starlingx/docs
Code Issues Proposed changes

Merge "Update Ansible Docker registry keys"

Browse Source
This commit is contained in:
Zuul 2019-11-26 22:40:25 +00:00 committed by Gerrit Code Review
commit b789e3acc5
1 changed files with 53 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
doc/source/deploy_install_guides/r3_release/ansible_bootstrap_configs.rst
View File

@ -63,35 +63,51 @@ Install-time-only parameters
* ``docker_https_proxy`` * ``docker_https_proxy``
* ``docker_no_proxy`` * ``docker_no_proxy``
**Docker Registries** **Docker Registry Overrides**
* ``docker_registries`` * ``docker_registries``
* ``k8s.gcr.io`` * ``k8s.gcr.io``
* ``url`` * ``url``
* ``username``
* ``password``
* ``secure``
* ``gcr.io`` * ``gcr.io``
* ``url`` * ``url``
* ``username``
* ``password``
* ``secure``
* ``quay.io`` * ``quay.io``
* ``url`` * ``url``
* ``username``
* ``password``
* ``secure``
* ``docker.io`` * ``docker.io``
* ``url`` * ``url``
* ``username``
* ``password``
* ``secure``
* ``docker.elastic.co`` * ``docker.elastic.co``
* ``url`` * ``url``
* ``username``
* ``password``
* ``secure``
* ``defaults`` * ``defaults``
* ``url`` * ``url``
* ``username``
* ``secure`` * ``password``
* ``secure``
**Certificates** **Certificates**
@ -214,12 +230,22 @@ password
Additional configuration options in the `docker_registries` structure are: Additional configuration options in the `docker_registries` structure are:
unified defaults
A special public registry key which, if defined, will specify that images A special public registry key which defines common values to be applied to
from all public registries should be retrieved from this single source. all overrideable public registries. If only the `defaults` registry
Alternate registry values, if specified, are ignored. The `unified` key is defined, it will apply `url`, `username`, and `password` for all
supports the same set of alternate registry values of `url`, `username`, and registries.
`password`.
If values under specific registries are defined, they will override the
values defined in the defaults registry.
.. note::
The `defaults` key was formerly called `unified`. It was renamed
in StarlingX R3.0 and updated semantics were applied.
This change affects anyone with a StarlingX installation prior to R3.0 that
specifies alternate Docker registries using the `unified` key.
secure secure
Specifies whether the registry(s) supports HTTPS (secure) or HTTP (not secure). Specifies whether the registry(s) supports HTTPS (secure) or HTTP (not secure).
@ -243,26 +269,34 @@ ssl_ca_cert
certificate must be in PEM format and the file may contain a single CA certificate must be in PEM format and the file may contain a single CA
certificate or multiple CA certificates in a bundle. certificate or multiple CA certificates in a bundle.
The following example will apply `url`, `username`, and `password` to all
registries.
The following example specifies a single alternate registry from which to ::
bootstrap StarlingX, where the images of the public registries have been
copied to the single alternate registry. It additionally defines an alternate docker_registries:
registry certificate: defaults:
url: my.registry.io
username: myreguser
password: myregP@ssw0rd
The next example applies `username` and `password` from the defaults registry
to all public registries. `url` is different for each public registry. It
additionally specifies an alternate CA certificate.
:: ::
docker_registries: docker_registries:
k8s.gcr.io: k8s.gcr.io:
url: url: my.k8sregistry.io
gcr.io: gcr.io:
url: url: my.gcrregistry.io
quay.io: quay.io:
url: url: my.quayregistry.io
docker.io: docker.io:
url: url: my.dockerregistry.io
unified: defaults:
url: my.registry.io url: my.registry.io
secure: True
username: myreguser username: myreguser
password: myregP@ssw0rd password: myregP@ssw0rd