registry job from docker-registry/3.6.0

Docker Registry v2 API

Github source: 4576b26 or master branch

Properties¶

docker¶

cache¶

disabled¶

Set to true to disable blobdescriptor cache. This can be useful in pullthrough cache deployments where a container may be cached as not existing if it hasnt finished uploading to the upstream registry.

Default

false

host¶

IP address of the redis cache host

password¶

Password to access the cache host

pool¶

Configure the behavior of the Redis connection pool.

Default

  idletimeout: 300s
  maxactive: 64
  maxidle: 16

port¶

Port address of the cache host

Default

6379

mirror¶

host¶

Enables a registry to be configured as a pull through cache to the official Docker Hub. See mirror for more information

Example

https://registry-1.docker.io

password¶

Docker registry password

username¶

Docker registry username

registry¶

bind¶

What address to bind the Docker Registry v2 API

Default

127.0.0.1

cookie¶

A secret cookie used to sign state against tampering.

debug_endpoint¶

Debug endpoint can be used for monitoring registry metrics and health, as well as profiling

Default

127.0.0.1:5001

debug_endpoint_enabled¶

Debug endpoint enabled or disabled. It will create a log file with the dump of the health endpoint everytime the app it is stopped, useful with monit.

Default

true

debug_endpoint_monit¶

Enable monit restart capability using the debug endpoint. Setting to true will enable the debug endpoint.

Default

true

endpoint¶

Externally-reachable address for the registry, as a fully qualified URL. If present, it is used when creating generated URLs. Otherwise, these URLs are derived from client requests

Example

https://myregistryaddress.org:5000

health_cache_enabled¶

In case of cache is defined, enables a periodic health check on the redis host and port

Default

true

health_storagedriver_enabled¶

Enable periodic health check on the storage driver’s backend storage

Default

true

http_proxy¶

HTTP proxy to access other resources, like the upstream docker registry.

Example

http://proxy.company.com:8888

https_proxy¶

HTTPS proxy to access other resources, like the upstream docker registry.

Example

https://proxy.company.com:8443

loglevel¶

Sets the sensitivity of logging output. Permitted values are error, warn, info and debug

Default

info

no_proxy¶

Comma separated list of ips, hosts to exclude from the HTTP proxy connections

Example

localhost,.local,.internal.mycompany.com,192.168.0.1,192.168.0.2

notifications¶

Notifications are sent in response to manifest pushes and pulls and layer pushes and pulls

Example

endpoints:
- backoff: 1s
  headers:
    Authorization:
    - Bearer token
  name: alistener
  threshold: 5
  timeout: 500ms
  url: https://mylistener.example.com/event

ofiles¶

Open files (ulimit)

Default

10000

port¶

What port to run the Docker Registry v2 API on

Default

5000

relativeurls¶

Configure the registry to return relative URLs inm the Location headers, without the full hostname / IP. This is not compatible with Docker 1.7 and prior.

Default

false

reporting¶

Configures error and metrics reporting tools. At the moment only two services are supported, New Relic and Bugsnag

Example

newrelic:
  licensekey: newreliclicensekey
  name: newrelicname

root¶

Path (on-disk, locally) where the Docker registry should store its data (filesystem storage backend)

Default

/var/vcap/store/registry

ssl¶

cert¶

PEM-encoded SSL certificate for HTTPS registry operation

key¶

PEM-encoded private key for HTTPS registry operation

storage¶

Defines which storage backend is in use, otherwise filesystem backend will be used

Example

s3:
  accesskey: awsaccesskey
  bucket: bucketname
  chunksize: 5.24288e+06
  encrypt: true
  keyid: mykeyid
  region: us-west-1
  regionendpoint: http://myobjects.local
  rootdirectory: /s3/object/name/prefix
  secretkey: awssecretkey
  secure: true
  v4auth: true

storage_delete¶

Enable the deletion of image blobs and manifests by digest

Default

false

storage_disable_redirect¶

Route all data through the Registry, or redirect the client to the backend in order to download from there

Default

false

storage_maintenance¶

Maintenance jobs for storage, upload purging and read-only mode are the only functions available

Default

  readonly:
    enabled: false
  uploadpurging:
    age: 168h
    dryrun: false
    enabled: true
    interval: 24h

Templates¶

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/registry/ directory (learn more).

• bin/ctl (from bin/ctl)
• bin/monit_debugger (from bin/monit_debugger)
• config/gcs.key (from config/gcs.key)
• config/registry.conf (from config/registry.conf)
• data/properties.sh (from data/properties.sh.erb)
• helpers/ctl_setup.sh (from helpers/ctl_setup.sh)
• helpers/ctl_utils.sh (from helpers/ctl_utils.sh)
• tls/cert.pem (from tls/cert.pem)
• tls/key.pem (from tls/key.pem)

Packages¶

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.

• distribution
• golang