starlingx/docs
Code Issues Proposed changes
docs/doc/source/usertasks/kubernetes-user-tutorials-authentication-and-authorization.rst
Stone f63f0912c6 User Tasks guide 
Fixed typo in LetsEncrypt example

Removed duplicate Datanet entry from main index.rst

Reworked Use Kubernetes CPU Manager Static Policy prerequisite block.

Restored fault/index version of FM toctree in top-level index.

Added merged doc entries to top level index.rst.

Incorporated review comments. Also some generic formatting clean-up such as
converting abbreviations to rST-style :abbr: markup.

Moved url with embedded substitution out of code-block.

Addressed patch 2 review comments. Some addtional rST tidying. See comment replies
for open questions/issues.

This patch fixes an issue with 'stx' in filenames that may differ downstream using-an-image-from-the-local-docker-registry-in-a-container-spec
new substitution and changing code-blocks to parsed-literals as required.

Initial submission for review. Note that a couple of references to WR persist
in examples. These will be marked up with comments in the review.

Signed-off-by: Stone <ronald.stone@windriver.com>
Change-Id: I1efef569842caff5def9dc00395b594d91d7a5d0
Signed-off-by: Stone <ronald.stone@windriver.com>
2020-12-02 10:34:53 -05:00

1.5 KiB
Raw Blame History

Local Docker Registry Authentication and Authorization

Authentication is enabled for the local docker registry. When logging in, users are authenticated using their platform keystone credentials.

For example:

$ docker login registry.local:9001 -u <keystoneUserName> -p <keystonePassword>

An authorized administrator can perform any docker action, while regular users can only interact with their own repositories (i.e. registry.local:9001/<keystoneUserName>/). For example, only admin and testuser accounts can push to or pull from:

registry.local:9001/testuser/busybox:latest

Username and Docker Compatibility

Repository names in Docker registry paths must be lower case. For this reason, a keystone user must exist that consists of all lower case characters. For example, the user testuser is correct in the following URL, while testUser would result in an error:

registry.local:9001/testuser/busybox:latest

https://docs.docker.com/engine/reference/commandline/docker/ for more information about docker commands.