +++ b/docs/storage-drivers/inmemory.md @@ -3,6 +3,8 @@ title = "In-memory storage driver" description = "Explains how to use the in-memory storage drivers" keywords = ["registry, service, driver, images, storage, in-memory"] +[menu.main] +parent="smn_storagedrivers" +++ diff --git a/docs/storage-drivers/menu.md b/docs/storage-drivers/menu.md new file mode 100644 index 00000000..3638649f --- /dev/null +++ b/docs/storage-drivers/menu.md @@ -0,0 +1,13 @@ + + diff --git a/docs/storage-drivers/oss.md b/docs/storage-drivers/oss.md index 2087c98d..a85e315e 100644 --- a/docs/storage-drivers/oss.md +++ b/docs/storage-drivers/oss.md @@ -3,6 +3,8 @@ title = "Aliyun OSS storage driver" description = "Explains how to use the Aliyun OSS storage driver" keywords = ["registry, service, driver, images, storage, OSS, aliyun"] +[menu.main] +parent="smn_storagedrivers" +++ diff --git a/docs/storage-drivers/s3.md b/docs/storage-drivers/s3.md index d78fc988..97cfbfc1 100644 --- a/docs/storage-drivers/s3.md +++ b/docs/storage-drivers/s3.md @@ -3,6 +3,8 @@ title = "S3 storage driver" description = "Explains how to use the S3 storage drivers" keywords = ["registry, service, driver, images, storage, S3"] +[menu.main] +parent="smn_storagedrivers" +++ diff --git a/docs/storage-drivers/swift.md b/docs/storage-drivers/swift.md index cab0bbd2..0cf582d1 100644 --- a/docs/storage-drivers/swift.md +++ b/docs/storage-drivers/swift.md @@ -3,6 +3,8 @@ title = "Swift storage driver" description = "Explains how to use the OpenStack swift storage driver" keywords = ["registry, service, driver, images, storage, swift"] +[menu.main] +parent="smn_storagedrivers" +++ diff --git a/docs/storagedrivers.md b/docs/storagedrivers.md deleted file mode 100644 index ab475c32..00000000 --- a/docs/storagedrivers.md +++ /dev/null @@ -1,64 +0,0 @@ - - - -# Docker Registry Storage Driver - -This document describes the registry storage driver model, implementation, and explains how to contribute new storage drivers. - -## Provided Drivers - -This storage driver package comes bundled with several drivers: - -- [inmemory](storage-drivers/inmemory.md): A temporary storage driver using a local inmemory map. This exists solely for reference and testing. -- [filesystem](storage-drivers/filesystem.md): A local storage driver configured to use a directory tree in the local filesystem. -- [s3](storage-drivers/s3.md): A driver storing objects in an Amazon Simple Storage Solution (S3) bucket. -- [azure](storage-drivers/azure.md): A driver storing objects in [Microsoft Azure Blob Storage](http://azure.microsoft.com/en-us/services/storage/). -- [swift](storage-drivers/swift.md): A driver storing objects in [Openstack Swift](http://docs.openstack.org/developer/swift/). -- [oss](storage-drivers/oss.md): A driver storing objects in [Aliyun OSS](http://www.aliyun.com/product/oss). -- [gcs](storage-drivers/gcs.md): A driver storing objects in a [Google Cloud Storage](https://cloud.google.com/storage/) bucket. - -## Storage Driver API - -The storage driver API is designed to model a filesystem-like key/value storage in a manner abstract enough to support a range of drivers from the local filesystem to Amazon S3 or other distributed object storage systems. - -Storage drivers are required to implement the `storagedriver.StorageDriver` interface provided in `storagedriver.go`, which includes methods for reading, writing, and deleting content, as well as listing child objects of a specified prefix key. - -Storage drivers are intended to be written in Go, providing compile-time -validation of the `storagedriver.StorageDriver` interface. - -## Driver Selection and Configuration - -The preferred method of selecting a storage driver is using the `StorageDriverFactory` interface in the `storagedriver/factory` package. These factories provide a common interface for constructing storage drivers with a parameters map. The factory model is based off of the [Register](http://golang.org/pkg/database/sql/#Register) and [Open](http://golang.org/pkg/database/sql/#Open) methods in the builtin [database/sql](http://golang.org/pkg/database/sql) package. - -Storage driver factories may be registered by name using the -`factory.Register` method, and then later invoked by calling `factory.Create` -with a driver name and parameters map. If no such storage driver can be found, -`factory.Create` will return an `InvalidStorageDriverError`. - -## Driver Contribution - -### Writing new storage drivers - -To create a valid storage driver, one must implement the -`storagedriver.StorageDriver` interface and make sure to expose this driver -via the factory system. - -#### Registering - -Storage drivers should call `factory.Register` with their driver name in an `init` method, allowing callers of `factory.New` to construct instances of this driver without requiring modification of imports throughout the codebase. - -## Testing - -Storage driver test suites are provided in -`storagedriver/testsuites/testsuites.go` and may be used for any storage -driver written in Go. Tests can be registered using the `RegisterSuite` -function, which run the same set of tests for any registered drivers. From f0b9dc30be46ea8de8adeb4d85a17552a9ba5161 Mon Sep 17 00:00:00 2001 From: Sven Dowideit Date: Wed, 1 Jun 2016 10:35:14 -0700 Subject: [PATCH 10/11] Merge pull request #1759 from SvenDowideit/fix-new-doc-metadata Add topics to the menu (cherry picked from commit e66f9c14409f1834fe40278635da55ca4063c4f6) Signed-off-by: Sven Dowideit Conflicts: docs/deprecated.md --- docs/compatibility.md | 7 +++++-- docs/garbage-collection.md | 3 +++ docs/index.md | 1 + docs/insecure.md | 3 +++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/docs/compatibility.md b/docs/compatibility.md index 9a7bdd42..6ff4c741 100644 --- a/docs/compatibility.md +++ b/docs/compatibility.md @@ -1,8 +1,11 @@ @@ -78,4 +81,4 @@ constraints of CAS.* For this reason if a manifest is pulled by _digest_ from a registry 2.3 with Docker Engine 1.9 and older, and the manifest was pushed with Docker Engine 1.10, a security check will cause the Engine to receive a manifest it cannot use and the -pull will fail. \ No newline at end of file +pull will fail. diff --git a/docs/garbage-collection.md b/docs/garbage-collection.md index 688bfb25..2d03e787 100644 --- a/docs/garbage-collection.md +++ b/docs/garbage-collection.md @@ -3,6 +3,9 @@ title = "Garbage Collection" description = "High level discussion of garbage collection" keywords = ["registry, garbage, images, tags, repository, distribution"] +[menu.main] +parent="smn_registry_ref" +weight=4 +++ diff --git a/docs/index.md b/docs/index.md index 2eb5f767..e8be74e9 100644 --- a/docs/index.md +++ b/docs/index.md @@ -6,6 +6,7 @@ keywords = ["registry, on-prem, images, tags, repository, distribution"] aliases = ["/registry/overview/"] [menu.main] parent="smn_registry" +weight=1 +++ diff --git a/docs/insecure.md b/docs/insecure.md index 88055d51..86d85930 100644 --- a/docs/insecure.md +++ b/docs/insecure.md @@ -3,6 +3,9 @@ title = "Testing an insecure registry" description = "Deploying a Registry in an insecure fashion" keywords = ["registry, on-prem, images, tags, repository, distribution, insecure"] +[menu.main] +parent="smn_registry_ref" +weight=5 +++ From bcf5b1befe43f64612fc35d96d43c69bbffe5084 Mon Sep 17 00:00:00 2001 From: Sven Dowideit Date: Wed, 1 Jun 2016 11:25:54 -0700 Subject: [PATCH 11/11] Merge pull request #1762 from SvenDowideit/more-docs-validation-cleanups Next load of docs validation fixes (cherry picked from commit bb330cd684eb4afab9cc4f2453d7c8918099d7ee) Signed-off-by: Sven Dowideit --- docs/compatibility.md | 2 +- docs/deploying.md | 2 +- docs/index.md | 2 +- docs/insecure.md | 2 +- docs/spec/manifest-v2-2.md | 6 +++--- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/compatibility.md b/docs/compatibility.md index 6ff4c741..cba7e378 100644 --- a/docs/compatibility.md +++ b/docs/compatibility.md @@ -18,7 +18,7 @@ will cause the Engine to receive a manifest it cannot use and the pull will fail ## Registry Manifest Support -Historically, the registry has supported a [single manifest type](https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-1.md) +Historically, the registry has supported a [single manifest type](./spec/manifest-v2-1.md) known as _Schema 1_. With the move toward multiple architecture images the distribution project diff --git a/docs/deploying.md b/docs/deploying.md index b67d5396..ceed44a6 100644 --- a/docs/deploying.md +++ b/docs/deploying.md @@ -49,7 +49,7 @@ Specifically, you might want to point your volume location to a specific place i ### Alternatives -You should usually consider using [another storage backend](https://github.com/docker/distribution/blob/master/docs/storagedrivers.md) instead of the local filesystem. Use the [storage configuration options](https://github.com/docker/distribution/blob/master/docs/configuration.md#storage) to configure an alternate storage backend. +You should usually consider using [another storage backend](./storage-drivers/index.md) instead of the local filesystem. Use the [storage configuration options](./configuration.md#storage) to configure an alternate storage backend. Using one of these will allow you to more easily scale your registry, and leverage your storage redundancy and availability features. diff --git a/docs/index.md b/docs/index.md index e8be74e9..95922284 100644 --- a/docs/index.md +++ b/docs/index.md @@ -29,7 +29,7 @@ You should use the Registry if you want to: Users looking for a zero maintenance, ready-to-go solution are encouraged to head-over to the [Docker Hub](https://hub.docker.com), which provides a free-to-use, hosted Registry, plus additional features (organization accounts, automated builds, and more). -Users looking for a commercially supported version of the Registry should look into [Docker Trusted Registry](https://docs.docker.com/docker-trusted-registry/). +Users looking for a commercially supported version of the Registry should look into [Docker Trusted Registry](/docker-trusted-registry/overview.md). ## Requirements diff --git a/docs/insecure.md b/docs/insecure.md index 86d85930..38b3a355 100644 --- a/docs/insecure.md +++ b/docs/insecure.md @@ -63,7 +63,7 @@ This is more secure than the insecure registry solution. You must configure eve 2. Be sure to use the name `myregistrydomain.com` as a CN. -3. Use the result to [start your registry with TLS enabled](https://github.com/docker/distribution/blob/master/docs/deploying.md#get-a-certificate) +3. Use the result to [start your registry with TLS enabled](./deploying.md#get-a-certificate) 4. Instruct every docker daemon to trust that certificate. diff --git a/docs/spec/manifest-v2-2.md b/docs/spec/manifest-v2-2.md index 31631454..9f01974c 100644 --- a/docs/spec/manifest-v2-2.md +++ b/docs/spec/manifest-v2-2.md @@ -76,7 +76,7 @@ image manifest based on the Content-Type returned in the HTTP response. - **`digest`** *string* The digest of the content, as defined by the - [Registry V2 HTTP API Specificiation](https://docs.docker.com/registry/spec/api/#digest-parameter). + [Registry V2 HTTP API Specificiation](api.md#digest-parameter). - **`platform`** *object* @@ -191,7 +191,7 @@ image. It's the direct replacement for the schema-1 manifest. - **`digest`** *string* The digest of the content, as defined by the - [Registry V2 HTTP API Specificiation](https://docs.docker.com/registry/spec/api/#digest-parameter). + [Registry V2 HTTP API Specificiation](api.md#digest-parameter). - **`layers`** *array* @@ -214,7 +214,7 @@ image. It's the direct replacement for the schema-1 manifest. - **`digest`** *string* The digest of the content, as defined by the - [Registry V2 HTTP API Specificiation](https://docs.docker.com/registry/spec/api/#digest-parameter). + [Registry V2 HTTP API Specificiation](api.md#digest-parameter). ## Example Image Manifest