microsoft
/
docker
зеркало из https://github.com/microsoft/docker.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Fixing seds, deleting old stuff 

Signed-off-by: Mary Anthony <mary@docker.com>

Upding sed, adding script to avoid redirects, remove mkdos

Signed-off-by: Mary Anthony <mary@docker.com>

Ignoring graphics with sed

Signed-off-by: Mary Anthony <mary@docker.com>

Fixing kitematic image

Signed-off-by: Mary Anthony <mary@docker.com>

Removing draft

Signed-off-by: Mary Anthony <mary@docker.com>

Fixing link

Signed-off-by: Mary Anthony <mary@docker.com>

removing from the menu

Signed-off-by: Mary Anthony <mary@docker.com>

Updatiing order of project material

Signed-off-by: Mary Anthony <mary@docker.com>

Removing from Regsitry v2 content per Olivier

Signed-off-by: Mary Anthony <mary@docker.com>

tweaking the touchup

Signed-off-by: Mary Anthony <mary@docker.com>

Removing include; only used four places; hugo global var replace

Signed-off-by: Mary Anthony <mary@docker.com>

Entering fixes from page-by-page

Signed-off-by: Mary Anthony <mary@docker.com>
This commit is contained in:
Mary Anthony 2015-06-16 06:04:13 -07:00
Родитель baa1664478
Коммит 328dbd0aa2
53 изменённых файлов: 89 добавлений и 1209 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

23
docs/Dockerfile
Просмотреть файл

@ -4,21 +4,10 @@ MAINTAINER Mary Anthony <mary@docker.com> (@moxiegirl)
# To get the git info for this repo
COPY . /src
COPY . /docs/content/engine/
COPY . /docs/content/
# Sed to process GitHub Markdown
# 1-2 Remove comment code from metadata block
# 3 Remove .md extension from link text
# 4 Change ](/ to ](/project/ in links
# 5 Change ](word) to ](/project/word)
# 6 Change ](../../ to ](/project/
# 7 Change ](../ to ](/project/word)
#
#
RUN find /docs/content/engine -type f -name "*.md" -exec sed -i.old \
-e '/^<!.*metadata]>/g' \
-e '/^<!.*end-metadata.*>/g' \
-e 's/\([(]\)\(.*\)\(\.md\)/\1\2/g' \
-e 's/\(\]\)\([(]\)\(\/\)/\1\2\/engine\//g' \
-e 's/\(\][(]\)\([A-z]*[)]\)/\]\(\/engine\/\2/g' \
-e 's/\(\][(]\)\(\.\.\/\)/\1\/engine\//g' {} \;
WORKDIR /docs/content
RUN /docs/content/touch-up.sh
WORKDIR /docs

4
docs/articles/basics.md
Просмотреть файл

@ -47,7 +47,9 @@ image cache.
> characters of the full image ID - which can be found using
> `docker inspect` or `docker images --no-trunc=true`.
{{ include "no-remote-sudo.md" }}
> **Note:** if you are using a remote Docker daemon, such as Boot2Docker,
> then _do not_ type the `sudo` before the `docker` commands shown in the
> documentation's examples.
## Running an interactive shell

3
docs/articles/certificates.md
Просмотреть файл

@ -4,7 +4,8 @@ title = "Using certificates for repository client verification"
description = "How to set up and use certificates with a registry to verify access"
keywords = ["Usage, registry, repository, client, root, certificate, docker, apache, ssl, tls, documentation, examples, articles, tutorials"]
[menu.main]
parent = "smn_registry"
parent = "mn_docker_hub"
weight = 7
+++
<![end-metadata]-->

3
docs/articles/registry_mirror.md
Просмотреть файл

@ -4,7 +4,8 @@ title = "Run a local registry mirror"
description = "How to set up and run a local registry mirror"
keywords = ["docker, registry, mirror, examples"]
[menu.main]
parent = "smn_registry"
parent = "mn_docker_hub"
weight = 8
+++
<![end-metadata]-->

1
docs/docker-hub/accounts.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Docker Hub accounts"
keywords = ["Docker, docker, registry, accounts, plans, Dockerfile, Docker Hub, docs, documentation"]
[menu.main]
parent = "smn_pubhub"
weight = 1
+++
<![end-metadata]-->

1
docs/docker-hub/builds.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Docker Hub Automated Builds"
keywords = ["Docker, docker, registry, accounts, plans, Dockerfile, Docker Hub, docs, documentation, trusted, builds, trusted builds, automated builds"]
[menu.main]
parent = "smn_pubhub"
weight = 3
+++
<![end-metadata]-->

1
docs/docker-hub/home.md
Просмотреть файл

@ -1,5 +1,6 @@
<!--[metadata]>
+++
draft = true
title = "The Docker Hub Registry help"
description = "The Docker Registry help documentation home"
keywords = ["Docker, docker, registry, accounts, plans, Dockerfile, Docker Hub, docs, documentation"]

2
docs/docker-hub/index.md
Просмотреть файл

@ -1,6 +1,6 @@
<!--[metadata]>
+++
title = "The Docker Hub help"
title = "The Docker Hub"
description = "The Docker Help documentation home"
keywords = ["Docker, docker, registry, accounts, plans, Dockerfile, Docker Hub, docs, documentation, accounts, organizations, repositories, groups"]
[menu.main]

1
docs/docker-hub/official_repos.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Guidelines for Official Repositories on Docker Hub"
keywords = ["Docker, docker, registry, accounts, plans, Dockerfile, Docker Hub, docs, official, image, documentation"]
[menu.main]
parent = "smn_pubhub"
weight = 4
+++
<![end-metadata]-->

1
docs/docker-hub/repos.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Your Repositories on Docker Hub"
keywords = ["Docker, docker, registry, accounts, plans, Dockerfile, Docker Hub, webhooks, docs, documentation"]
[menu.main]
parent = "smn_pubhub"
weight = 2
+++
<![end-metadata]-->

2
docs/examples/couchdb_data_volumes.md
Просмотреть файл

@ -4,7 +4,7 @@ title = "Dockerizing a CouchDB service"
description = "Sharing data between 2 couchdb databases"
keywords = ["docker, example, package installation, networking, couchdb, data volumes"]
[menu.main]
parent = "smn_remoteapi"
parent = "smn_applied"
+++
<![end-metadata]-->

3
docs/include/no-remote-sudo.md
Просмотреть файл

@ -1,3 +0,0 @@
> **Note:** if you are using a remote Docker daemon, such as Boot2Docker,
> then _do not_ type the `sudo` before the `docker` commands shown in the
> documentation's examples.

4
docs/installation/mac.md
Просмотреть файл

@ -14,7 +14,7 @@ You can install Docker using Boot2Docker to run `docker` commands at your comman
Choose this installation if you are familiar with the command-line or plan to
contribute to the Docker project on GitHub.
[<img src="/engine/installation/images/kitematic.png" alt="Download Kitematic"
[<img src="/installation/images/kitematic.png" alt="Download Kitematic"
style="float:right;">](https://kitematic.com/download)
Alternatively, you may want to try <a id="inlinelink" href="https://kitematic.com/"
@ -355,4 +355,4 @@ at [Boot2Docker repository](https://github.com/boot2docker/boot2docker).
Thanks to Chris Jones whose [blog](http://viget.com/extend/how-to-use-docker-on-os-x-the-missing-guide)
inspired me to redo this page.
Continue with the [Docker User Guide](/userguide/).
Continue with the [Docker User Guide](/userguide).

2
docs/installation/ubuntulinux.md
Просмотреть файл

@ -8,7 +8,7 @@ parent = "smn_linux"
+++
<![end-metadata]-->
#Ubuntu
# Ubuntu
Docker is supported on these Ubuntu operating systems:

4
docs/installation/windows.md
Просмотреть файл

@ -53,7 +53,9 @@ is developed, you can launch only Linux containers from your Windows machine.
## Running Docker
{{ include "no-remote-sudo.md" }}
> **Note:** if you are using a remote Docker daemon, such as Boot2Docker,
> then _do not_ type the `sudo` before the `docker` commands shown in the
> documentation's examples.
**Boot2Docker Start** will automatically start a shell with environment variables
correctly set so you can start using Docker right away:

4
docs/misc/faq.md
Просмотреть файл

@ -36,7 +36,9 @@ Windows*](../installation/windows/#windows) installation guides. The small Linux
distribution boot2docker can be run inside virtual machines on these two
operating systems.
{{ include "no-remote-sudo.md" }}
> **Note:** if you are using a remote Docker daemon, such as Boot2Docker,
> then _do not_ type the `sudo` before the `docker` commands shown in the
> documentation's examples.
### How do containers compare to virtual machines?

4
docs/misc/index.md
Просмотреть файл

@ -1,12 +1,10 @@
<!--[metadata]>
+++
draft = true
title = "Get started with Docker"
title = "About Docker"
description = "Introduction to Docker."
keywords = ["docker, introduction, documentation, about, technology, understanding, Dockerfile"]
[menu.main]
parent = "mn_use_docker"
weight = 1
+++
<![end-metadata]-->

230
docs/mkdocs.yml
Просмотреть файл

@ -1,230 +0,0 @@
site_name: Docker Documentation
#site_url: https://docs.docker.com/
site_url: /
site_description: Documentation for fast and lightweight Docker container based virtualization framework.
site_favicon: img/favicon.png
dev_addr: '0.0.0.0:8000'
repo_url: https://github.com/docker/docker/
docs_dir: sources
include_search: true
use_absolute_urls: true
# theme: docker
theme_dir: ./theme/mkdocs/
theme_center_lead: false
copyright: Copyright &copy; 2014-2015, Docker, Inc.
google_analytics: ['UA-6096819-11', 'docker.io']
pages:
# Introduction:
- ['index.md', 'About', 'Docker']
- ['introduction/understanding-docker.md', 'About', 'Understanding Docker']
- ['release-notes.md', 'About', 'Release notes']
- ['reference/glossary.md', 'About', 'Glossary']
- ['introduction/index.md', '**HIDDEN**']
# Installation:
- ['installation/index.md', '**HIDDEN**']
- ['installation/ubuntulinux.md', 'Installation', 'Ubuntu']
- ['installation/mac.md', 'Installation', 'Mac OS X']
- ['kitematic/index.md', 'Installation', 'Kitematic on OS X']
- ['installation/windows.md', 'Installation', 'Microsoft Windows']
- ['installation/testing-windows-docker-client.md', 'Installation', 'Building and testing the Windows Docker client']
- ['installation/amazon.md', 'Installation', 'Amazon EC2']
- ['installation/archlinux.md', 'Installation', 'Arch Linux']
- ['installation/binaries.md', 'Installation', 'Binaries']
- ['installation/centos.md', 'Installation', 'CentOS']
- ['installation/cruxlinux.md', 'Installation', 'CRUX Linux']
- ['installation/debian.md', 'Installation', 'Debian']
- ['installation/fedora.md', 'Installation', 'Fedora']
- ['installation/frugalware.md', 'Installation', 'FrugalWare']
- ['installation/google.md', 'Installation', 'Google Cloud Platform']
- ['installation/gentoolinux.md', 'Installation', 'Gentoo']
- ['installation/softlayer.md', 'Installation', 'IBM Softlayer']
- ['installation/joyent.md', 'Installation', 'Joyent Compute Service']
- ['installation/azure.md', 'Installation', 'Microsoft Azure']
- ['installation/rackspace.md', 'Installation', 'Rackspace Cloud']
- ['installation/rhel.md', 'Installation', 'Red Hat Enterprise Linux']
- ['installation/oracle.md', 'Installation', 'Oracle Linux']
- ['installation/SUSE.md', 'Installation', 'SUSE']
- ['compose/install.md', 'Installation', 'Docker Compose']
# User Guide:
- ['userguide/index.md', 'User Guide', 'The Docker user guide' ]
- ['userguide/dockerhub.md', 'User Guide', 'Getting started with Docker Hub' ]
- ['userguide/dockerizing.md', 'User Guide', 'Dockerizing applications' ]
- ['userguide/usingdocker.md', 'User Guide', 'Working with containers' ]
- ['userguide/dockerimages.md', 'User Guide', 'Working with Docker images' ]
- ['userguide/dockerlinks.md', 'User Guide', 'Linking containers together' ]
- ['userguide/dockervolumes.md', 'User Guide', 'Managing data in containers' ]
- ['userguide/labels-custom-metadata.md', 'User Guide', 'Apply custom metadata' ]
- ['userguide/dockerrepos.md', 'User Guide', 'Working with Docker Hub' ]
- ['userguide/level1.md', '**HIDDEN**' ]
- ['userguide/level2.md', '**HIDDEN**' ]
- ['compose/index.md', 'User Guide', 'Docker Compose' ]
- ['compose/production.md', 'User Guide', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp; Use Compose in production' ]
- ['compose/extends.md', 'User Guide', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp; Extend Compose services' ]
- ['machine/index.md', 'User Guide', 'Docker Machine' ]
- ['swarm/index.md', 'User Guide', 'Docker Swarm' ]
- ['kitematic/userguide.md', 'User Guide', 'Kitematic']
# Docker Hub docs:
- ['docker-hub/index.md', 'Docker Hub', 'Docker Hub' ]
- ['docker-hub/accounts.md', 'Docker Hub', 'Accounts']
- ['docker-hub/userguide.md', 'Docker Hub', 'User Guide']
- ['docker-hub/repos.md', 'Docker Hub', 'Your Repositories']
- ['docker-hub/builds.md', 'Docker Hub', 'Automated Builds']
- ['docker-hub/official_repos.md', 'Docker Hub', 'Official Repositories']
# Docker Hub Enterprise:
- ['docker-hub-enterprise/index.md', 'Docker Hub Enterprise', 'Overview' ]
- ['docker-hub-enterprise/quick-start.md', 'Docker Hub Enterprise', 'Quick Start: Basic Workflow' ]
- ['docker-hub-enterprise/userguide.md', 'Docker Hub Enterprise', 'User Guide' ]
- ['docker-hub-enterprise/adminguide.md', 'Docker Hub Enterprise', 'Admin Guide' ]
- ['docker-hub-enterprise/install.md', 'Docker Hub Enterprise', '&nbsp;&nbsp;Installation' ]
- ['docker-hub-enterprise/configuration.md', 'Docker Hub Enterprise', '&nbsp;&nbsp;Configuration options' ]
- ['docker-hub-enterprise/support.md', 'Docker Hub Enterprise', 'Support' ]
- ['docker-hub-enterprise/release-notes.md', 'Docker Hub Enterprise', 'Release notes' ]
# Examples:
- ['examples/index.md', '**HIDDEN**']
- ['examples/nodejs_web_app.md', 'Examples', 'Dockerizing a Node.js web application']
- ['examples/mongodb.md', 'Examples', 'Dockerizing MongoDB']
- ['examples/running_redis_service.md', 'Examples', 'Dockerizing a Redis service']
- ['examples/postgresql_service.md', 'Examples', 'Dockerizing a PostgreSQL service']
- ['examples/running_riak_service.md', 'Examples', 'Dockerizing a Riak service']
- ['examples/running_ssh_service.md', 'Examples', 'Dockerizing an SSH service']
- ['examples/couchdb_data_volumes.md', 'Examples', 'Dockerizing a CouchDB service']
- ['examples/apt-cacher-ng.md', 'Examples', 'Dockerizing an Apt-Cacher-ng service']
- ['compose/django.md', 'Examples', 'Getting started with Compose and Django']
- ['compose/rails.md', 'Examples', 'Getting started with Compose and Rails']
- ['compose/wordpress.md', 'Examples', 'Getting started with Compose and Wordpress']
- ['kitematic/minecraft-server.md', 'Examples', 'Kitematic: Minecraft server']
- ['kitematic/nginx-web-server.md', 'Examples', 'Kitematic: Ngnix web server']
- ['kitematic/rethinkdb-dev-database.md', 'Examples', 'Kitematic: RethinkDB development database']
# Articles
- ['articles/index.md', '**HIDDEN**']
- ['articles/basics.md', 'Articles', 'Docker basics']
- ['articles/networking.md', 'Articles', 'Advanced networking']
- ['articles/security.md', 'Articles', 'Security']
- ['articles/https.md', 'Articles', 'Running Docker with HTTPS']
- ['articles/registry_mirror.md', 'Articles', 'Run a local registry mirror']
- ['articles/host_integration.md', 'Articles', 'Automatically starting containers']
- ['articles/baseimages.md', 'Articles', 'Creating a base image']
- ['articles/dockerfile_best-practices.md', 'Articles', 'Best practices for writing Dockerfiles']
- ['articles/certificates.md', 'Articles', 'Using certificates for repository client verification']
- ['articles/using_supervisord.md', 'Articles', 'Using Supervisor']
- ['articles/configuring.md', 'Articles', 'Configuring Docker']
- ['articles/cfengine_process_management.md', 'Articles', 'Process management with CFEngine']
- ['articles/puppet.md', 'Articles', 'Using Puppet']
- ['articles/chef.md', 'Articles', 'Using Chef']
- ['articles/dsc.md', 'Articles', 'Using PowerShell DSC']
- ['articles/ambassador_pattern_linking.md', 'Articles', 'Cross-Host linking using ambassador containers']
- ['articles/runmetrics.md', 'Articles', 'Runtime metrics']
- ['articles/b2d_volume_resize.md', 'Articles', 'Increasing a Boot2Docker volume']
- ['articles/systemd.md', 'Articles', 'Controlling and configuring Docker using Systemd']
# Reference
- ['reference/index.md', '**HIDDEN**']
- ['reference/commandline/index.md', '**HIDDEN**']
- ['reference/commandline/cli.md', 'Reference', 'Docker command line']
- ['reference/builder.md', 'Reference', 'Dockerfile']
- ['faq.md', 'Reference', 'FAQ']
- ['reference/run.md', 'Reference', 'Run reference']
- ['reference/logging/journald.md', '**HIDDEN**']
- ['compose/cli.md', 'Reference', 'Compose command line']
- ['compose/yml.md', 'Reference', 'Compose yml']
- ['compose/env.md', 'Reference', 'Compose ENV variables']
- ['compose/completion.md', 'Reference', 'Compose commandline completion']
- ['swarm/discovery.md', 'Reference', 'Swarm discovery']
- ['swarm/scheduler/strategy.md', 'Reference', 'Swarm strategies']
- ['swarm/scheduler/filter.md', 'Reference', 'Swarm filters']
- ['swarm/API.md', 'Reference', 'Swarm API']
- ['reference/api/index.md', '**HIDDEN**']
- ['registry/index.md', 'Reference', 'Docker Registry 2.0']
- ['registry/deploying.md', 'Reference', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp; Deploy a registry' ]
- ['registry/configuration.md', 'Reference', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp; Configure a registry' ]
- ['registry/storagedrivers.md', 'Reference', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp; Storage driver model' ]
- ['registry/notifications.md', 'Reference', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp; Work with notifications' ]
- ['registry/spec/api.md', 'Reference', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp; Registry Service API v2' ]
- ['registry/spec/json.md', 'Reference', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp; JSON format' ]
- ['registry/spec/auth/token.md', 'Reference', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp; Authenticate via central service' ]
- ['reference/api/hub_registry_spec.md', 'Reference', 'Docker Hub and Registry 1.0']
- ['reference/api/registry_api.md', 'Reference', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp;Docker Registry API v1']
- ['reference/api/registry_api_client_libraries.md', 'Reference', '&nbsp;&nbsp;&nbsp;&nbsp;&blacksquare;&nbsp;Docker Registry 1.0 API client libraries']
#- ['reference/image-spec-v1.md', 'Reference', 'Docker Image Specification v1.0.0']
- ['reference/api/docker-io_api.md', 'Reference', 'Docker Hub API']
#- ['reference/image-spec-v1.md', 'Reference', 'Docker Image Specification v1.0.0']
- ['reference/api/docker_remote_api.md', 'Reference', 'Docker Remote API']
- ['reference/api/docker_remote_api_v1.20.md', 'Reference', 'Docker Remote API v1.20']
- ['reference/api/docker_remote_api_v1.19.md', 'Reference', 'Docker Remote API v1.19']
- ['reference/api/docker_remote_api_v1.18.md', 'Reference', 'Docker Remote API v1.18']
- ['reference/api/docker_remote_api_v1.17.md', 'Reference', 'Docker Remote API v1.17']
- ['reference/api/docker_remote_api_v1.16.md', 'Reference', 'Docker Remote API v1.16']
- ['reference/api/docker_remote_api_v1.15.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.14.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.13.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.12.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.11.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.10.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.9.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.8.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.7.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.6.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.5.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.4.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.3.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.2.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.1.md', '**HIDDEN**']
- ['reference/api/docker_remote_api_v1.0.md', '**HIDDEN**']
- ['reference/api/remote_api_client_libraries.md', 'Reference', 'Docker Remote API client libraries']
- ['reference/api/docker_io_accounts_api.md', 'Reference', 'Docker Hub accounts API']
- ['kitematic/faq.md', 'Reference', 'Kitematic: FAQ']
- ['kitematic/known-issues.md', 'Reference', 'Kitematic: Known issues']
# Hidden registry files
- ['registry/storage-drivers/azure.md', '**HIDDEN**' ]
- ['registry/storage-drivers/filesystem.md', '**HIDDEN**' ]
- ['registry/storage-drivers/inmemory.md', '**HIDDEN**' ]
- ['registry/storage-drivers/s3.md', '**HIDDEN**' ]
- ['jsearch.md', '**HIDDEN**']
# - ['static_files/README.md', 'static_files', 'README']
- ['terms/index.md', '**HIDDEN**']
- ['terms/layer.md', '**HIDDEN**']
- ['terms/index.md', '**HIDDEN**']
- ['terms/registry.md', '**HIDDEN**']
- ['terms/container.md', '**HIDDEN**']
- ['terms/repository.md', '**HIDDEN**']
- ['terms/filesystem.md', '**HIDDEN**']
- ['terms/image.md', '**HIDDEN**']
# Project:
- ['project/index.md', '**HIDDEN**']
- ['project/who-written-for.md', 'Contributor', 'README first']
- ['project/software-required.md', 'Contributor', 'Get required software for Linux or OS X']
- ['project/software-req-win.md', 'Contributor', 'Get required software for Windows']
- ['project/set-up-git.md', 'Contributor', 'Configure Git for contributing']
- ['project/set-up-dev-env.md', 'Contributor', 'Work with a development container']
- ['project/test-and-docs.md', 'Contributor', 'Run tests and test documentation']
- ['project/make-a-contribution.md', 'Contributor', 'Understand contribution workflow']
- ['project/find-an-issue.md', 'Contributor', 'Find an issue']
- ['project/work-issue.md', 'Contributor', 'Work on an issue']
- ['project/create-pr.md', 'Contributor', 'Create a pull request']
- ['project/review-pr.md', 'Contributor', 'Participate in the PR review']
- ['project/advanced-contributing.md', 'Contributor', 'Advanced contributing']
- ['project/get-help.md', 'Contributor', 'Where to get help']
- ['project/coding-style.md', 'Contributor', 'Coding style guide']
- ['project/doc-style.md', 'Contributor', 'Documentation style guide']

1
docs/project/advanced-contributing.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Explains workflows for refactor and design proposals"
keywords = ["contribute, project, design, refactor, proposal"]
[menu.main]
parent = "smn_contribute"
weight=6
+++
<![end-metadata]-->

3
docs/project/coding-style.md
Просмотреть файл

@ -4,7 +4,8 @@ title = "Coding style checklist"
description = "List of guidelines for coding Docker contributions"
keywords = ["change, commit, squash, request, pull request, test, unit test, integration tests, Go, gofmt, LGTM"]
[menu.main]
parent = "mn_opensource"
parent = "smn_contribute"
weight=7
+++
<![end-metadata]-->

1
docs/project/create-pr.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Basic workflow for Docker contributions"
keywords = ["contribute, pull request, review, workflow, beginner, squash, commit"]
[menu.main]
parent = "smn_contribute"
weight=4
+++
<![end-metadata]-->

1
docs/project/doc-style.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Style guide for Docker documentation describing standards and con
keywords = ["style, guide, docker, documentation"]
[menu.main]
parent = "mn_opensource"
weight=100
+++
<![end-metadata]-->

5
docs/project/find-an-issue.md
Просмотреть файл

@ -1,10 +1,11 @@
<!--[metadata]>
+++
title = "Make a project contribution"
title = "Find and claim an issue"
description = "Basic workflow for Docker contributions"
keywords = ["contribute, pull request, review, workflow, beginner, expert, squash, commit"]
keywords = ["contribute, issue, review, workflow, beginner, expert, squash, commit"]
[menu.main]
parent = "smn_contribute"
weight=2
+++
<![end-metadata]-->

1
docs/project/review-pr.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Basic workflow for Docker contributions"
keywords = ["contribute, pull request, review, workflow, beginner, squash, commit"]
[menu.main]
parent = "smn_contribute"
weight=5
+++
<![end-metadata]-->

1
docs/project/set-up-dev-env.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "How to use Docker's development environment"
keywords = ["development, inception, container, image Dockerfile, dependencies, Go, artifacts"]
[menu.main]
parent = "smn_develop"
weight=5
+++
<![end-metadata]-->

1
docs/project/set-up-git.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Describes how to set up your local machine and repository"
keywords = ["GitHub account, repository, clone, fork, branch, upstream, Git, Go, make "]
[menu.main]
parent = "smn_develop"
weight=4
+++
<![end-metadata]-->

1
docs/project/software-req-win.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "How to set up a server to test Docker Windows client"
keywords = ["development, inception, container, image Dockerfile, dependencies, Go, artifacts, windows"]
[menu.main]
parent = "smn_develop"
weight=3
+++
<![end-metadata]-->

1
docs/project/software-required.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Describes the software required to contribute to Docker"
keywords = ["GitHub account, repository, Docker, Git, Go, make, "]
[menu.main]
parent = "smn_develop"
weight=2
+++
<![end-metadata]-->

3
docs/project/test-and-docs.md
Просмотреть файл

@ -4,7 +4,8 @@ title = "Run tests and test documentation"
description = "Describes Docker's testing infrastructure"
keywords = ["make test, make docs, Go tests, gofmt, contributing, running tests"]
[menu.main]
parent = "smn_contribute"
parent = "smn_develop"
weight=6
+++
<![end-metadata]-->

1
docs/project/work-issue.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "Basic workflow for Docker contributions"
keywords = ["contribute, pull request, review, workflow, beginner, squash, commit"]
[menu.main]
parent = "smn_contribute"
weight=3
+++
<![end-metadata]-->

1
docs/reference/api/docker_remote_api_v1.10.md
Просмотреть файл

@ -1,5 +1,6 @@
<!--[metadata]>
+++
draft = true
title = "Remote API v1.10"
description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]

1
docs/reference/api/docker_remote_api_v1.11.md
Просмотреть файл

@ -1,5 +1,6 @@
<!--[metadata]>
+++
draft = true
title = "Remote API v1.11"
description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]

1
docs/reference/api/docker_remote_api_v1.12.md
Просмотреть файл

@ -1,5 +1,6 @@
<!--[metadata]>
+++
draft = true
title = "Remote API v1.12"
description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]

1
docs/reference/api/docker_remote_api_v1.13.md
Просмотреть файл

@ -1,5 +1,6 @@
<!--[metadata]>
+++
draft = true
title = "Remote API v1.13"
description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]

1
docs/reference/api/docker_remote_api_v1.14.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]
[menu.main]
parent = "smn_remoteapi"
weight = 7
+++
<![end-metadata]-->

1
docs/reference/api/docker_remote_api_v1.15.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]
[menu.main]
parent = "smn_remoteapi"
weight = 6
+++
<![end-metadata]-->

1
docs/reference/api/docker_remote_api_v1.16.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]
[menu.main]
parent = "smn_remoteapi"
weight = 5
+++
<![end-metadata]-->

1
docs/reference/api/docker_remote_api_v1.17.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]
[menu.main]
parent = "smn_remoteapi"
weight = 4
+++
<![end-metadata]-->

1
docs/reference/api/docker_remote_api_v1.18.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]
[menu.main]
parent = "smn_remoteapi"
weight = 3
+++
<![end-metadata]-->

1
docs/reference/api/docker_remote_api_v1.19.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]
[menu.main]
parent = "smn_remoteapi"
weight = 2
+++
<![end-metadata]-->

1
docs/reference/api/docker_remote_api_v1.20.md
Просмотреть файл

@ -5,6 +5,7 @@ description = "API Documentation for Docker"
keywords = ["API, Docker, rcli, REST, documentation"]
[menu.main]
parent="smn_remoteapi"
weight = 1
+++
<![end-metadata]-->

6
docs/reference/api/hub_registry_spec.md
Просмотреть файл

@ -1,14 +1,14 @@
<!--[metadata]>
+++
title = "Registry documentation"
title = "The Docker Hub and the Registry v1"
description = "Documentation for docker Registry and Registry API"
keywords = ["docker, registry, api, hub"]
[menu.main]
parent="smn_registry_ref"
parent="smn_hub_ref"
+++
<![end-metadata]-->
# The Docker Hub and the Registry 1.0 spec
# The Docker Hub and the Registry v1
## The three roles

3
docs/reference/api/registry_api.md
Просмотреть файл

@ -1,6 +1,7 @@
<!--[metadata]>
+++
title = "Registry API"
draft = true
title = "Registry v1 API"
description = "API Documentation for Docker Registry"
keywords = ["API, Docker, index, registry, REST, documentation"]
[menu.main]

1
docs/reference/api/registry_api_client_libraries.md
Просмотреть файл

@ -1,5 +1,6 @@
<!--[metadata]>
+++
draft = true
title = "Registry API v1 client libraries"
description = "Various client libraries available to use with the Docker registry API"
keywords = ["API, Docker, index, registry, REST, documentation, clients, C#, Erlang, Go, Groovy, Java, JavaScript, Perl, PHP, Python, Ruby, Rust, Scala"]

4
docs/reference/commandline/cli.md
Просмотреть файл

@ -10,7 +10,9 @@ parent = "mn_reference"
# Docker Command Line
{{ include "no-remote-sudo.md" }}
> **Note:** if you are using a remote Docker daemon, such as Boot2Docker,
> then _do not_ type the `sudo` before the `docker` commands shown in the
> documentation's examples.
To list available commands, either run `docker` with no parameters
or execute `docker help`:

357
docs/sources/docker-hub-enterprise/configuration.md
Просмотреть файл

@ -1,357 +0,0 @@
no_version_dropdown: true
page_title: Docker Hub Enterprise: Configuration options
page_description: Configuration instructions for Docker Hub Enterprise
page_keywords: docker, documentation, about, technology, understanding, enterprise, hub, registry
# Configuring DHE
## Overview
This page will help you properly configure Docker Hub Enterprise (DHE) so it can
run in your environment.
Start with DHE loaded in your browser and click the "Settings" tab to view
configuration options. You'll see options for configuring:
* Domains and ports
* Security settings
* Storage settings
* Authentication settings
* Your DHE license
## Domains and Ports
![Domain and Ports page</admin/settings#http>](../assets/admin-settings-http.png)
* *Domain Name*: **required** defaults to an empty string, the fully qualified domain name assigned to the DHE host.
* *Load Balancer HTTP Port*: defaults to 80, used as the entry point for the image storage service. To see load balancer status, you can query
http://&lt;dhe-host&gt;/load_balancer_status.
* *Load Balancer HTTPS Port*: defaults to 443, used as the secure entry point
for the image storage service.
* *HTTP_PROXY*: defaults to an empty string, proxy server for HTTP requests.
* *HTTPS_PROXY*: defaults to an empty string, proxy server for HTTPS requests.
* *NO_PROXY*: defaults to an empty string, proxy bypass for HTTP and HTTPS requests.
> **Note**: If you need DHE to re-generate a self-signed certificate at some
> point, you'll need to first delete `/usr/local/etc/dhe/ssl/server.pem`, and
> then restart the DHE containers, either by changing and saving the "Domain Name",
> or using `bash -c "$(docker run dockerhubenterprise/manager restart)"`.
## Security
![Security settings page</admin/settings#security>](../assets/admin-settings-security.png)
* *SSL Certificate*: Used to enter the hash (string) from the SSL Certificate.
This cert must be accompanied by its private key, entered below.
* *Private Key*: The hash from the private key associated with the provided
SSL Certificate (as a standard x509 key pair).
In order to run, DHE requires encrypted communications via HTTPS/SSL between (a) the DHE registry and your Docker Engine(s), and (b) between your web browser and the DHE admin server. There are a few options for setting this up:
1. You can use the self-signed certificate DHE generates by default.
2. You can generate your own certificates using a public service or your enterprise's infrastructure. See the [Generating SSL certificates](#generating-ssl-certificates) section for the options available.
If you are generating your own certificates, you can install them by following the instructions for
[Adding your own registry certificates to DHE](#adding-your-own-registry-certificates-to-dhe).
On the other hand, if you choose to use the DHE-generated certificates, or the
certificates you generate yourself are not trusted by your client Docker hosts,
you will need to do one of the following:
* [Install a registry certificate on all of your client Docker daemons](#installing-registry-certificates-on-client-docker-daemons),
* Set your [client Docker daemons to run with an unconfirmed connection to the registry](#if-you-cant-install-the-certificates).
### Generating SSL certificates
There are three basic approaches to generating certificates:
1. Most enterprises will have private key infrastructure (PKI) in place to
generate keys. Consult with your security team or whomever manages your private
key infrastructure. If you have this resource available, Docker recommends you
use it.
2. If your enterprise can't provide keys, you can use a public Certificate
Authority (CA) like "InstantSSL.com" or "RapidSSL.com" to generate a
certificate. If your certificates are generated using a globally trusted
Certificate Authority, you won't need to install them on all of your
client Docker daemons.
3. Use the self-signed registry certificate generated by DHE, and install it
onto the client Docker daemon hosts as shown below.
### Adding your own Registry certificates to DHE
Whichever method you use to generate certificates, once you have them
you can set up your DHE server to use them by navigating to the "Settings" page,
going to "Security," and putting the SSL Certificate text (including all
intermediate Certificates, starting with the host) into the
"SSL Certificate" edit box, and the previously generated Private key into
the "SSL Private Key" edit box.
Click the "Save" button, and then wait for the DHE Admin site to restart and
reload. It should now be using the new certificate.
Once the "Security" page has reloaded, it will show `#` hashes instead of the
certificate text you pasted in.
If your certificate is signed by a chain of Certificate Authorities that are
already trusted by your Docker daemon servers, you can skip the "Installing
registry certificates" step below.
### Installing Registry certificates on client Docker daemons
If your certificates do not have a trusted Certificate Authority, you will need
to install them on each client Docker daemon host.
The procedure for installing the DHE certificates on each Linux distribution has
slightly different steps, as shown below.
You can test this certificate using `curl`:
```
$ curl https://dhe.yourdomain.com/v2/
curl: (60) SSL certificate problem: self signed certificate
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
$ curl --cacert /usr/local/etc/dhe/ssl/server.pem https://dhe.yourdomain.com/v2/
{"errors":[{"code":"UNAUTHORIZED","message":"access to the requested resource is not authorized","detail":null}]}
```
Continue by following the steps corresponding to your chosen OS.
#### Ubuntu/Debian
```
$ export DOMAIN_NAME=dhe.yourdomain.com
$ openssl s_client -connect $DOMAIN_NAME:443 -showcerts </dev/null 2>/dev/null | openssl x509 -outform PEM | sudo tee /usr/local/share/ca-certificates/$DOMAIN_NAME.crt
$ sudo update-ca-certificates
Updating certificates in /etc/ssl/certs... 1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
$ sudo service docker restart
docker stop/waiting
docker start/running, process 29291
```
#### RHEL
```
$ export DOMAIN_NAME=dhe.yourdomain.com
$ openssl s_client -connect $DOMAIN_NAME:443 -showcerts </dev/null 2>/dev/null | openssl x509 -outform PEM | sudo tee /etc/pki/ca-trust/source/anchors/$DOMAIN_NAME.crt
$ sudo update-ca-trust
$ sudo /bin/systemctl restart docker.service
```
#### Boot2Docker 1.6.0
Install the CA cert (or the auto-generated cert) by adding the following to
your `/var/lib/boot2docker/bootsync.sh`:
```
#!/bin/sh
cat /var/lib/boot2docker/server.pem >> /etc/ssl/certs/ca-certificates.crt
```
Then get the certificate from the new DHE server using:
```
$ openssl s_client -connect dhe.yourdomain.com:443 -showcerts </dev/null 2>/dev/null | openssl x509 -outform PEM | sudo tee -a /var/lib/boot2docker/server.pem
```
If your certificate chain is complicated, you may want to use the changes in
[Pull request 807](https://github.com/boot2docker/boot2docker/pull/807/files)
Now you can either reboot your Boot2Docker virtual machine, or run the following to
install the server certificate, and then restart the Docker daemon.
```
$ sudo chmod 755 /var/lib/boot2docker/bootsync.sh
$ sudo /var/lib/boot2docker/bootsync.sh
$ sudo /etc/init.d/docker restart`.
```
### If you can't install the certificates
If for some reason you can't install the certificate chain on a client Docker host,
or your certificates do not have a global CA, you can configure your Docker daemon to run in "insecure" mode. This is done by adding an extra flag,
`--insecure-registry host-ip|domain-name`, to your client Docker daemon startup flags.
You'll need to restart the Docker daemon for the change to take effect.
This flag means that the communications between your Docker client and the DHE
Registry server are still encrypted, but the client Docker daemon is not
confirming that the Registry connection is not being hijacked or diverted.
> **Note**: If you enter a "Domain Name" into the "Security" settings, it needs
> to be DNS resolvable on any client Docker daemons that are running in
> "insecure-registry" mode.
To set the flag, follow the directions below for your operating system.
#### Ubuntu
On Ubuntu 14.04 LTS, you customize the Docker daemon configuration with the
`/etc/defaults/docker` file.
Open or create the `/etc/defaults/docker` file, and add the
`--insecure-registry` flag to the `DOCKER_OPTS` setting (which may need to be
added or uncommented) as follows:
```
DOCKER_OPTS="--insecure-registry dhe.yourdomain.com"
```
Then restart the Docker daemon with `sudo service docker restart`.
#### RHEL
On RHEL, you customize the Docker daemon configuration with the
`/etc/sysconfig/docker` file.
Open or create the `/etc/sysconfig/docker` file, and add the
`--insecure-registry` flag to the `OPTIONS` setting (which may need to be
added or uncommented) as follows:
```
OPTIONS="--insecure-registry dhe.yourdomain.com"
```
Then restart the Docker daemon with `sudo service docker restart`.
### Boot2Docker
On Boot2Docker, you customize the Docker daemon configuration with the
`/var/lib/boot2docker/profile` file.
Open or create the `/var/lib/boot2docker/profile` file, and add an `EXTRA_ARGS`
setting as follows:
```
EXTRA_ARGS="--insecure-registry dhe.yourdomain.com"
```
Then restart the Docker daemon with `sudo /etc/init.d/docker restart`.
## Image Storage Configuration
DHE offers multiple methods for image storage, which are defined using specific
storage drivers. Image storage can be local, remote, or on a cloud service such
as S3. Storage drivers can be added or customized via the DHE storage driver
API.
![Storage settings page</admin/settings#storage>](../assets/admin-settings-storage.png)
* *Yaml configuration file*: This file (`/usr/local/etc/dhe/storage.yml`) is
used to configure the image storage services. The editable text of the file is
displayed in the dialog box. The schema of this file is identical to that used
by the [Registry 2.0](https://docs.docker.com/registry/configuration/).
* If you are using the file system driver to provide local image storage, you will need to specify a root directory which will get mounted as a sub-path of
`/var/local/dhe/image-storage`. The default value of this root directory is
`/local`, so the full path to it is `/var/local/dhe/image-storage/local`.
> **Note:**
> Saving changes you've made to settings will restart the Docker Hub Enterprise
> instance. The restart may cause a brief interruption for users of the image
> storage system.
## Authentication
The "Authentication" settings tab lets DHE administrators control access
to the DHE web admin tool and to the DHE Registry.
The current authentication methods are `None`, `Basic` and `LDAP`.
> **Note**: if you have issues logging into the DHE admin web interface after changing the authentication
> settings, you may need to use the [emergency access to the DHE admin web interface](./adminguide.md#Emergency-access-to-the-dhe-admin-web-interface).
### No authentication
No authentication means that everyone that can access your DHE web administration
site. This is not recommended for any use other than testing.
### Basic authentication
The `Basic` authentication setting allows the admin to provide username/password pairs local to DHE.
Any user who can successfully authenticate can use DHE to push and pull Docker images.
You can optionally filter the list of users to a subset of just those users with access to the DHE
admin web interface.
![Basic authentication settings page</admin/settings#auth>](../assets/admin-settings-authentication-basic.png)
* A button to add one user, or to upload a CSV file containing username,
password pairs
* A DHE website Administrator Filter, allowing you to either
* * *Allow all authenticated users*: to log into the DHE admin web interface, or
* * *Whitelist usernames*: which allows you to restrict access to the web interface to a listed set of users.
### LDAP authentication
Using LDAP authentication allows you to integrate your DHE registry into your
organization's existing user and authentication database.
As this involves existing infrastructure external to DHE and Docker, you will need to
gather the details required to configure DHE for your organization's particular LDAP
implementation.
You can test that you have the necessary LDAP server information by using it from
inside a Docker container running on the same server as your DHE:
> **Note**: if the LDAP server is configured to use *StartTLS*, then you need to add `-Z` to the
> `ldapsearch` command examples below.
```
docker run --rm -it svendowideit/ldapsearch -h <LDAP Server hostname> -b <User Base DN> -D <Search User DN> -w <Search User Password>
```
or if the LDAP server is set up to allow anonymous access (which means your *Search User DN* and *Search User Password* settings can remain empty):
```
docker run --rm -it svendowideit/ldapsearch -h <LDAP Server hostname> -b <User Base DN> -x
```
The result of these queries should be a (very) long list - if you get an authentication error,
then the details you have been given are not sufficient.
The *User Login Attribute* key setting must match the field used in the LDAP server
for the user's login-name. On OpenLDAP, it's generally `uid`, and on Microsoft Active Directory
servers, it's `sAMAccountName`. The `ldapsearch` output above should allow you to
confirm which setting you need.
![LDAP authentication settings page</admin/settings#auth>](../assets/admin-settings-authentication-ldap.png)
* *Use StartTLS*: defaults to unchecked, check to enable StartTLS
* *LDAP Server URL*: **required** defaults to null, LDAP server URL (e.g., - ldap://example.com)
* *User Base DN*: **required** defaults to null, user base DN in the form (e.g., - dc=example,dc=com)
* *User Login Attribute*: **required** defaults to null, user login attribute (e.g., - uid or sAMAccountName)
* *Search User DN*: **required** defaults to null, search user DN (e.g., - domain\username)
* *Search User Password*: **required** defaults to null, search user password
* A *DHE Registry User filter*: allowing you to either
* * *Allow all authenticated users* to push or pull any images, or
* * *Filter LDAP search results*: which allows you to restrict DHE registry pull and push to users matching the LDAP filter,
* * *Whitelist usernames*: which allows you to restrict DHE registry pull and push to the listed set of users.
* A *DHE website Administrator filter*, allowing you to either
* * *Allow all authenticated users*: to log into the DHE admin web interface, or
* * *Filter LDAP search results*: which allows you to restrict DHE admin web access to users matching the LDAP filter,
* * *Whitelist usernames*: which allows you to restrict access to the web interface to the listed set of users.
## Next Steps
For information on getting support for DHE, take a look at the
[Support information](./support.md).

331
docs/sources/docker-hub-enterprise/quick-start.md
Просмотреть файл

@ -1,331 +0,0 @@
no_version_dropdown: true
page_title: Docker Hub Enterprise: Quick-start: Basic Workflow
page_description: Brief tutorial on the basics of Docker Hub Enterprise user workflow
page_keywords: docker, documentation, about, technology, understanding, enterprise, hub, registry, image, repository
# Docker Hub Enterprise Quick Start: Basic User Workflow
## Overview
This Quick Start Guide will give you a hands-on look at the basics of using
Docker Hub Enterprise (DHE), Docker's on-premise image storage application.
This guide will walk you through using DHE to complete a typical, and critical,
part of building a development pipeline: setting up a Jenkins instance. Once you
complete the task, you should have a good idea of how DHE works and how it might
be useful to you.
Specifically, this guide demonstrates the process of retrieving the
[official Docker image for Jenkins](https://registry.hub.docker.com/_/jenkins/),
customizing it to suit your needs, and then hosting it on your private instance
of DHE located inside your enterprise's firewalled environment. Your developers
will then be able to retrieve the custom Jenkins image in order to use it to
build CI/CD infrastructure for their projects, no matter the platform they're
working from, be it a laptop, a VM, or a cloud provider.
The guide will walk you through the following steps:
1. Pulling the official Jenkins image from the public Docker Hub
2. Customizing the Jenkins image to suit your needs
3. Pushing the customized image to DHE
4. Pulling the customized image from DHE
4. Launching a container from the custom image
5. Using the new Jenkins container
You should be able to complete this guide in about thirty minutes.
> **Note:** This guide assumes you have installed a working instance of DHE
> reachable at dhe.yourdomain.com. If you need help installing and configuring
> DHE, please consult the
[installation instructions](./install.md).
## Pulling the official Jenkins image
> **Note:** This guide assumes you are familiar with basic Docker concepts such
> as images, containers, and registries. If you need to learn more about Docker
> fundamentals, please consult the
> [Docker user guide](https://docs.docker.com/userguide/).
First, you will retrieve a copy of the official Jenkins image from the Docker Hub. By default, if
Docker can't find an image locally, it will attempt to pull the image from the
Docker Hub. From the CLI of a machine running the Docker Engine on your network, use
the
[`docker pull`](https://docs.docker.com/reference/commandline/cli/#pull)
command to pull the public Jenkins image.
$ docker pull jenkins
> **Note:** This guide assumes you can run Docker commands from a machine where
> you are a member of the `docker` group, or have root privileges. Otherwise, you may
> need to add `sudo` to the example commands below.
Docker will start the process of pulling the image from the Hub. Once it has completed, the Jenkins image should be visible in the output of a [`docker images`](https://docs.docker.com/reference/commandline/cli/#images) command, which lists your available images:
$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
jenkins latest 1a7cc22b0ee9 6 days ago 662 MB
> **Note:** Because the `pull` command did not specify any tags, it will pull
> the latest version of the public Jenkins image. If your enterprise environment
> requires you to use a specific version, add the tag for the version you need
> (e.g., `jenkins:1.565`).
## Customizing the Jenkins image
Now that you have a local copy of the Jenkins image, you'll customize it so that
the containers it builds will integrate with your infrastructure. To do this,
you'll create a custom Docker image that adds a Jenkins plugin that provides
fine grained user management. You'll also configure Jenkins to be more secure by
disabling HTTP access and forcing it to use HTTPS.
You'll do this by using a `Dockerfile` and the `docker build` command.
> **Note:** These are obviously just a couple of examples of the many ways you
> can modify and configure Jenkins. Feel free to add or substitute whatever
> customization is necessary to run Jenkins in your environment.
### Creating a `build` context
In order to add the new plugin and configure HTTPS access to the custom Jenkins
image, you need to:
1. Create text file that defines the new plugin
2. Create copies of the private key and certificate
All of the above files need to be in the same directory as the Dockerfile you
will create in the next step.
1. Create a build directory called `build`, and change to that new directory:
$ mkdir build && cd build
In this directory, create a new file called `plugins` and add the following
line:
role-strategy:2.2.0
(The plugin version used above was the latest version at the time of writing.)
2. You will also need to make copies of the server's private key and certificate. Give the copies the following names - `https.key` and `https.pem`.
> **Note:** Because creating new keys varies widely by platform and
> implementation, this guide won't cover key generation. We assume you have
> access to existing keys. If you don't have access, or can't generate keys
> yourself, feel free to skip the steps involving them and HTTPS config. The
> guide will still walk you through building a custom Jenkins image and pushing
> and pulling that image using DHE.
### Creating a Dockerfile
In the same directory as the `plugins` file and the private key and certificate,
create a new [`Dockerfile`](https://docs.docker.com/reference/builder/) with the
following contents:
FROM jenkins
#New plugins must be placed in the plugins file
COPY plugins /usr/share/jenkins/plugins
#The plugins.sh script will install new plugins
RUN /usr/local/bin/plugins.sh /usr/share/jenkins/plugins
#Copy private key and cert to image
COPY https.pem /var/lib/jenkins/cert
COPY https.key /var/lib/jenkins/pk
#Configure HTTP off and HTTPS on, using port 1973
ENV JENKINS_OPTS --httpPort=-1 --httpsPort=1973 --httpsCertificate=/var/lib/jenkins/cert --httpsPrivateKey=/var/lib/jenkins/pk
The first `COPY` instruction in the above will copy the `plugin` file created
earlier into the `/usr/share/jenkins` directory within the custom image you are
defining with the `Dockerfile`.
The `RUN` instruction will execute the `/usr/local/bin/plugins.sh` script with
the newly copied `plugins` file, which will install the listed plugin.
The next two `COPY` instructions copy the server's private key and certificate
into the required directories within the new image.
The `ENV` instruction creates an environment variable called `JENKINS_OPT` in
the image you are about to create. This environment variable will be present in
any containers launched form the image and contains the required settings to
tell Jenkins to disable HTTP and operate over HTTPS.
> **Note:** You can specify any valid port number as part of the `JENKINS_OPT`
> environment variable declared above. The value `1973` used in the example is
> arbitrary.
The `Dockerfile`, the `plugins` file, as well as the private key and
certificate, must all be in the same directory because the `docker build`
command uses the directory that contains the `Dockerfile` as its "build
context". Only files contained within that "build context" will be included in
the image being built.
### Building your custom image
Now that the `Dockerfile`, the `plugins` file, and the files required for HTTPS
operation are created in your current working directory, you can build your
custom image using the
[`docker build` command](https://docs.docker.com/reference/commandline/cli/#build):
docker build -t dhe.yourdomain.com/ci-infrastructure/jnkns-img .
> **Note:** Don't miss the period (`.`) at the end of the command above. This
> tells the `docker build` command to use the current working directory as the
> "build context".
This command will build a new Docker image called `jnkns-img` which is based on
the public Jenkins image you pulled earlier, but contains all of your
customization.
Please note the use of the `-t` flag in the `docker build` command above. The
`-t` flag lets you tag an image so it can be pushed to a custom repository. In
the example above, the new image is tagged so it can be pushed to the
`ci-infrastructure` Repository within the `dhe.yourdomain.com` registry (your
local DHE instance). This will be important when you need to `push` the
customized image to DHE later.
A `docker images` command will now show the custom image alongside the Jenkins
image pulled earlier:
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
dhe.yourdomain.com/ci-infrastructure/jnkns-img latest fc0ab3008d40 2 minutes ago 674.5 MB
jenkins latest 1a7cc22b0ee9 6 days ago 662 MB
## Pushing to Docker Hub Enterprise
> **Note**: If your DHE instance has authentication enabled, you will need to
> use your command line to `docker login <dhe-hostname>` (e.g., `docker login
> dhe.yourdomain.com`).
>
> Failures due to unauthenticated `docker push` and `docker pull` commands will
> look like :
>
> $ docker pull dhe.yourdomain.com/hello-world
> Pulling repository dhe.yourdomain.com/hello-world
> FATA[0001] Error: image hello-world:latest not found
>
> $ docker push dhe.yourdomain.com/hello-world
> The push refers to a repository [dhe.yourdomain.com/hello-world] (len: 1)
> e45a5af57b00: Image push failed
> FATA[0001] Error pushing to registry: token auth attempt for registry
> https://dhe.yourdomain.com/v2/:
> https://dhe.yourdomain.com/auth/v2/token/
> ?scope=repository%3Ahello-world%3Apull%2Cpush&service=dhe.yourdomain.com
> request failed with status: 401 Unauthorized
Now that you've created the custom image, it can be pushed to DHE using the
[`docker push`command](https://docs.docker.com/reference/commandline/cli/#push):
$ docker push dhe.yourdomain.com/ci-infrastructure/jnkns-img
511136ea3c5a: Image successfully pushed
848d84b4b2ab: Image successfully pushed
71d9d77ae89e: Image already exists
<truncated ouput...>
492ed3875e3e: Image successfully pushed
fc0ab3008d40: Image successfully pushed
You can view the traffic throughput while the custom image is being pushed from
the `System Health` tab in DHE:
![DHE console push throughput](../assets/console-push.png)
Once the image is successfully pushed, it can be downloaded, or pulled, by any
Docker host that has access to DHE.
## Pulling from Docker Hub Enterprise
To pull the `jnkns-img` image from DHE, run the
[`docker pull`](https://docs.docker.com/reference/commandline/cli/#pull)
command from any Docker Host that has access to your DHE instance:
$ docker pull dhe.yourdomain.com/ci-infrastructure/jnkns-img
latest: Pulling from dhe.yourdomain.com/ci-infrastructure/jnkns-img
511136ea3c5a: Pull complete
848d84b4b2ab: Pull complete
71d9d77ae89e: Pull complete
<truncated ouput...>
492ed3875e3e: Pull complete
fc0ab3008d40: Pull complete
dhe.yourdomain.com/ci-infrastructure/jnkns-img:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
Status: Downloaded newer image for dhe.yourdomain.com/ci-infrastructure/jnkns-img:latest
You can view the traffic throughput while the custom image is being pulled from
the `System Health` tab in DHE:
![DHE console pull throughput](../assets/console-pull.png)
Now that the `jnkns-img` image has been pulled locally from DHE, you can view it
in the output of the `docker images` command:
$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
dhe.yourdomain.com/ci-infrastructure/jnkns-img latest fc0ab3008d40 8 minutes ago 674.5 MB
## Launching a custom Jenkins container
Now that you've successfully pulled the customized Jenkins image from DHE, you
can create a container from it with the
[`docker run` command](https://docs.docker.com/reference/commandline/cli/#run):
$ docker run -p 1973:1973 --name jenkins01 dhe.yourdomain.com/ci-infrastructure/jnkns-img
/usr/share/jenkins/ref/init.groovy.d/tcp-slave-angent-port.groovy
/usr/share/jenkins/ref/init.groovy.d/tcp-slave-angent-port.groovy -> init.groovy.d/tcp-slave-angent-port.groovy
copy init.groovy.d/tcp-slave-angent-port.groovy to JENKINS_HOME
/usr/share/jenkins/ref/plugins/role-strategy.hpi
/usr/share/jenkins/ref/plugins/role-strategy.hpi -> plugins/role-strategy.hpi
copy plugins/role-strategy.hpi to JENKINS_HOME
/usr/share/jenkins/ref/plugins/dockerhub.hpi
/usr/share/jenkins/ref/plugins/dockerhub.hpi -> plugins/dockerhub.hpi
copy plugins/dockerhub.hpi to JENKINS_HOME
<truncated output...>
INFO: Jenkins is fully up and running
> **Note:** The `docker run` command above maps port 1973 in the container
> through to port 1973 on the host. This is the HTTPS port you specified in the
> Dockerfile earlier. If you specified a different HTTPS port in your
> Dockerfile, you will need to substitute this with the correct port numbers for
> your environment.
You can view the newly launched a container, called `jenkins01`, using the
[`docker ps` command](https://docs.docker.com/reference/commandline/cli/#ps):
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS ...PORTS NAMES
2e5d2f068504 dhe.yourdomain.com/ci-infrastructure/jnkns-img:latest "/usr/local/bin/jenk About a minute ago Up About a minute 50000/tcp, 0.0.0.0:1973->1973/tcp jenkins01
## Accessing the new Jenkins container
The previous `docker run` command mapped port `1973` on the container to port
`1973` on the Docker host, so the Jenkins Web UI can be accessed at
`https://<docker-host>:1973` (Don't forget the `s` at the end of `https`.)
> **Note:** If you are using a self-signed certificate, you may get a security
> warning from your browser telling you that the certificate is self-signed and
> not trusted. You may wish to add the certificate to the trusted store in order
> to prevent further warnings in the future.
![Jenkins landing page](../assets/jenkins-ui.png)
From within the Jenkins Web UI, navigate to `Manage Jenkins` (on the left-hand
pane) > `Manage Plugins` > `Installed`. The `Role-based Authorization Strategy`
plugin should be present with the `Uninstall` button available to the right.
![Jenkins plugin manager](../assets/jenkins-plugins.png)
In another browser session, try to access Jenkins via the default HTTP port 8080
`http://<docker-host>:8080`. This should result in a "connection timeout",
showing that Jenkins is not available on its default port 8080 over HTTP.
This demonstration shows your Jenkins image has been configured correctly for
HTTPS access, your new plugin was added and is ready for use, and HTTP access
has been disabled. At this point, any member of your team can use `docker pull`
to access the image from your DHE instance, allowing them to access a
configured, secured Jenkins instance that can run on any infrastructure.
## Next Steps
For more information on using DHE, take a look at the
[User's Guide](./userguide.md).

241
docs/sources/docker-hub-enterprise/release-notes.md
Просмотреть файл

@ -1,241 +0,0 @@
no_version_dropdown: true
page_title: Docker Hub Enterprise: Release notes
page_description: Release notes for Docker Hub Enterprise
page_keywords: docker, documentation, about, technology, understanding, enterprise, hub, registry, release
# Release Notes
## Docker Hub Enterprise
### DHE 1.0.1
(11 May 2015)
- Addresses compatibility issue with 1.6.1 CS Docker Engine
### DHE 1.0.0
(23 Apr 2015)
- First release
## Commercially Supported Docker Engine
### CS Docker Engine 1.6.2-cs5
(21 May 2015)
For customers running Docker Engine on [supported versions of Red Hat Enterprise
Linux (RHEL)](https://www.docker.com/enterprise/support/) with [SELinux
enabled](https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/
6/html/Security-Enhanced_Linux/sect-Security-Enhanced_Linux-Working_with_SELinux
-Enabling_and_Disabling_SELinux.html), the `docker build` and `docker run`
commands will not have DNS host name resolution and bind-mounted volumes may
not be accessible.
As a result, customers with SELinux will be unable to use hostname-based network
access in either `docker build` or `docker run`, nor will they be able to
`docker run` containers
that use `--volume` or `-v` bind-mounts (with an incorrect SELinux label) in
their environment. By installing Docker
Engine 1.6.2-cs5, customers can use Docker as intended on RHEL with SELinux enabled.
For example, you see will failures like:
```
[root@dhe ~]# docker -v
Docker version 1.6.0-cs2, build b8dd430
[root@dhe ~]# ping dhe.home.org.au
PING dhe.home.org.au (10.10.10.104) 56(84) bytes of data.
64 bytes from dhe.home.gateway (10.10.10.104): icmp_seq=1 ttl=64 time=0.663 ms
^C
--- dhe.home.org.au ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.078/0.370/0.663/0.293 ms
[root@dhe ~]# docker run --rm -it debian ping dhe.home.org.au
ping: unknown host
[root@dhe ~]# docker run --rm -it debian cat /etc/resolv.conf
cat: /etc/resolv.conf: Permission denied
[root@dhe ~]# docker run --rm -it debian apt-get update
Err http://httpredir.debian.org jessie InRelease
Err http://security.debian.org jessie/updates InRelease
Err http://httpredir.debian.org jessie-updates InRelease
Err http://security.debian.org jessie/updates Release.gpg
Could not resolve 'security.debian.org'
Err http://httpredir.debian.org jessie Release.gpg
Could not resolve 'httpredir.debian.org'
Err http://httpredir.debian.org jessie-updates Release.gpg
Could not resolve 'httpredir.debian.org'
[output truncated]
```
or when running a `docker build`:
```
[root@dhe ~]# docker build .
Sending build context to Docker daemon 11.26 kB
Sending build context to Docker daemon
Step 0 : FROM fedora
---> e26efd418c48
Step 1 : RUN yum install httpd
---> Running in cf274900ea35
One of the configured repositories failed (Fedora 21 - x86_64),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
[output truncated]
```
**Affected Versions**: All previous versions of Docker Engine when SELinux
is enabled.
Docker **highly recommends** that all customers running previous versions of
Docker Engine update to this release.
#### **How to workaround this issue**
Customers who choose not to install this update have two options. The
first option is to disable SELinux. This is *not recommended* for production
systems where SELinux is typically required.
The second option is to pass the following parameter in to `docker run`.
--security-opt=label:type:docker_t
This parameter cannot be passed to the `docker build` command.
#### **Upgrade notes**
When upgrading, make sure you stop DHE first, perform the Engine upgrade, and
then restart DHE.
If you are running with SELinux enabled, previous Docker Engine releases allowed
you to bind-mount additional volumes or files inside the container as follows:
$ docker run -it -v /home/user/foo.txt:/foobar.txt:ro <imagename>
In the 1.6.2-cs5 release, you must ensure additional bind-mounts have the correct
SELinux context. For example, if you want to mount `foobar.txt` as read-only
into the container, do the following to create and test your bind-mount:
1. Add the `z` option to the bind mount when you specify `docker run`.
$ docker run -it -v /home/user/foo.txt:/foobar.txt:ro,z <imagename>
2. Exec into your new container.
For example, if your container is `bashful_curie`, open a shell on the
container:
$ docker exec -it bashful_curie bash
3. Use `cat` to check the permissions on the mounted file.
$ cat /foobar.txt
the contents of foobar appear
If you see the file's contents, your mount succeeded. If you receive a
`Permission denied` message and/or the `/var/log/audit/audit.log` file on
your Docker host contains an AVC Denial message, the mount did not succeed.
type=AVC msg=audit(1432145409.197:7570): avc: denied { read } for pid=21167 comm="cat" name="foobar.txt" dev="xvda2" ino=17704136 scontext=system_u:system_r:svirt_lxc_net_t:s0:c909,c965 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file
Recheck your command line to make sure you passed in the `z` option.
### CS Docker Engine 1.6.2-cs4
(13 May 2015)
Fix mount regression for `/sys`.
### CS Docker Engine 1.6.1-cs3
(11 May 2015)
Docker Engine version 1.6.1 has been released to address several vulnerabilities
and is immediately available for all supported platforms. Users are advised to
upgrade existing installations of the Docker Engine and use 1.6.1 for new installations.
It should be noted that each of the vulnerabilities allowing privilege escalation
may only be exploited by a malicious Dockerfile or image. Users are advised to
run their own images and/or images built by trusted parties, such as those in
the official images library.
Please send any questions to security@docker.com.
#### **[CVE-2015-3629](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3629) Symlink traversal on container respawn allows local privilege escalation**
Libcontainer version 1.6.0 introduced changes which facilitated a mount namespace
breakout upon respawn of a container. This allowed malicious images to write
files to the host system and escape containerization.
Libcontainer and Docker Engine 1.6.1 have been released to address this
vulnerability. Users running untrusted images are encouraged to upgrade Docker Engine.
Discovered by Tõnis Tiigi.
#### **[CVE-2015-3627](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3627) Insecure opening of file-descriptor 1 leading to privilege escalation**
The file-descriptor passed by libcontainer to the pid-1 process of a container
has been found to be opened prior to performing the chroot, allowing insecure
open and symlink traversal. This allows malicious container images to trigger
a local privilege escalation.
Libcontainer and Docker Engine 1.6.1 have been released to address this
vulnerability. Users running untrusted images are encouraged to upgrade
Docker Engine.
Discovered by Tõnis Tiigi.
#### **[CVE-2015-3630](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3630) Read/write proc paths allow host modification & information disclosure**
Several paths underneath /proc were writable from containers, allowing global
system manipulation and configuration. These paths included `/proc/asound`,
`/proc/timer_stats`, `/proc/latency_stats`, and `/proc/fs`.
By allowing writes to `/proc/fs`, it has been noted that CIFS volumes could be
forced into a protocol downgrade attack by a root user operating inside of a
container. Machines having loaded the timer_stats module were vulnerable to
having this mechanism enabled and consumed by a container.
We are releasing Docker Engine 1.6.1 to address this vulnerability. All
versions up to 1.6.1 are believed vulnerable. Users running untrusted
images are encouraged to upgrade.
Discovered by Eric Windisch of the Docker Security Team.
#### **[CVE-2015-3631](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3631) Volume mounts allow LSM profile escalation**
By allowing volumes to override files of `/proc` within a mount namespace, a user
could specify arbitrary policies for Linux Security Modules, including setting
an unconfined policy underneath AppArmor, or a `docker_t` policy for processes
managed by SELinux. In all versions of Docker up until 1.6.1, it is possible for
malicious images to configure volume mounts such that files of proc may be overridden.
We are releasing Docker Engine 1.6.1 to address this vulnerability. All versions
up to 1.6.1 are believed vulnerable. Users running untrusted images are encouraged
to upgrade.
Discovered by Eric Windisch of the Docker Security Team.
#### **AppArmor policy improvements**
The 1.6.1 release also marks preventative additions to the AppArmor policy.
Recently, several CVEs against the kernel have been reported whereby mount
namespaces could be circumvented through the use of the sys_mount syscall from
inside of an unprivileged Docker container. In all reported cases, the
AppArmor policy included in libcontainer and shipped with Docker has been
sufficient to deflect these attacks. However, we have deemed it prudent to
proactively tighten the policy further by outright denying the use of the
`sys_mount` syscall.
Because this addition is preventative, no CVE-ID is requested.
### CS Docker Engine 1.6.0-cs2
(23 Apr 2015)
- First release, please see the [Docker Engine 1.6.0 Release notes](/release-notes/)
for more details.

20
docs/touch-up.sh Executable file
Просмотреть файл

@ -0,0 +1,20 @@
#!/bin/bash -e
# Sed to process GitHub Markdown
# 1-2 Remove comment code from metadata block
#
for i in ls -l /docs/content/*
do # Line breaks are important
if [ -d $i ] # Spaces are important
then
y=${i##*/}
find $i -type f -name "*.md" -exec sed -i.old \
-e '/^<!.*metadata]>/g' \
-e '/^<!.*end-metadata.*>/g' {} \;
fi
done

4
docs/userguide/dockerizing.md
Просмотреть файл

@ -15,7 +15,9 @@ parent = "smn_applied"
Docker allows you to run applications inside containers. Running an
application inside a container takes a single command: `docker run`.
{{ include "no-remote-sudo.md" }}
> **Note:** if you are using a remote Docker daemon, such as Boot2Docker,
> then _do not_ type the `sudo` before the `docker` commands shown in the
> documentation's examples.
## Hello world

1
docs/userguide/index.md
Просмотреть файл

@ -1,6 +1,5 @@
<!--[metadata]>
+++
draft = true
title = "The Docker user guide"
description = "The Docker user guide home page"
keywords = ["docker, introduction, documentation, about, technology, docker.io, user, guide, user's, manual, platform, framework, virtualization, home, intro"]

3
docs/userguide/level1.md
Просмотреть файл

@ -1,11 +1,8 @@
<!--[metadata]>
+++
draft = true
title = "Docker images test"
description = "How to work with Docker images."
keywords = ["documentation, docs, the docker guide, docker guide, docker, docker platform, virtualization framework, docker.io, Docker images, Docker image, image management, Docker repos, Docker repositories, docker, docker tag, docker tags, Docker Hub, collaboration"]
[menu.main]
parent = "identifier"
+++
<![end-metadata]-->

3
docs/userguide/level2.md
Просмотреть файл

@ -1,11 +1,8 @@
<!--[metadata]>
+++
draft = true
title = "Docker images test"
description = "How to work with Docker images."
keywords = ["documentation, docs, the docker guide, docker guide, docker, docker platform, virtualization framework, docker.io, Docker images, Docker image, image management, Docker repos, Docker repositories, docker, docker tag, docker tags, Docker Hub, collaboration"]
[menu.main]
parent = "identifier"
+++
<![end-metadata]-->