Add /etc/containers/certs.d to containers-common

Update containers-storage.conf man page to match latest upstream
Update registries.conf man page to match latest upstream
This commit is contained in:
Daniel J Walsh 2019-03-01 06:46:33 -05:00
parent 861f0ac6c8
commit aaf3a50adb
No known key found for this signature in database
GPG Key ID: A2DF901DABE2C028
3 changed files with 57 additions and 36 deletions

View File

@ -39,8 +39,10 @@ The `storage` table supports the following options:
**driver**="" **driver**=""
container storage driver (default: "overlay") container storage driver (default: "overlay")
Default Copy On Write (COW) container storage driver Default Copy On Write (COW) container storage driver
Valid drivers are "overlay", "vfs", "devmapper", "aufs", "btrfs", and "zfs"
Some drivers (for example, "zfs", "btrfs", and "aufs") may not work if your kernel lacks support for the filesystem
### STORAGE OPTIONS TABLE ### STORAGE OPTIONS TABLE
The `storage.options` table supports the following options: The `storage.options` table supports the following options:
@ -50,11 +52,6 @@ The `storage.options` table supports the following options:
**size**="" **size**=""
Maximum size of a container image. This flag can be used to set quota on the size of container images. (default: 10GB) Maximum size of a container image. This flag can be used to set quota on the size of container images. (default: 10GB)
**override_kernel_check**=""
Tell storage drivers to ignore kernel version checks. Some storage drivers assume that if a kernel is too
old, the driver is not supported. But for kernels that have had the drivers backported, this flag
allows users to override the checks
**mount_program**="" **mount_program**=""
Specifies the path to a custom program to use instead for mounting the file system. Specifies the path to a custom program to use instead for mounting the file system.

View File

@ -1,39 +1,56 @@
% registries.conf(5) Container Registries Configuration File % CONTAINERS-REGISTRIES.CONF(5) System-wide registry configuration file
% Dan Walsh % Brent Baude
% March 2018 % Aug 2017
## NAME # NAME
registries.conf - Syntax of Container Registries configuration file containers-registries.conf - Syntax of System Registry Configuration File
## DESCRIPTION # DESCRIPTION
The REGISTRIES configuration file specifies all of the available container registries for tools using shared container registries, but in a TOML format that can be more easily modified and versioned. `registries.conf` does not support recursive lists of registries. The default location for this configuration file is `/etc/containers/registries.conf`. The CONTAINERS-REGISTRIES configuration file is a system-wide configuration
file for container image registries. The file format is TOML. The valid
categories are: 'registries.search', 'registries.insecure', and
'registries.block'.
The only valid categories are: `registries.search`, `registries.insecure`, and `registries.block`. By default, the configuration file is located at `/etc/containers/registries.conf`.
# FORMAT
The TOML_format is used to build a simple list format for registries under three
categories: `registries.search`, `registries.insecure`, and `registries.block`.
You can list multiple registries using a comma separated list.
## FORMAT Search registries are used when the caller of a container runtime does not fully specify the
The [TOML format][toml] is used as the encoding of the configuration file. container image that they want to execute. These registries are prepended onto the front
Every option and subtable listed here is nested under a global "registries" table. of the specified container image until the named image is found at a registry.
No bare options are used.
## Examples Insecure Registries. By default container runtimes use TLS when retrieving images
[registries.search] from a registry. If the registry is not setup with TLS, then the container runtime
registries = ['quay.io', 'docker.io', 'registries.unsafe.com', 'registry.fedoraproject.org', 'registry.access.redhat.com'] will fail to pull images from the registry. If you add the registry to the list of
insecure registries then the container runtime will attempt use standard web protocols to
pull the image. It also allows you to pull from a registry with self-signed certificates.
Note insecure registries can be used for any registry, not just the registries listed
under search.
# If you need to access insecure registries, add the registry's fully-qualified name. Block Registries. The registries in this category are are not pulled from when
# An insecure registry is one that does not have a valid SSL certificate or only does HTTP. retrieving images.
[registries.insecure]
registries = ['registries.unsafe.com']
# If you need to block push access from a registry, uncomment the section below # EXAMPLE
# and add the registries fully-qualified name. The following example configuration defines two searchable registries, one
# insecure registry, and two blocked registries.
# Docker only
[registries.block]
registries = []
## Files ```
/etc/conainers/registries.conf [registries.search]
registries = ['registry1.com', 'registry2.com']
## HISTORY [registries.insecure]
March 2018, Originally compiled by Dan Walsh <dwalsh@redhat.com> registries = ['registry3.com']
[registries.block]
registries = ['registry.untrusted.com', 'registry.unsafe.com']
```
# HISTORY
Aug 2018, Renamed to containers-registries.conf(5) by Valentin Rothberg <vrothberg@suse.com>
Jun 2018, Updated by Tom Sweeney <tsweeney@redhat.com>
Aug 2017, Originally compiled by Brent Baude <bbaude@redhat.com>

View File

@ -38,7 +38,7 @@ Epoch: 1
Epoch: 0 Epoch: 0
%endif %endif
Version: 0.1.35 Version: 0.1.35
Release: 12.dev.git%{shortcommit0}%{?dist} Release: 13.dev.git%{shortcommit0}%{?dist}
Summary: Inspect Docker images and repositories on registries Summary: Inspect Docker images and repositories on registries
License: ASL 2.0 License: ASL 2.0
URL: %{git0} URL: %{git0}
@ -285,6 +285,7 @@ mkdir -p %{buildroot}%{_mandir}/man5
go-md2man -in %{SOURCE2} -out %{buildroot}%{_mandir}/man5/containers-storage.conf.5 go-md2man -in %{SOURCE2} -out %{buildroot}%{_mandir}/man5/containers-storage.conf.5
go-md2man -in %{SOURCE4} -out %{buildroot}%{_mandir}/man5/registries.conf.5 go-md2man -in %{SOURCE4} -out %{buildroot}%{_mandir}/man5/registries.conf.5
install -p -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/containers/ install -p -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/containers/
mkdir -p %{buildroot}%{_sysconfdir}/containers/certs.d
go-md2man -in %{SOURCE6} -out %{buildroot}%{_mandir}/man5/policy.json.5 go-md2man -in %{SOURCE6} -out %{buildroot}%{_mandir}/man5/policy.json.5
mkdir -p %{buildroot}%{_datadir}/containers mkdir -p %{buildroot}%{_datadir}/containers
@ -356,6 +357,7 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}
%files -n containers-common %files -n containers-common
%dir %{_sysconfdir}/containers %dir %{_sysconfdir}/containers
%dir %{_sysconfdir}/containers/certs.d
%dir %{_sysconfdir}/containers/registries.d %dir %{_sysconfdir}/containers/registries.d
%config(noreplace) %{_sysconfdir}/containers/policy.json %config(noreplace) %{_sysconfdir}/containers/policy.json
%config(noreplace) %{_sysconfdir}/containers/registries.d/default.yaml %config(noreplace) %{_sysconfdir}/containers/registries.d/default.yaml
@ -381,6 +383,11 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}
%{_datadir}/bash-completion/completions/%{name} %{_datadir}/bash-completion/completions/%{name}
%changelog %changelog
* Fri Mar 1 2019 Dan Walsh <dwalsh@fedoraproject.org> - 1:0.1.35-13.dev.git932b037
- Add /etc/containers/certs.d to containers-common
- Update containers-storage.conf man page to match latest upstream
- Update registries.conf man page to match latest upstream
* Sat Feb 23 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 1:0.1.35-12.dev.git932b037 * Sat Feb 23 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 1:0.1.35-12.dev.git932b037
- autobuilt 932b037 - autobuilt 932b037