From 9173763b549c221093ab041e4bb4a66123f745a8 Mon Sep 17 00:00:00 2001 From: Tianon Gravi Date: Mon, 29 Jul 2024 14:08:18 -0700 Subject: [PATCH] Remove deprecated/removed repos Once their `library/` files are gone, we don't need to keep updating their descriptions. --- centos/README-short.txt | 1 - centos/README.md | 169 --------------- centos/content.md | 108 ---------- centos/deprecated.md | 1 - centos/github-repo | 1 - centos/issues.md | 1 - centos/license.md | 1 - centos/logo.png | Bin 9224 -> 0 bytes centos/maintainer.md | 1 - centos/metadata.json | 5 - consul/README-short.txt | 1 - consul/README.md | 258 ----------------------- consul/content.md | 197 ------------------ consul/deprecated.md | 1 - consul/github-repo | 1 - consul/license.md | 1 - consul/logo.svg | 7 - consul/maintainer.md | 1 - consul/metadata.json | 5 - express-gateway/README-short.txt | 1 - express-gateway/README.md | 124 ----------- express-gateway/content.md | 63 ------ express-gateway/deprecated.md | 1 - express-gateway/github-repo | 1 - express-gateway/license.md | 1 - express-gateway/logo.png | Bin 38611 -> 0 bytes express-gateway/maintainer.md | 1 - express-gateway/metadata.json | 5 - jobber/README-short.txt | 1 - jobber/README.md | 74 ------- jobber/content.md | 13 -- jobber/deprecated.md | 1 - jobber/github-repo | 1 - jobber/license.md | 1 - jobber/maintainer.md | 1 - jobber/metadata.json | 5 - nats-streaming/README-short.txt | 1 - nats-streaming/README.md | 340 ------------------------------- nats-streaming/content.md | 279 ------------------------- nats-streaming/deprecated.md | 1 - nats-streaming/github-repo | 1 - nats-streaming/license.md | 1 - nats-streaming/logo.png | Bin 9499 -> 0 bytes nats-streaming/maintainer.md | 1 - nats-streaming/metadata.json | 5 - vault/README-short.txt | 1 - vault/README.md | 129 ------------ vault/content.md | 68 ------- vault/deprecated.md | 1 - vault/github-repo | 1 - vault/license.md | 1 - vault/logo.svg | 6 - vault/maintainer.md | 1 - vault/metadata.json | 7 - 54 files changed, 1898 deletions(-) delete mode 100644 centos/README-short.txt delete mode 100644 centos/README.md delete mode 100644 centos/content.md delete mode 100644 centos/deprecated.md delete mode 100644 centos/github-repo delete mode 100644 centos/issues.md delete mode 100644 centos/license.md delete mode 100644 centos/logo.png delete mode 100644 centos/maintainer.md delete mode 100644 centos/metadata.json delete mode 100644 consul/README-short.txt delete mode 100644 consul/README.md delete mode 100644 consul/content.md delete mode 100644 consul/deprecated.md delete mode 100644 consul/github-repo delete mode 100644 consul/license.md delete mode 100644 consul/logo.svg delete mode 120000 consul/maintainer.md delete mode 100644 consul/metadata.json delete mode 100644 express-gateway/README-short.txt delete mode 100644 express-gateway/README.md delete mode 100644 express-gateway/content.md delete mode 100644 express-gateway/deprecated.md delete mode 100644 express-gateway/github-repo delete mode 100644 express-gateway/license.md delete mode 100644 express-gateway/logo.png delete mode 100644 express-gateway/maintainer.md delete mode 100644 express-gateway/metadata.json delete mode 100644 jobber/README-short.txt delete mode 100644 jobber/README.md delete mode 100644 jobber/content.md delete mode 100644 jobber/deprecated.md delete mode 100644 jobber/github-repo delete mode 100644 jobber/license.md delete mode 100644 jobber/maintainer.md delete mode 100644 jobber/metadata.json delete mode 100644 nats-streaming/README-short.txt delete mode 100644 nats-streaming/README.md delete mode 100644 nats-streaming/content.md delete mode 100644 nats-streaming/deprecated.md delete mode 100644 nats-streaming/github-repo delete mode 100644 nats-streaming/license.md delete mode 100644 nats-streaming/logo.png delete mode 120000 nats-streaming/maintainer.md delete mode 100644 nats-streaming/metadata.json delete mode 100644 vault/README-short.txt delete mode 100644 vault/README.md delete mode 100644 vault/content.md delete mode 100644 vault/deprecated.md delete mode 100644 vault/github-repo delete mode 100644 vault/license.md delete mode 100644 vault/logo.svg delete mode 120000 vault/maintainer.md delete mode 100644 vault/metadata.json diff --git a/centos/README-short.txt b/centos/README-short.txt deleted file mode 100644 index 8783972e1..000000000 --- a/centos/README-short.txt +++ /dev/null @@ -1 +0,0 @@ -DEPRECATED; The official build of CentOS. diff --git a/centos/README.md b/centos/README.md deleted file mode 100644 index 2ad8ba2b8..000000000 --- a/centos/README.md +++ /dev/null @@ -1,169 +0,0 @@ - - -# **DEPRECATION NOTICE** - -*All* tags of this image are EOL ([June 30, 2024](https://www.redhat.com/en/topics/linux/centos-linux-eol) / [docker-library/official-images#17094](https://github.com/docker-library/official-images/pull/17094), although the last meaningful update was November 16, 2020, long before the EOL date: [docker-library/official-images#9102](https://github.com/docker-library/official-images/pull/9102); see also https://www.centos.org/centos-linux-eol/ and [docker-library/docs#2205](https://github.com/docker-library/docs/pull/2205)). Please adjust your usage accordingly. - -# Quick reference - -- **Maintained by**: - [The CentOS Project](https://github.com/CentOS/sig-cloud-instance-images) - -- **Where to get help**: - [the Docker Community Slack](https://dockr.ly/comm-slack), [Server Fault](https://serverfault.com/help/on-topic), [Unix & Linux](https://unix.stackexchange.com/help/on-topic), or [Stack Overflow](https://stackoverflow.com/help/on-topic) - -# Supported tags and respective `Dockerfile` links - -**No supported tags** - -# Quick reference (cont.) - -- **Where to file issues**: - [https://bugs.centos.org](https://bugs.centos.org) or [GitHub](https://github.com/CentOS/sig-cloud-instance-images/issues) - -- **Supported architectures**: ([more info](https://github.com/docker-library/official-images#architectures-other-than-amd64)) - **No supported architectures** - -- **Published image artifact details**: - [repo-info repo's `repos/centos/` directory](https://github.com/docker-library/repo-info/blob/master/repos/centos) ([history](https://github.com/docker-library/repo-info/commits/master/repos/centos)) - (image metadata, transfer size, etc) - -- **Image updates**: - [official-images repo's `library/centos` label](https://github.com/docker-library/official-images/issues?q=label%3Alibrary%2Fcentos) - [official-images repo's `library/centos` file](https://github.com/docker-library/official-images/blob/master/library/centos) ([history](https://github.com/docker-library/official-images/commits/master/library/centos)) - -- **Source of this description**: - [docs repo's `centos/` directory](https://github.com/docker-library/docs/tree/master/centos) ([history](https://github.com/docker-library/docs/commits/master/centos)) - -# CentOS - -CentOS Linux is a community-supported distribution derived from sources freely provided to the public by [Red Hat](ftp://ftp.redhat.com/pub/redhat/linux/enterprise/) for Red Hat Enterprise Linux (RHEL). As such, CentOS Linux aims to be functionally compatible with RHEL. The CentOS Project mainly changes packages to remove upstream vendor branding and artwork. CentOS Linux is no-cost and free to redistribute. Each CentOS Linux version is maintained for up to 10 years (by means of security updates -- the duration of the support interval by Red Hat has varied over time with respect to Sources released). A new CentOS Linux version is released approximately every 2 years and each CentOS Linux version is periodically updated (roughly every 6 months) to support newer hardware. This results in a secure, low-maintenance, reliable, predictable, and reproducible Linux environment. - -> [wiki.centos.org](https://wiki.centos.org/FrontPage) - -![logo](https://raw.githubusercontent.com/docker-library/docs/c4df0024e2cad985326dc38f6b6ce39abeab59c5/centos/logo.png) - -# CentOS image documentation - -The `centos:latest` tag is always the most recent version currently available. - -## Rolling builds - -The CentOS Project offers regularly updated images for all active releases. These images will be updated monthly or as needed for emergency fixes. These rolling updates are tagged with the major version number only. For example: `docker pull centos:6` or `docker pull centos:7` - -## Minor tags - -Additionally, images with minor version tags that correspond to install media are also offered. **These images DO NOT receive updates** as they are intended to match installation iso contents. If you choose to use these images it is highly recommended that you include `RUN yum -y update && yum clean all` in your Dockerfile, or otherwise address any potential security concerns. To use these images, please specify the minor version tag: - -For example: `docker pull centos:5.11` or `docker pull centos:6.6` - -## Overlayfs and yum - -Recent Docker versions support the [overlayfs](https://docs.docker.com/engine/userguide/storagedriver/overlayfs-driver/) backend, which is enabled by default on most distros supporting it from Docker 1.13 onwards. On Centos 6 and 7, **that backend requires yum-plugin-ovl to be installed and enabled**; while it is installed by default in recent centos images, make it sure you retain the `plugins=1` option in `/etc/yum.conf` if you update that file; otherwise, you may encounter errors related to rpmdb checksum failure - see [Docker ticket 10180](https://github.com/docker/docker/issues/10180) for more details. - -# Package documentation - -By default, the CentOS containers are built using yum's `nodocs` option, which helps reduce the size of the image. If you install a package and discover files missing, please comment out the line `tsflags=nodocs` in `/etc/yum.conf` and reinstall your package. - -# Systemd integration - -Systemd is now included in both the centos:7 and centos:latest base containers, but it is not active by default. In order to use systemd, you will need to include text similar to the example Dockerfile below: - -## Dockerfile for systemd base image - -```dockerfile -FROM centos:7 -ENV container docker -RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \ -systemd-tmpfiles-setup.service ] || rm -f $i; done); \ -rm -f /lib/systemd/system/multi-user.target.wants/*;\ -rm -f /etc/systemd/system/*.wants/*;\ -rm -f /lib/systemd/system/local-fs.target.wants/*; \ -rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ -rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ -rm -f /lib/systemd/system/basic.target.wants/*;\ -rm -f /lib/systemd/system/anaconda.target.wants/*; -VOLUME [ "/sys/fs/cgroup" ] -CMD ["/usr/sbin/init"] -``` - -This Dockerfile deletes a number of unit files which might cause issues. From here, you are ready to build your base image. - -```console -$ docker build --rm -t local/c7-systemd . -``` - -## Example systemd enabled app container - -In order to use the systemd enabled base container created above, you will need to create your `Dockerfile` similar to the one below. - -```dockerfile -FROM local/c7-systemd -RUN yum -y install httpd; yum clean all; systemctl enable httpd.service -EXPOSE 80 -CMD ["/usr/sbin/init"] -``` - -Build this image: - -```console -$ docker build --rm -t local/c7-systemd-httpd . -``` - -## Running a systemd enabled app container - -In order to run a container with systemd, you will need to mount the cgroups volumes from the host. Below is an example command that will run the systemd enabled httpd container created earlier. - -```console -$ docker run -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 80:80 local/c7-systemd-httpd -``` - -This container is running with systemd in a limited context, with the cgroups filesystem mounted. There have been reports that if you're using an Ubuntu host, you will need to add `-v /tmp/$(mktemp -d):/run` in addition to the cgroups mount. - -## A note about vsyscall - -CentOS 6 binaries and/or libraries are built to expect some system calls to be accessed via `vsyscall` mappings. Some linux distributions have opted to disable `vsyscall` entirely (opting exclusively for more secure `vdso` mappings), causing segmentation faults. - -If running `docker run --rm -it centos:centos6.7 bash` immediately exits with status code `139`, check to see if your system has disabled vsyscall: - -```console -$ cat /proc/self/maps | egrep 'vdso|vsyscall' -7fffccfcc000-7fffccfce000 r-xp 00000000 00:00 0 [vdso] -$ -``` - -vs - -```console -$ cat /proc/self/maps | egrep 'vdso|vsyscall' -7fffe03fe000-7fffe0400000 r-xp 00000000 00:00 0 [vdso] -ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] -``` - -If you do not see a `vsyscall` mapping, and you need to run a CentOS 6 container, try adding `vsyscall=emulated` to the kernel options in your bootloader - -Further reading : [lwn.net](https://lwn.net/Articles/446528/) - -# License - -View [license information](https://www.centos.org/legal/) for the software contained in this image. - -As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). - -Some additional license information which was able to be auto-detected might be found in [the `repo-info` repository's `centos/` directory](https://github.com/docker-library/repo-info/tree/master/repos/centos). - -As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. diff --git a/centos/content.md b/centos/content.md deleted file mode 100644 index 2ad2c140c..000000000 --- a/centos/content.md +++ /dev/null @@ -1,108 +0,0 @@ -# CentOS - -CentOS Linux is a community-supported distribution derived from sources freely provided to the public by [Red Hat](ftp://ftp.redhat.com/pub/redhat/linux/enterprise/) for Red Hat Enterprise Linux (RHEL). As such, CentOS Linux aims to be functionally compatible with RHEL. The CentOS Project mainly changes packages to remove upstream vendor branding and artwork. CentOS Linux is no-cost and free to redistribute. Each CentOS Linux version is maintained for up to 10 years (by means of security updates -- the duration of the support interval by Red Hat has varied over time with respect to Sources released). A new CentOS Linux version is released approximately every 2 years and each CentOS Linux version is periodically updated (roughly every 6 months) to support newer hardware. This results in a secure, low-maintenance, reliable, predictable, and reproducible Linux environment. - -> [wiki.centos.org](https://wiki.centos.org/FrontPage) - -%%LOGO%% - -# CentOS image documentation - -The `%%IMAGE%%:latest` tag is always the most recent version currently available. - -## Rolling builds - -The CentOS Project offers regularly updated images for all active releases. These images will be updated monthly or as needed for emergency fixes. These rolling updates are tagged with the major version number only. For example: `docker pull %%IMAGE%%:6` or `docker pull %%IMAGE%%:7` - -## Minor tags - -Additionally, images with minor version tags that correspond to install media are also offered. **These images DO NOT receive updates** as they are intended to match installation iso contents. If you choose to use these images it is highly recommended that you include `RUN yum -y update && yum clean all` in your Dockerfile, or otherwise address any potential security concerns. To use these images, please specify the minor version tag: - -For example: `docker pull %%IMAGE%%:5.11` or `docker pull %%IMAGE%%:6.6` - -## Overlayfs and yum - -Recent Docker versions support the [overlayfs](https://docs.docker.com/engine/userguide/storagedriver/overlayfs-driver/) backend, which is enabled by default on most distros supporting it from Docker 1.13 onwards. On Centos 6 and 7, **that backend requires yum-plugin-ovl to be installed and enabled**; while it is installed by default in recent %%IMAGE%% images, make it sure you retain the `plugins=1` option in `/etc/yum.conf` if you update that file; otherwise, you may encounter errors related to rpmdb checksum failure - see [Docker ticket 10180](https://github.com/docker/docker/issues/10180) for more details. - -# Package documentation - -By default, the CentOS containers are built using yum's `nodocs` option, which helps reduce the size of the image. If you install a package and discover files missing, please comment out the line `tsflags=nodocs` in `/etc/yum.conf` and reinstall your package. - -# Systemd integration - -Systemd is now included in both the %%IMAGE%%:7 and %%IMAGE%%:latest base containers, but it is not active by default. In order to use systemd, you will need to include text similar to the example Dockerfile below: - -## Dockerfile for systemd base image - -```dockerfile -FROM %%IMAGE%%:7 -ENV container docker -RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \ -systemd-tmpfiles-setup.service ] || rm -f $i; done); \ -rm -f /lib/systemd/system/multi-user.target.wants/*;\ -rm -f /etc/systemd/system/*.wants/*;\ -rm -f /lib/systemd/system/local-fs.target.wants/*; \ -rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ -rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ -rm -f /lib/systemd/system/basic.target.wants/*;\ -rm -f /lib/systemd/system/anaconda.target.wants/*; -VOLUME [ "/sys/fs/cgroup" ] -CMD ["/usr/sbin/init"] -``` - -This Dockerfile deletes a number of unit files which might cause issues. From here, you are ready to build your base image. - -```console -$ docker build --rm -t local/c7-systemd . -``` - -## Example systemd enabled app container - -In order to use the systemd enabled base container created above, you will need to create your `Dockerfile` similar to the one below. - -```dockerfile -FROM local/c7-systemd -RUN yum -y install httpd; yum clean all; systemctl enable httpd.service -EXPOSE 80 -CMD ["/usr/sbin/init"] -``` - -Build this image: - -```console -$ docker build --rm -t local/c7-systemd-httpd . -``` - -## Running a systemd enabled app container - -In order to run a container with systemd, you will need to mount the cgroups volumes from the host. Below is an example command that will run the systemd enabled httpd container created earlier. - -```console -$ docker run -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 80:80 local/c7-systemd-httpd -``` - -This container is running with systemd in a limited context, with the cgroups filesystem mounted. There have been reports that if you're using an Ubuntu host, you will need to add `-v /tmp/$(mktemp -d):/run` in addition to the cgroups mount. - -## A note about vsyscall - -CentOS 6 binaries and/or libraries are built to expect some system calls to be accessed via `vsyscall` mappings. Some linux distributions have opted to disable `vsyscall` entirely (opting exclusively for more secure `vdso` mappings), causing segmentation faults. - -If running `docker run --rm -it centos:centos6.7 bash` immediately exits with status code `139`, check to see if your system has disabled vsyscall: - -```console -$ cat /proc/self/maps | egrep 'vdso|vsyscall' -7fffccfcc000-7fffccfce000 r-xp 00000000 00:00 0 [vdso] -$ -``` - -vs - -```console -$ cat /proc/self/maps | egrep 'vdso|vsyscall' -7fffe03fe000-7fffe0400000 r-xp 00000000 00:00 0 [vdso] -ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] -``` - -If you do not see a `vsyscall` mapping, and you need to run a CentOS 6 container, try adding `vsyscall=emulated` to the kernel options in your bootloader - -Further reading : [lwn.net](https://lwn.net/Articles/446528/) diff --git a/centos/deprecated.md b/centos/deprecated.md deleted file mode 100644 index 1ebf7d3d0..000000000 --- a/centos/deprecated.md +++ /dev/null @@ -1 +0,0 @@ -*All* tags of this image are EOL ([June 30, 2024](https://www.redhat.com/en/topics/linux/centos-linux-eol) / [docker-library/official-images#17094](https://github.com/docker-library/official-images/pull/17094), although the last meaningful update was November 16, 2020, long before the EOL date: [docker-library/official-images#9102](https://github.com/docker-library/official-images/pull/9102); see also https://www.centos.org/centos-linux-eol/ and [docker-library/docs#2205](https://github.com/docker-library/docs/pull/2205)). Please adjust your usage accordingly. diff --git a/centos/github-repo b/centos/github-repo deleted file mode 100644 index 6fdc93e0b..000000000 --- a/centos/github-repo +++ /dev/null @@ -1 +0,0 @@ -https://github.com/CentOS/sig-cloud-instance-images diff --git a/centos/issues.md b/centos/issues.md deleted file mode 100644 index e1323c7c9..000000000 --- a/centos/issues.md +++ /dev/null @@ -1 +0,0 @@ -[https://bugs.centos.org](https://bugs.centos.org) or [GitHub](%%GITHUB-REPO%%/issues) diff --git a/centos/license.md b/centos/license.md deleted file mode 100644 index 6ae999d58..000000000 --- a/centos/license.md +++ /dev/null @@ -1 +0,0 @@ -View [license information](https://www.centos.org/legal/) for the software contained in this image. diff --git a/centos/logo.png b/centos/logo.png deleted file mode 100644 index c74856787c3efb62fefe932cd737b565f1fe2cf2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 9224 zcmcgyWm8;Du*Tgj5F8d+G+1yaz~U?t2(H0p7k3SAi@Pn5;1YsMkl;>mw}jyCaC!g0 z{c@{roto2CQ|EN|%sfwbSJy;os43uLy~RR6K)?kl%7I_y;C}-H?e$%ySDp7N(9D$; z}9uYb({HxOl5v%Ov?(cM6*AJEq@$w^6A{VQgN5fJDQKyuRB zUQ0*0o^B++w}QGv4W^NMialYf2&h1b5(yFl?Pz{Vj1cPn8(#@}%nwl#Ndz1itcrvr zscg6Kuj;L+nwoTAFdYgUgimiJD0*`<;FK2TP!C!l8GITa63)zB%xt?^JGst843{a? zU?su&{}R!Z6hJF+;I11fF;=**Ft{X?lue!l>jtt@YuFzvGemDiolfQR<9qH>k^#($ z?F&h&emnutsx<|y)TU~DzmDJ?0Qx#A@}0K{u>LiJ&6l4Pb(b5x7X4Iqg4uC9)G|K~ zna*E>EGl3Qvv`JF3sZ@g`&xh;Uy0@QB zGNN0Cx^u>A!U%4@>1hi@!g_U*<;=y~MLu5`19#a-lgrUs2zS4tQz0NxLvZLH4o^Nj zcLqM_jmDwxI8+nK;DGDOQCgCA7VuG0<>J|4D!nVsT`)O;x)ds>Yy-)-exKWzoUvfL zUq-*_ta39I5O6!ZhD|q6yJKhTm}}&^{211yUwxjMxd?QsTzk7|BD(%ZBF&84el4%z zj`%b!z1X~gV5^cy&b5(F5`lW;zSWkJhWTN1+%F&9Ei3BVPw`zs(%f(YN$tIMQ*99v zm90f?#fCf%?+2X>jHwK5>@iKyZU+_~LTe#6pjxV(MGMY|Zmd8N`h;cp+Y z`5-uO!^aKJ9}&wBIQS?lR{0xLZPg;XL`Yx3-DJmp z+bouYvi!AhrY>3kc2B_+qsKeqg70yQ@BeAS*4`|H$1#MO-{*rqkiaM=d+I4(JBV{`x^wxS*#C zG0BMqj19fCB4*-Lx_OznptMWO7Zgb?cf34{}R<< zHAMM9z|lJ=X!K^|7N(dl3?dDB-XW&W$at(UtQd|{n(E-Z|YS!!f>O6LxmpGZbIoK^S zc5{TUl;F?-y{=cP>qCMC-sNTjlVn@!_H)0wM)3zDuF@Q>elH*y!z!R{%h+j8UF@ zAiKs+hJj$6uDYw#m%a3Di!v&O@!cfG2!D2udhZ^)bbw>NCX7`&TJhmt^FO!qp17C6 z%*IRuq@aL%zAvv@W2H0p*W5(n%H7zdU|l(|(N^nMtxnxfG4diidQYO1jFJ<46PvK@ zJu2b7-Q-@Tp>q=>m>bnH@tA`H9BhIKw#k1(WnW1&5%AL!b@(-2e>;>AexsW4cka^h zta;5@>bN$DK$NEAh)T6*YzKxS=(L zP|6}G1)Gve0Np34^WoskbI~0VFAHOKo@usA5PRUZrndIq+J-NyX-PH{i)W3q{s1&O zRRw;C=k}d6I#T6 zgS@(nTa^Gw9&}am{ka`SnewY4c91pi0kMJz)4obVDIdWHl`m{@<fC8>6$nox+KHxmK{Q9G=c}wP)dJlf^}QN6 zlaL|*yYv@Vrs8UZW$0rR<4|pGVSvl$^85E()7~%7k4AXH&j-fwIiT*@;y?Q0mJ;dl zCajvb3AEzrzEBsdG&#(z#BE$thVINK7NL%p9fACdCgPK`k-8?ro^Hvv9q}diPu|xi zgDS5(gTd?Y`5k4BYC!P=y(wowo<&oBR2a8sgPDUggx_tLr=}0Gv-fcFO89z1OtA27 zB;qf`oHgH^lBczcrIwqVPa80}a`8N7g+zB1p!GW=)I# z^%#xjO+w!2xOsnm)Z`0&Py00%W|L|duSdtra>02Zi0!soF~0z{LzJZTB@UKPmwzer zj#D@XK_o5+5PC>dQY9!2VHuP+126Fz?0@dPe2s;X{QkC`4xcCemhE6sz$?x-@oNN( zq|l|x#xHj31rc|Zp5BGhrYtpXsd4W7v6w-S9zY|u(X>#^ds_7Q!miiTB%*Wg(9Pn8 z@qA?AD)GpRJjj<~k9S&lQj|1ndyrx=D8@zIropyJ`}Ao3-oXWQZfXVV(*x~hAd4Zp zJf`*ri>U)A; ztdNim1tiHtMmS%#Gq4p>T?DZp#vdtKUnP3q#Z!FWT0CzJY~v%q8}%$5qv%E&MMg_^ zH>L6Rdf)YwcC$&`0zlOBC{|`*%cQ~%8bAd9V6NRe`{0yNvCf0iWrtWo7N6EDqH**7 zV-+EK`{rX{D8W{2$~ka@w4j7wD2-mag=>@C&;r7kT9v&$*zn@hsjXJd z^V*UPcr1L(%j5OEws1RG6Z;JPMzBTr8`RZlA0L4b|B_>P3_)-pZwP_cJP$4&GM5+{ zDBe~G+h>^?rN`2AG#lDVBsl!Av91e>%H4qQV+WzhHe?(cD5Q-Ka8II_Rn6G7U& zV%poU-`f|GUDkTqwC4_af3x>5#&B#Vh}v|ec?|{qK{xVL^0a&1cBNT<+*+(w<4U@E zJ!?m~fLkcd!};yUPG`-|e|Vj=VFbD2VOQGCau{ z6PKc-535FL>14V?YNn-gU8U)~`vYzo5TKn+>u%Li=A^^5txVbtuVT@^VLb5q7>*?E&4r9;lta=bba!@p-twE)_)!z>j-lxB-a|1gz;?r z8HY9ZQCzKmOav()5X}#qjbSUFQ}fx}@y*(P@nVLUa3dw=)fc{?_O6vr~dmqa6#2x|j2vyq=e1tEY1? zLCDc^^6jcHrl9GD{#?)kZBS5j}}87 zB;V@W&A%0@rFK@Ki2Yf>!|CBqBaHBfY}mAFXFIpeaaT+^^4uH&jh|=5pxgNe{gn@yuVb%Fr7jPSs!o+<1?me=s4MZ;A7Z)4UeS_ zdODSs#T-xI^AE8HgC-|M8yi)GX~#1Cx)TYvRkXjAYm$jjit6k%!<+DC07#kMai+Kh zkco?S(&@7qjQ%_x7WD)fnX0cJ)Z9mPRXP`Xhg}d*MsOc^4xb+vce6n^_Aa57!6;SH zABmt1NdFv|{T?^7Yr_=>O@Y?|6z?*;2@d-GfZmeU`_LHQt<8PH7=Ec7kqdhauk-kf z)HZsS1$cUB+Lf%qml65`!P8B%P9*|#0k{!PkY-ONQ~r(FnOq1*;Ggu3)Cei9fs%C_ zY&LJauh*v}!op+n0IY-Q(9bhDA`2@ypg#`s?R%P&kJbc|2h^1>-}cTC=dUhJMPh0S6Q zheolquNmKJBw)Ou%VI!d&+i?Qq$F{^e{1g9wl3M-%3P@O(8^7xEG(Yy-R~3qAV3+< z+`f#|pPLxYsKWcI+uLUOG<@W-aDutvESCRtQy^0z|DE}xTU5! z%FJqyIjQUcLk(R9H)NxC8$5pgsvO3Tj4!}oDlX7gY4Y8G3IW>V@_@P1iex?@T~IPQ zFOzY|w;(fyZh#>SI5>6Ys{1KboRL);Ycsd0i=Lf5TY;t}^rH!7P-#oL_}}~av34DrIm<4?uyxuAzqgA)r?{L=` zhYP;m|Msi@GiUs1c&V}N;;`%CINSSXwJ<{kP2$s~xU-6}?-*n!u`!T~qRoODwjzNF zO_si6T09rxJ!qFD5)_Ck%qrGr8vUuKH3xg1(Ib%Q!25^^=I>li>yF_L_%dew=O?=J z=bpaK>b<%DHgZSHhKXXrRqFSYu7gRg-YbXMt|r>e=fv3Gy5x`kld3z3`b~w z2>$%uX<-1nSkmm*Xrb7>jRFoD@*6Hg>)EePuj}0YRkhP)@|gBV^y%1HR%H~K9Ovyx zS67s0*-OoAPddd7*L2z!lLOYrWp&w%kRc^QzYj2|ui`R)N_QKXh226n!kFA#Fe=Jp zFMY(-;HT-P1Wm}-x9}Z@wf6ki^5O7b^3EV3MV(ka)hm(RhtAe2<4V{fDwu_9gJRdI z1p)Vsz7+Yjn|JmwM|B3r^jFk_Om8Nr1O}q2;4dWKb~Hi^MVEi{U#viBlQV6hSHg3Z zi>ZGy5Rt1nRB{BM$b8m*2G*M+(I$$&YLcm7-*Y3?ZzJ1bIjcv1lNY9?$ZK;Ke(j#* zqpy||eH5r`@4Z=PdiQTJ0R!uLJG*B4{E(9W_PueSKS5SnAjmfp1pAHxWO{Duh&IW_ z#0c%OfJ}j|7mWYXnc&dTd3b8e*7aNkP%2 zjt1!DdDbR7TknnHk}^B!W6~z4Zjg_i+fzr?dAvzARZ6U9 z;yPB}8(qZd7Qb1MsWEQS&bfwG#b?OUxLm7BFh1DM-vzlm|c~Ll=y&{i8Tg#LP zLquLm_03SZI$^Fo@C*ByFzSCIs?aox(n18!(W^D3H4v!~m29@4Pj*wvZACCQIWk*}SP0)VpT z>F`KJ5)re?;mB)ROzosnMcach>JAm!B~E|d==S)2LIB=6aehUW(`pu<;u-Ipgzf0YFaHMfCFK)h)d(Y7ITk%v`CGZ9nl4<2^R2sM#AiI0A)i=ygZ&Ck zinaLW^+jJpg>c@zR_8?aikqO0zmb5USnbNlS)%?TUr4$1aJ6n0VmpG%{W(o%Y}b#E z_wLRjxxaLb5}x%L!pMuv_1&jy)?tc~fm?pZx^Y3em)IuYE$Eev2xAjfKC7@cE`;$n zz!`~K*bXMt8Oyy!nR0@etI%OOUm-&#O50PV5wfBIQ$hZPkONvD2*elDfS;_swlG%d z<`HHT#v`2BQ|JWYfT?ak5OyZ|ou5fywOBlxOJTP+t3Yz9uTDHV!Za09J$DWtN!B z7rM->z`*6%!X#LNFgYO>64L)$zm^T#>iqQIG<`WyNnDo|2wRQRSc(8@Tagu9i}2S4bot4qKYtWdc_YA zV+J+M!V}cG5zF%jr<1k6{LbMe0Z(t9{QUh5?6W%3Qa(AVg8P@x*aSS70eudvL!NOZ zEFa|jk(V@pJ5qx-5q)$7iimVE-|8M;V`o8q4}A$$Xg4e{LJ`s0#9kifQ~)fag_JI#Hf9rKFm*z z!3lXaj0D4S+^XFGTagF(D|raNEpKPqlubTh12c-hLaDVqYK|i<_D{HJd&=x}4`v*Z z4};vq_5d&Qd+fN!`C$0Bb&`&aSUV_ChfA6uK)l_*w}Sf&2bX&Jx8?U2dQ*~u9oEk> zGQVbVnk=1&-XWh1x(bZB{rqTFnAEU=7+My}nHCwGmAD*ydccI&!K|pKw^NlhIfodi zrQh&qyS7szk2Y3o#L$-JBdL4pr>8eFfpswRB|^cSIFc!7;)*1}m=Lbt;QBkM5)Dav zjw4V;wm9@ie%q(OR;6wl7^ex|q843ouI_L|7Z?Jy5KHvqPHu6Td` zezs5-8!t0SJ2dlw?J>-clf$9sJS=Qz021i%{xgp3baUj-7qXwCXrX55XZ3meakoO* zN7*_~Az@$S8>I(X#QIh~g|0rIJVlf;l^+_kzCy}PVc0Bh*cUOG`?KEq?Zt#A?+Wz> zRqhg+gZ-M{BY)f2vqZ=<%{V11Tpa1Ps~wdJIeMBleK0C2sxFxw>}P!OP9}qCi;p0I z1QNcBi5c;w8_QS!r8(O<9&eV*Doc#o6Eu<%fv?`>;@&`~IC07Tudy<~$HUL>uw*N& z#&%|q4RNvO_vqMpQdg@p*-){B{!-QPIH4zC52@wXST9G?a_}|Hl9mNAaT(dc6Qk!E zg`-#ihXv1RZGP`g zN+VqeKR!iZO!Xpd@+75=O@lQGNs02`Q1$!Ysu&Hz+btYJ1|OW!uzEO>s@w4Z*b6Zv zBU{OM)sQ#n^2iVMIQ341!*yu-66ZM&Z~Y9%;Ba6Wb+Md5f7kPz-$4=$!%2lg7(x-^PXC(rj0-Lkrzlg{C=ablHDERv=7<)#w) zYfxUSK9&_%;WWbQjOf&bcR!)Ze+l+GG5yXQX0u(Gas3NI9mVRmm=N~k;}6}1;AV!L zCbCvN{V4#@l@_j3!GoAdQEx`yzjs1Vm2UlI^6FBZps1uwLdfN<;)jhN+yM7Xedan& zax${_PD(O8DLF*97>N%{xCox1Sc~Hp7fri7)6@*qPF$O5eJTms#lta@$x|tDp`IGr%XA z<46>g_-gbyGP&vd#luq|v>`d!iHYqq*`X*%(VA+`|6=Kd66Y&;QVo?>OdV zEYr)7(~cMNC!Fuk8y;0EBU;?Yr_mp^lacwTqj;4Nv%B$JsN*g}WJ*zV1ln2DG>nm- zUqmmFQ0KIyKlv<*hc@k3Ba@}Cp2$;XKT)GG-N$B5DgFs2TTrcSQESBYxwo^?h~;pr zX#<(WYma)d9KjaB_eQ=fJVGv3iueF=9b8?eiZKO}DVv=w*CbQ!3wh)pSxUj?CzKuCczpKE{PhT-}7> z+4Rsl>JS~Cw!0B2^|-8lXGl6-JvlyRG)J*eRVieRC})G5j*_PAqy*NlTYrG>2?ps6&ncExPU>T(y!d`a67-BPd=J7FTlS#1I5 zry-W%uDsB0aNV|9Us0A);wr8RX2!~eOd}(6lZZ$k9u7DL*;IKaE8{w#X$cf_D8L&U;4Z)Y7CPO8Zc;P!m(T8uiq?`)k;W-qO)#z(y;y_&E1^IoSm*FKWSGmr~sZ$ z;WJAc#9^)7n^P&hWbS^p??^)={8#8CrhhqAY~vru3zSj<^-R~B%_{3lKu{-Fp^~aA z=%c`7iNQQ^XJa%Nw&oB2)z+!!wKsD2Kx!;Dz~XkH{z^Z)dvjv07z&`eGQe#mDdVDb zmgc9h`5t|AR;nwD(X-*8T31le$Z9)xq)@RT>ts-F_yBcB2ZU6vriU-}wlUUzVkQJh z0T=4tYdOYCDyKN-&06<-^fdle=y)?xGFZ0%QMpALNB<9f=p`<0Tx+Q}c?^>|0!aWg z$B2w39{f!rym>>PK=bfUXI;z30G~<`4F~Bbf zim&==kn+5;**le~xaSku7QZ+bn_5^n)$ikF;^ifmIMuCGkQs3?!L};k<52^%86oj(~t1 z_1|3pINW9)r}EukCiqS93KrLH*DHwANN+c?`OK*)LGu$>8;lm(T+^BB8&IAK?8X+WfLbWT!XU25+v=fKA7yIpfZgc*I zy|duku=DM%-u{yiW6x0yQ*8%jQ-P+?g$KL*x zmt|9f@_?h^tv4)8s>0M{WIQCmIg-hCzL3MMVI&%2aUT-7^a{H7*_&F)Q_r6Wl@1XA zh(r{IwWrU;Ju))_VP5q(ArgG_`x`N&+VLDlcA?2c>ugh(LGxtnG$Q<043_K2m0T4j zd5HvVn(6l)-TjniwQRz7aauB4C0QJw)D@%svFH^xyjTrwT?pwF006b8&)#Bdl zG$)kTy9>;FM!LpWuu8vQg2RJOl=xHF7o&8Q@aGaO>4do4T8w6PMV!UqwOf*b#+v1` zH7`Xb8i^)4*{W-nDLy)@bdS>MSw?MiaPi-4JN=>P>yOI)DgWzD7){m}{H<@1UMdW! SwXb(}5I`T)&%L;eRS7siMH diff --git a/centos/maintainer.md b/centos/maintainer.md deleted file mode 100644 index 06be7cefd..000000000 --- a/centos/maintainer.md +++ /dev/null @@ -1 +0,0 @@ -[The CentOS Project](%%GITHUB-REPO%%) diff --git a/centos/metadata.json b/centos/metadata.json deleted file mode 100644 index e90624aca..000000000 --- a/centos/metadata.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "hub": { - "categories": [] - } -} diff --git a/consul/README-short.txt b/consul/README-short.txt deleted file mode 100644 index 71c626fc5..000000000 --- a/consul/README-short.txt +++ /dev/null @@ -1 +0,0 @@ -Consul is a datacenter runtime that provides service discovery, configuration, and orchestration. diff --git a/consul/README.md b/consul/README.md deleted file mode 100644 index b2a3e98cd..000000000 --- a/consul/README.md +++ /dev/null @@ -1,258 +0,0 @@ - - -# **DEPRECATION NOTICE** - -Upcoming in Consul 1.16, we will stop publishing official Dockerhub images and publish only our Verified Publisher images. Users of Docker images should pull from [hashicorp/consul](https://hub.docker.com/r/hashicorp/consul) instead of [consul](https://hub.docker.com/_/consul). Verified Publisher images can be found at https://hub.docker.com/r/hashicorp/consul. - -# Quick reference - -- **Maintained by**: - [HashiCorp](https://github.com/hashicorp/docker-consul) - -- **Where to get help**: - [the Docker Community Slack](https://dockr.ly/comm-slack), [Server Fault](https://serverfault.com/help/on-topic), [Unix & Linux](https://unix.stackexchange.com/help/on-topic), or [Stack Overflow](https://stackoverflow.com/help/on-topic) - -# Supported tags and respective `Dockerfile` links - -**No supported tags** - -# Quick reference (cont.) - -- **Where to file issues**: - [https://github.com/hashicorp/docker-consul/issues](https://github.com/hashicorp/docker-consul/issues?q=) - -- **Supported architectures**: ([more info](https://github.com/docker-library/official-images#architectures-other-than-amd64)) - **No supported architectures** - -- **Published image artifact details**: - [repo-info repo's `repos/consul/` directory](https://github.com/docker-library/repo-info/blob/master/repos/consul) ([history](https://github.com/docker-library/repo-info/commits/master/repos/consul)) - (image metadata, transfer size, etc) - -- **Image updates**: - [official-images repo's `library/consul` label](https://github.com/docker-library/official-images/issues?q=label%3Alibrary%2Fconsul) - [official-images repo's `library/consul` file](https://github.com/docker-library/official-images/blob/master/library/consul) ([history](https://github.com/docker-library/official-images/commits/master/library/consul)) - -- **Source of this description**: - [docs repo's `consul/` directory](https://github.com/docker-library/docs/tree/master/consul) ([history](https://github.com/docker-library/docs/commits/master/consul)) - -# Consul - -Consul is a distributed, highly-available, and multi-datacenter aware tool for service discovery, configuration, and orchestration. Consul enables rapid deployment, configuration, and maintenance of service-oriented architectures at massive scale. For more information, please see: - -- [Consul documentation](https://www.consul.io/) -- [Consul on GitHub](https://github.com/hashicorp/consul) - -![logo](https://raw.githubusercontent.com/docker-library/docs/8adb88e1e328c244711742f65319ed4064cff9a2/consul/logo.svg?sanitize=true) - -# Consul and Docker - -Consul has several moving parts so we'll start with a brief introduction to Consul's architecture and then detail how Consul interacts with Docker. Please see the [Consul Architecture](https://www.consul.io/docs/architecture) guide for more detail on all these concepts. - -Each host in a Consul cluster runs the Consul agent, a long running daemon that can be started in client or server mode. Each cluster has at least 1 agent in server mode, and usually 3 or 5 for high availability. The server agents participate in a [consensus protocol](https://www.consul.io/docs/internals/consensus.html), maintain a centralized view of the cluster's state, and respond to queries from other agents in the cluster. The rest of the agents in client mode participate in a [gossip protocol](https://www.consul.io/docs/internals/gossip.html) to discover other agents and check them for failures, and they forward queries about the cluster to the server agents. - -Applications running on a given host communicate only with their local Consul agent, using its HTTP APIs or DNS interface. Services on the host are also registered with the local Consul agent, which syncs the information with the Consul servers. Doing the most basic DNS-based service discovery using Consul, an application queries for `foo.service.consul` and gets a randomly shuffled subset of all the hosts providing service "foo". This allows applications to locate services and balance the load without any intermediate proxies. Several HTTP APIs are also available for applications doing a deeper integration with Consul's service discovery capabilities, as well as its other features such as the key/value store. - -These concepts also apply when running Consul in Docker. Typically, you'll run a single Consul agent container on each host, running alongside the Docker daemon. You'll also need to configure some of the agents as servers (at least 3 for a basic HA setup). Consul should always be run with `--net=host` in Docker because Consul's consensus and gossip protocols are sensitive to delays and packet loss, so the extra layers involved with other networking types are usually undesirable and unnecessary. We will talk more about this below. - -We don't cover Consul's multi-datacenter capability here, but as long as `--net=host` is used, there should be no special considerations for Docker. - -# Using the Container - -We chose Alpine as a lightweight base with a reasonably small surface area for security concerns, but with enough functionality for development, interactive debugging, and useful health, watch, and exec scripts running under Consul in the container. As of Consul 0.7, the image also includes `curl` since it is so commonly used for health checks. - -Consul always runs under [dumb-init](https://github.com/Yelp/dumb-init), which handles reaping zombie processes and forwards signals on to all processes running in the container. We also use [gosu](https://github.com/tianon/gosu) to run Consul as a non-root "consul" user for better security. These binaries are all built by HashiCorp and signed with our [GPG key](https://www.hashicorp.com/security.html), so you can verify the signed package used to build a given base image. - -Running the Consul container with no arguments will give you a Consul server in [development mode](https://www.consul.io/docs/agent/options.html#_dev). The provided entry point script will also look for Consul subcommands and run `consul` as the correct user and with that subcommand. For example, you can execute `docker run consul members` and it will run the `consul members` command inside the container. The entry point also adds some special configuration options as detailed in the sections below when running the `agent` subcommand. Any other command gets `exec`-ed inside the container under `dumb-init`. - -The container exposes `VOLUME /consul/data`, which is a path where Consul will place its persisted state. This isn't used in any way when running in development mode. For client agents, this stores some information about the cluster and the client's health checks in case the container is restarted. For server agents, this stores the client information plus snapshots and data related to the consensus algorithm and other state like Consul's key/value store and catalog. For servers it is highly desirable to keep this volume's data around when restarting containers to recover from outage scenarios. If this is bind mounted then ownership will be changed to the consul user when the container starts. - -The container has a Consul configuration directory set up at `/consul/config` and the agent will load any configuration files placed here by binding a volume or by composing a new image and adding files. Alternatively, configuration can be added by passing the configuration JSON via environment variable `CONSUL_LOCAL_CONFIG`. If this is bind mounted then ownership will be changed to the consul user when the container starts. - -Since Consul is almost always run with `--net=host` in Docker, some care is required when configuring Consul's IP addresses. Consul has the concept of its cluster address as well as its client address. The cluster address is the address at which other Consul agents may contact a given agent. The client address is the address where other processes on the host contact Consul in order to make HTTP or DNS requests. You will typically need to tell Consul what its cluster address is when starting so that it binds to the correct interface and advertises a workable interface to the rest of the Consul agents. You'll see this in the examples below as the `-bind=` argument to Consul. - -The entry point also includes a small utility to look up a client or bind address by interface name. To use this, set the `CONSUL_CLIENT_INTERFACE` and/or `CONSUL_BIND_INTERFACE` environment variables to the name of the interface you'd like Consul to use and a `-client=` and/or `-bind=` argument will be computed and passed to Consul at startup. - -## Running Consul for Development - -```console -$ docker run -d --name=dev-consul -e CONSUL_BIND_INTERFACE=eth0 consul -``` - -This runs a completely in-memory Consul server agent with default bridge networking and no services exposed on the host, which is useful for development but should not be used in production. For example, if that server is running at internal address 172.17.0.2, you can run a three node cluster for development by starting up two more instances and telling them to join the first node. - -```console -$ docker run -d -e CONSUL_BIND_INTERFACE=eth0 consul agent -dev -join=172.17.0.2 -... server 2 starts -$ docker run -d -e CONSUL_BIND_INTERFACE=eth0 consul agent -dev -join=172.17.0.2 -... server 3 starts -``` - -Then we can query for all the members in the cluster by running a Consul CLI command in the first container: - -```console -$ docker exec -t dev-consul consul members -Node Address Status Type Build Protocol DC -579db72c1ae1 172.17.0.3:8301 alive server 0.6.3 2 dc1 -93fe2309ef19 172.17.0.4:8301 alive server 0.6.3 2 dc1 -c9caabfd4c2a 172.17.0.2:8301 alive server 0.6.3 2 dc1 -``` - -Remember that Consul doesn't use the data volume in this mode - once the container stops all of your state will be wiped out, so please don't use this mode for production. Running completely on the bridge network with the development server is useful for testing multiple instances of Consul on a single machine, which is normally difficult to do because of port conflicts. - -Development mode also starts a version of Consul's web UI on port 8500. This can be added to the other Consul configurations by supplying the `-ui` option to Consul on the command line. The web assets are bundled inside the Consul binary in the container. - -## Running Consul Agent in Client Mode - -```console -$ docker run -d --net=host -e 'CONSUL_LOCAL_CONFIG={"leave_on_terminate": true}' consul agent -bind= -retry-join= -==> Starting Consul agent... -==> Starting Consul agent RPC... -==> Consul agent running! - Node name: 'linode' - Datacenter: 'dc1' - Server: false (bootstrap: false) - Client Addr: 127.0.0.1 (HTTP: 8500, HTTPS: -1, DNS: 8600, RPC: 8400) - Cluster Addr: (LAN: 8301, WAN: 8302) - Gossip encrypt: false, RPC-TLS: false, TLS-Incoming: false - Atlas: -... -``` - -This runs a Consul client agent sharing the host's network and advertising the external IP address to the rest of the cluster. Note that the agent defaults to binding its client interfaces to 127.0.0.1, which is the host's loopback interface. This would be a good configuration to use if other containers on the host also use `--net=host`, and it also exposes the agent to processes running directly on the host outside a container, such as HashiCorp's Nomad. - -The `-retry-join` parameter specifies the external IP of one other agent in the cluster to use to join at startup. There are several ways to control how an agent joins the cluster, see the [agent configuration](https://www.consul.io/docs/agent/options.html) guide for more details on the `-join`, `-retry-join`, and `-atlas-join` options. - -Note also we've set [`leave_on_terminate`](https://www.consul.io/docs/agent/options.html#leave_on_terminate) using the `CONSUL_LOCAL_CONFIG` environment variable. This is recommended for clients to and will be defaulted to `true` in Consul 0.7 and later, so this will no longer be necessary. - -At startup, the agent will read config JSON files from `/consul/config`. Data will be persisted in the `/consul/data` volume. - -Here are some example queries on a host with an external IP of 66.175.220.234: - -```console -$ curl http://localhost:8500/v1/health/service/consul?pretty -[ - { - "Node": { - "Node": "linode", - "Address": "66.175.220.234", -... -``` - -```console -$ dig @localhost -p 8600 consul.service.consul -; <<>> DiG 9.9.5-3ubuntu0.7-Ubuntu <<>> @localhost -p 8600 consul.service.consul -; (2 servers found) -;; global options: +cmd -;; Got answer: -;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61616 -;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 -;; WARNING: recursion requested but not available - -;; QUESTION SECTION: -;consul.service.consul. IN A - -;; ANSWER SECTION: -consul.service.consul. 0 IN A 66.175.220.234 -... -``` - -If you want to expose the Consul interfaces to other containers via a different network, such as the bridge network, use the `-client` option for Consul: - -```console -docker run -d --net=host consul agent -bind= -client= -retry-join= -==> Starting Consul agent... -==> Starting Consul agent RPC... -==> Consul agent running! - Node name: 'linode' - Datacenter: 'dc1' - Server: false (bootstrap: false) - Client Addr: (HTTP: 8500, HTTPS: -1, DNS: 8600, RPC: 8400) - Cluster Addr: (LAN: 8301, WAN: 8302) - Gossip encrypt: false, RPC-TLS: false, TLS-Incoming: false - Atlas: -... -``` - -With this configuration, Consul's client interfaces will be bound to the bridge IP and available to other containers on that network, but not on the host network. Note that we still keep the cluster address out on the host network for performance. Consul will also accept the `-client=0.0.0.0` option to bind to all interfaces. - -## Running Consul Agent in Server Mode - -```console -$ docker run -d --net=host -e 'CONSUL_LOCAL_CONFIG={"skip_leave_on_interrupt": true}' consul agent -server -bind= -retry-join= -bootstrap-expect= -``` - -This runs a Consul server agent sharing the host's network. All of the network considerations and behavior we covered above for the client agent also apply to the server agent. A single server on its own won't be able to form a quorum and will be waiting for other servers to join. - -Just like the client agent, the `-retry-join` parameter specifies the external IP of one other agent in the cluster to use to join at startup. There are several ways to control how an agent joins the cluster, see the [agent configuration](https://www.consul.io/docs/agent/options.html) guide for more details on the `-join`, `-retry-join`, and `-atlas-join` options. The server agent also consumes a `-bootstrap-expect` option that specifies how many server agents to watch for before bootstrapping the cluster for the first time. This provides an easy way to get an orderly startup with a new cluster. See the [agent configuration](https://www.consul.io/docs/agent/options.html) guide for more details on the `-bootstrap` and `-bootstrap-expect` options. - -Note also we've set [`skip_leave_on_interrupt`](https://www.consul.io/docs/agent/options.html#skip_leave_on_interrupt) using the `CONSUL_LOCAL_CONFIG` environment variable. This is recommended for servers and will be defaulted to `true` in Consul 0.7 and later, so this will no longer be necessary. - -At startup, the agent will read config JSON files from `/consul/config`. Data will be persisted in the `/consul/data` volume. - -Once the cluster is bootstrapped and quorum is achieved, you must use care to keep the minimum number of servers operating in order to avoid an outage state for the cluster. The deployment table in the [consensus](https://www.consul.io/docs/internals/consensus.html) guide outlines the number of servers required for different configurations. There's also an [adding/removing servers](https://www.consul.io/docs/guides/servers.html) guide that describes that process, which is relevant to Docker configurations as well. The [outage recovery](https://www.consul.io/docs/guides/outage.html) guide has steps to perform if servers are permanently lost. In general it's best to restart or replace servers one at a time, making sure servers are healthy before proceeding to the next server. - -## Exposing Consul's DNS Server on Port 53 - -By default, Consul's DNS server is exposed on port 8600. Because this is cumbersome to configure with facilities like `resolv.conf`, you may want to expose DNS on port 53. Consul 0.7 and later supports this by setting an environment variable that runs `setcap` on the Consul binary, allowing it to bind to privileged ports. Note that not all Docker storage backends support this feature (notably AUFS). - -Here's an example: - -```console -$ docker run -d --net=host -e 'CONSUL_ALLOW_PRIVILEGED_PORTS=' consul -dns-port=53 -recursor=8.8.8.8 -``` - -This example also includes a recursor configuration that uses Google's DNS servers for non-Consul lookups. You may want to adjust this based on your particular DNS configuration. If you are binding Consul's client interfaces to the host's loopback address, then you should be able to configure your host's `resolv.conf` to route DNS requests to Consul by including "127.0.0.1" as the primary DNS server. This would expose Consul's DNS to all applications running on the host, but due to Docker's built-in DNS server, you can't point to this directly from inside your containers; Docker will issue an error message if you attempt to do this. You must configure Consul to listen on a non-localhost address that is reachable from within other containers. - -Once you bind Consul's client interfaces to the bridge or other network, you can use the `--dns` option in your *other containers* in order for them to use Consul's DNS server, mapped to port 53. Here's an example: - -```console -$ docker run -d --net=host -e 'CONSUL_ALLOW_PRIVILEGED_PORTS=' consul agent -dns-port=53 -recursor=8.8.8.8 -bind= -``` - -Now start another container and point it at Consul's DNS, using the bridge address of the host: - -```console -$ docker run -i --dns= -t ubuntu sh -c "apt-get update && apt-get install -y dnsutils && dig consul.service.consul" -... -;; ANSWER SECTION: -consul.service.consul. 0 IN A 66.175.220.234 -... -``` - -In the example above, adding the bridge address to the host's `/etc/resolv.conf` file should expose it to all containers without running with the `--dns` option. - -## Service Discovery with Containers - -There are several approaches you can use to register services running in containers with Consul. For manual configuration, your containers can use the local agent's APIs to register and deregister themselves, see the [Agent API](https://www.consul.io/docs/agent/http/agent.html) for more details. Another strategy is to create a derived Consul container for each host type which includes JSON config files for Consul to parse at startup, see [Services](https://www.consul.io/docs/agent/services.html) for more information. Both of these approaches are fairly cumbersome, and the configured services may fall out of sync if containers die or additional containers are started. - -If you run your containers under [HashiCorp's Nomad](https://www.nomadproject.io/) scheduler, it has [first class support for Consul](https://www.nomadproject.io/docs/jobspec/servicediscovery.html). The Nomad agent runs on each host alongside the Consul agent. When jobs are scheduled on a given host, the Nomad agent automatically takes care of syncing the Consul agent with the service information. This is very easy to manage, and even services on hosts running outside of Docker containers can be managed by Nomad and registered with Consul. You can find out more about running Docker under Nomad in the [Docker Driver](https://www.nomadproject.io/docs/drivers/docker.html) guide. - -Other open source options include [Registrator](http://gliderlabs.com/registrator/latest/) from Glider Labs and [ContainerPilot](https://www.joyent.com/containerpilot) from Joyent. Registrator works by running a Registrator instance on each host, alongside the Consul agent. Registrator monitors the Docker daemon for container stop and start events, and handles service registration with Consul using the container names and exposed ports as the service information. ContainerPilot manages service registration using tooling running inside the container to register services with Consul on start, manage a Consul TTL health check while running, and deregister services when the container stops. - -## Running Health Checks in Docker Containers - -Consul has the ability to execute health checks inside containers. If the Docker daemon is exposed to the Consul agent and the `DOCKER_HOST` environment variable is set, then checks can be configured with the Docker container ID to execute in. See the [health checks](https://www.consul.io/docs/agent/checks.html) guide for more details. - -# License - -View [license information](https://raw.githubusercontent.com/hashicorp/consul/master/LICENSE) for the software contained in this image. - -As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). - -Some additional license information which was able to be auto-detected might be found in [the `repo-info` repository's `consul/` directory](https://github.com/docker-library/repo-info/tree/master/repos/consul). - -As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. diff --git a/consul/content.md b/consul/content.md deleted file mode 100644 index 5535d7a67..000000000 --- a/consul/content.md +++ /dev/null @@ -1,197 +0,0 @@ -# Consul - -Consul is a distributed, highly-available, and multi-datacenter aware tool for service discovery, configuration, and orchestration. Consul enables rapid deployment, configuration, and maintenance of service-oriented architectures at massive scale. For more information, please see: - -- [Consul documentation](https://www.consul.io/) -- [Consul on GitHub](https://github.com/hashicorp/consul) - -%%LOGO%% - -# Consul and Docker - -Consul has several moving parts so we'll start with a brief introduction to Consul's architecture and then detail how Consul interacts with Docker. Please see the [Consul Architecture](https://www.consul.io/docs/architecture) guide for more detail on all these concepts. - -Each host in a Consul cluster runs the Consul agent, a long running daemon that can be started in client or server mode. Each cluster has at least 1 agent in server mode, and usually 3 or 5 for high availability. The server agents participate in a [consensus protocol](https://www.consul.io/docs/internals/consensus.html), maintain a centralized view of the cluster's state, and respond to queries from other agents in the cluster. The rest of the agents in client mode participate in a [gossip protocol](https://www.consul.io/docs/internals/gossip.html) to discover other agents and check them for failures, and they forward queries about the cluster to the server agents. - -Applications running on a given host communicate only with their local Consul agent, using its HTTP APIs or DNS interface. Services on the host are also registered with the local Consul agent, which syncs the information with the Consul servers. Doing the most basic DNS-based service discovery using Consul, an application queries for `foo.service.consul` and gets a randomly shuffled subset of all the hosts providing service "foo". This allows applications to locate services and balance the load without any intermediate proxies. Several HTTP APIs are also available for applications doing a deeper integration with Consul's service discovery capabilities, as well as its other features such as the key/value store. - -These concepts also apply when running Consul in Docker. Typically, you'll run a single Consul agent container on each host, running alongside the Docker daemon. You'll also need to configure some of the agents as servers (at least 3 for a basic HA setup). Consul should always be run with `--net=host` in Docker because Consul's consensus and gossip protocols are sensitive to delays and packet loss, so the extra layers involved with other networking types are usually undesirable and unnecessary. We will talk more about this below. - -We don't cover Consul's multi-datacenter capability here, but as long as `--net=host` is used, there should be no special considerations for Docker. - -# Using the Container - -We chose Alpine as a lightweight base with a reasonably small surface area for security concerns, but with enough functionality for development, interactive debugging, and useful health, watch, and exec scripts running under Consul in the container. As of Consul 0.7, the image also includes `curl` since it is so commonly used for health checks. - -Consul always runs under [dumb-init](https://github.com/Yelp/dumb-init), which handles reaping zombie processes and forwards signals on to all processes running in the container. We also use [gosu](https://github.com/tianon/gosu) to run Consul as a non-root "consul" user for better security. These binaries are all built by HashiCorp and signed with our [GPG key](https://www.hashicorp.com/security.html), so you can verify the signed package used to build a given base image. - -Running the Consul container with no arguments will give you a Consul server in [development mode](https://www.consul.io/docs/agent/options.html#_dev). The provided entry point script will also look for Consul subcommands and run `consul` as the correct user and with that subcommand. For example, you can execute `docker run %%IMAGE%% members` and it will run the `consul members` command inside the container. The entry point also adds some special configuration options as detailed in the sections below when running the `agent` subcommand. Any other command gets `exec`-ed inside the container under `dumb-init`. - -The container exposes `VOLUME /consul/data`, which is a path where Consul will place its persisted state. This isn't used in any way when running in development mode. For client agents, this stores some information about the cluster and the client's health checks in case the container is restarted. For server agents, this stores the client information plus snapshots and data related to the consensus algorithm and other state like Consul's key/value store and catalog. For servers it is highly desirable to keep this volume's data around when restarting containers to recover from outage scenarios. If this is bind mounted then ownership will be changed to the consul user when the container starts. - -The container has a Consul configuration directory set up at `/consul/config` and the agent will load any configuration files placed here by binding a volume or by composing a new image and adding files. Alternatively, configuration can be added by passing the configuration JSON via environment variable `CONSUL_LOCAL_CONFIG`. If this is bind mounted then ownership will be changed to the consul user when the container starts. - -Since Consul is almost always run with `--net=host` in Docker, some care is required when configuring Consul's IP addresses. Consul has the concept of its cluster address as well as its client address. The cluster address is the address at which other Consul agents may contact a given agent. The client address is the address where other processes on the host contact Consul in order to make HTTP or DNS requests. You will typically need to tell Consul what its cluster address is when starting so that it binds to the correct interface and advertises a workable interface to the rest of the Consul agents. You'll see this in the examples below as the `-bind=` argument to Consul. - -The entry point also includes a small utility to look up a client or bind address by interface name. To use this, set the `CONSUL_CLIENT_INTERFACE` and/or `CONSUL_BIND_INTERFACE` environment variables to the name of the interface you'd like Consul to use and a `-client=` and/or `-bind=` argument will be computed and passed to Consul at startup. - -## Running Consul for Development - -```console -$ docker run -d --name=dev-consul -e CONSUL_BIND_INTERFACE=eth0 %%IMAGE%% -``` - -This runs a completely in-memory Consul server agent with default bridge networking and no services exposed on the host, which is useful for development but should not be used in production. For example, if that server is running at internal address 172.17.0.2, you can run a three node cluster for development by starting up two more instances and telling them to join the first node. - -```console -$ docker run -d -e CONSUL_BIND_INTERFACE=eth0 %%IMAGE%% agent -dev -join=172.17.0.2 -... server 2 starts -$ docker run -d -e CONSUL_BIND_INTERFACE=eth0 %%IMAGE%% agent -dev -join=172.17.0.2 -... server 3 starts -``` - -Then we can query for all the members in the cluster by running a Consul CLI command in the first container: - -```console -$ docker exec -t dev-consul %%IMAGE%% members -Node Address Status Type Build Protocol DC -579db72c1ae1 172.17.0.3:8301 alive server 0.6.3 2 dc1 -93fe2309ef19 172.17.0.4:8301 alive server 0.6.3 2 dc1 -c9caabfd4c2a 172.17.0.2:8301 alive server 0.6.3 2 dc1 -``` - -Remember that Consul doesn't use the data volume in this mode - once the container stops all of your state will be wiped out, so please don't use this mode for production. Running completely on the bridge network with the development server is useful for testing multiple instances of Consul on a single machine, which is normally difficult to do because of port conflicts. - -Development mode also starts a version of Consul's web UI on port 8500. This can be added to the other Consul configurations by supplying the `-ui` option to Consul on the command line. The web assets are bundled inside the Consul binary in the container. - -## Running Consul Agent in Client Mode - -```console -$ docker run -d --net=host -e 'CONSUL_LOCAL_CONFIG={"leave_on_terminate": true}' %%IMAGE%% agent -bind= -retry-join= -==> Starting Consul agent... -==> Starting Consul agent RPC... -==> Consul agent running! - Node name: 'linode' - Datacenter: 'dc1' - Server: false (bootstrap: false) - Client Addr: 127.0.0.1 (HTTP: 8500, HTTPS: -1, DNS: 8600, RPC: 8400) - Cluster Addr: (LAN: 8301, WAN: 8302) - Gossip encrypt: false, RPC-TLS: false, TLS-Incoming: false - Atlas: -... -``` - -This runs a Consul client agent sharing the host's network and advertising the external IP address to the rest of the cluster. Note that the agent defaults to binding its client interfaces to 127.0.0.1, which is the host's loopback interface. This would be a good configuration to use if other containers on the host also use `--net=host`, and it also exposes the agent to processes running directly on the host outside a container, such as HashiCorp's Nomad. - -The `-retry-join` parameter specifies the external IP of one other agent in the cluster to use to join at startup. There are several ways to control how an agent joins the cluster, see the [agent configuration](https://www.consul.io/docs/agent/options.html) guide for more details on the `-join`, `-retry-join`, and `-atlas-join` options. - -Note also we've set [`leave_on_terminate`](https://www.consul.io/docs/agent/options.html#leave_on_terminate) using the `CONSUL_LOCAL_CONFIG` environment variable. This is recommended for clients to and will be defaulted to `true` in Consul 0.7 and later, so this will no longer be necessary. - -At startup, the agent will read config JSON files from `/consul/config`. Data will be persisted in the `/consul/data` volume. - -Here are some example queries on a host with an external IP of 66.175.220.234: - -```console -$ curl http://localhost:8500/v1/health/service/consul?pretty -[ - { - "Node": { - "Node": "linode", - "Address": "66.175.220.234", -... -``` - -```console -$ dig @localhost -p 8600 consul.service.consul -; <<>> DiG 9.9.5-3ubuntu0.7-Ubuntu <<>> @localhost -p 8600 consul.service.consul -; (2 servers found) -;; global options: +cmd -;; Got answer: -;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61616 -;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 -;; WARNING: recursion requested but not available - -;; QUESTION SECTION: -;consul.service.consul. IN A - -;; ANSWER SECTION: -consul.service.consul. 0 IN A 66.175.220.234 -... -``` - -If you want to expose the Consul interfaces to other containers via a different network, such as the bridge network, use the `-client` option for Consul: - -```console -docker run -d --net=host %%IMAGE%% agent -bind= -client= -retry-join= -==> Starting Consul agent... -==> Starting Consul agent RPC... -==> Consul agent running! - Node name: 'linode' - Datacenter: 'dc1' - Server: false (bootstrap: false) - Client Addr: (HTTP: 8500, HTTPS: -1, DNS: 8600, RPC: 8400) - Cluster Addr: (LAN: 8301, WAN: 8302) - Gossip encrypt: false, RPC-TLS: false, TLS-Incoming: false - Atlas: -... -``` - -With this configuration, Consul's client interfaces will be bound to the bridge IP and available to other containers on that network, but not on the host network. Note that we still keep the cluster address out on the host network for performance. Consul will also accept the `-client=0.0.0.0` option to bind to all interfaces. - -## Running Consul Agent in Server Mode - -```console -$ docker run -d --net=host -e 'CONSUL_LOCAL_CONFIG={"skip_leave_on_interrupt": true}' %%IMAGE%% agent -server -bind= -retry-join= -bootstrap-expect= -``` - -This runs a Consul server agent sharing the host's network. All of the network considerations and behavior we covered above for the client agent also apply to the server agent. A single server on its own won't be able to form a quorum and will be waiting for other servers to join. - -Just like the client agent, the `-retry-join` parameter specifies the external IP of one other agent in the cluster to use to join at startup. There are several ways to control how an agent joins the cluster, see the [agent configuration](https://www.consul.io/docs/agent/options.html) guide for more details on the `-join`, `-retry-join`, and `-atlas-join` options. The server agent also consumes a `-bootstrap-expect` option that specifies how many server agents to watch for before bootstrapping the cluster for the first time. This provides an easy way to get an orderly startup with a new cluster. See the [agent configuration](https://www.consul.io/docs/agent/options.html) guide for more details on the `-bootstrap` and `-bootstrap-expect` options. - -Note also we've set [`skip_leave_on_interrupt`](https://www.consul.io/docs/agent/options.html#skip_leave_on_interrupt) using the `CONSUL_LOCAL_CONFIG` environment variable. This is recommended for servers and will be defaulted to `true` in Consul 0.7 and later, so this will no longer be necessary. - -At startup, the agent will read config JSON files from `/consul/config`. Data will be persisted in the `/consul/data` volume. - -Once the cluster is bootstrapped and quorum is achieved, you must use care to keep the minimum number of servers operating in order to avoid an outage state for the cluster. The deployment table in the [consensus](https://www.consul.io/docs/internals/consensus.html) guide outlines the number of servers required for different configurations. There's also an [adding/removing servers](https://www.consul.io/docs/guides/servers.html) guide that describes that process, which is relevant to Docker configurations as well. The [outage recovery](https://www.consul.io/docs/guides/outage.html) guide has steps to perform if servers are permanently lost. In general it's best to restart or replace servers one at a time, making sure servers are healthy before proceeding to the next server. - -## Exposing Consul's DNS Server on Port 53 - -By default, Consul's DNS server is exposed on port 8600. Because this is cumbersome to configure with facilities like `resolv.conf`, you may want to expose DNS on port 53. Consul 0.7 and later supports this by setting an environment variable that runs `setcap` on the Consul binary, allowing it to bind to privileged ports. Note that not all Docker storage backends support this feature (notably AUFS). - -Here's an example: - -```console -$ docker run -d --net=host -e 'CONSUL_ALLOW_PRIVILEGED_PORTS=' %%IMAGE%% -dns-port=53 -recursor=8.8.8.8 -``` - -This example also includes a recursor configuration that uses Google's DNS servers for non-Consul lookups. You may want to adjust this based on your particular DNS configuration. If you are binding Consul's client interfaces to the host's loopback address, then you should be able to configure your host's `resolv.conf` to route DNS requests to Consul by including "127.0.0.1" as the primary DNS server. This would expose Consul's DNS to all applications running on the host, but due to Docker's built-in DNS server, you can't point to this directly from inside your containers; Docker will issue an error message if you attempt to do this. You must configure Consul to listen on a non-localhost address that is reachable from within other containers. - -Once you bind Consul's client interfaces to the bridge or other network, you can use the `--dns` option in your *other containers* in order for them to use Consul's DNS server, mapped to port 53. Here's an example: - -```console -$ docker run -d --net=host -e 'CONSUL_ALLOW_PRIVILEGED_PORTS=' %%IMAGE%% agent -dns-port=53 -recursor=8.8.8.8 -bind= -``` - -Now start another container and point it at Consul's DNS, using the bridge address of the host: - -```console -$ docker run -i --dns= -t ubuntu sh -c "apt-get update && apt-get install -y dnsutils && dig consul.service.consul" -... -;; ANSWER SECTION: -consul.service.consul. 0 IN A 66.175.220.234 -... -``` - -In the example above, adding the bridge address to the host's `/etc/resolv.conf` file should expose it to all containers without running with the `--dns` option. - -## Service Discovery with Containers - -There are several approaches you can use to register services running in containers with Consul. For manual configuration, your containers can use the local agent's APIs to register and deregister themselves, see the [Agent API](https://www.consul.io/docs/agent/http/agent.html) for more details. Another strategy is to create a derived Consul container for each host type which includes JSON config files for Consul to parse at startup, see [Services](https://www.consul.io/docs/agent/services.html) for more information. Both of these approaches are fairly cumbersome, and the configured services may fall out of sync if containers die or additional containers are started. - -If you run your containers under [HashiCorp's Nomad](https://www.nomadproject.io/) scheduler, it has [first class support for Consul](https://www.nomadproject.io/docs/jobspec/servicediscovery.html). The Nomad agent runs on each host alongside the Consul agent. When jobs are scheduled on a given host, the Nomad agent automatically takes care of syncing the Consul agent with the service information. This is very easy to manage, and even services on hosts running outside of Docker containers can be managed by Nomad and registered with Consul. You can find out more about running Docker under Nomad in the [Docker Driver](https://www.nomadproject.io/docs/drivers/docker.html) guide. - -Other open source options include [Registrator](http://gliderlabs.com/registrator/latest/) from Glider Labs and [ContainerPilot](https://www.joyent.com/containerpilot) from Joyent. Registrator works by running a Registrator instance on each host, alongside the Consul agent. Registrator monitors the Docker daemon for container stop and start events, and handles service registration with Consul using the container names and exposed ports as the service information. ContainerPilot manages service registration using tooling running inside the container to register services with Consul on start, manage a Consul TTL health check while running, and deregister services when the container stops. - -## Running Health Checks in Docker Containers - -Consul has the ability to execute health checks inside containers. If the Docker daemon is exposed to the Consul agent and the `DOCKER_HOST` environment variable is set, then checks can be configured with the Docker container ID to execute in. See the [health checks](https://www.consul.io/docs/agent/checks.html) guide for more details. diff --git a/consul/deprecated.md b/consul/deprecated.md deleted file mode 100644 index 5791985d0..000000000 --- a/consul/deprecated.md +++ /dev/null @@ -1 +0,0 @@ -Upcoming in Consul 1.16, we will stop publishing official Dockerhub images and publish only our Verified Publisher images. Users of Docker images should pull from [hashicorp/consul](https://hub.docker.com/r/hashicorp/consul) instead of [consul](https://hub.docker.com/_/consul). Verified Publisher images can be found at https://hub.docker.com/r/hashicorp/consul. diff --git a/consul/github-repo b/consul/github-repo deleted file mode 100644 index d3aa632b6..000000000 --- a/consul/github-repo +++ /dev/null @@ -1 +0,0 @@ -https://github.com/hashicorp/docker-consul diff --git a/consul/license.md b/consul/license.md deleted file mode 100644 index d565b3812..000000000 --- a/consul/license.md +++ /dev/null @@ -1 +0,0 @@ -View [license information](https://raw.githubusercontent.com/hashicorp/consul/master/LICENSE) for the software contained in this image. diff --git a/consul/logo.svg b/consul/logo.svg deleted file mode 100644 index 94c38977d..000000000 --- a/consul/logo.svg +++ /dev/null @@ -1,7 +0,0 @@ - - - - - - - diff --git a/consul/maintainer.md b/consul/maintainer.md deleted file mode 120000 index ef4100e01..000000000 --- a/consul/maintainer.md +++ /dev/null @@ -1 +0,0 @@ -../.common-templates/maintainer-hashicorp.md \ No newline at end of file diff --git a/consul/metadata.json b/consul/metadata.json deleted file mode 100644 index e90624aca..000000000 --- a/consul/metadata.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "hub": { - "categories": [] - } -} diff --git a/express-gateway/README-short.txt b/express-gateway/README-short.txt deleted file mode 100644 index 87c786a48..000000000 --- a/express-gateway/README-short.txt +++ /dev/null @@ -1 +0,0 @@ -DEPRECATED; The Official Docker Image of Express Gateway, an API Gateway for APIs and Microservices diff --git a/express-gateway/README.md b/express-gateway/README.md deleted file mode 100644 index ce83cca14..000000000 --- a/express-gateway/README.md +++ /dev/null @@ -1,124 +0,0 @@ - - -# **DEPRECATION NOTICE** - -This project is no longer maintained. Read [here](https://github.com/ExpressGateway/express-gateway/issues/1011#issuecomment-748354599) for more details or if you're interested in taking over the project. - -# Quick reference - -- **Maintained by**: - [the Express Gateway Team](https://github.com/ExpressGateway/express-gateway) - -- **Where to get help**: - [the Docker Community Slack](https://dockr.ly/comm-slack), [Server Fault](https://serverfault.com/help/on-topic), [Unix & Linux](https://unix.stackexchange.com/help/on-topic), or [Stack Overflow](https://stackoverflow.com/help/on-topic) - -# Supported tags and respective `Dockerfile` links - -**No supported tags** - -# Quick reference (cont.) - -- **Where to file issues**: - [https://github.com/ExpressGateway/express-gateway/issues](https://github.com/ExpressGateway/express-gateway/issues?q=) - -- **Supported architectures**: ([more info](https://github.com/docker-library/official-images#architectures-other-than-amd64)) - **No supported architectures** - -- **Published image artifact details**: - [repo-info repo's `repos/express-gateway/` directory](https://github.com/docker-library/repo-info/blob/master/repos/express-gateway) ([history](https://github.com/docker-library/repo-info/commits/master/repos/express-gateway)) - (image metadata, transfer size, etc) - -- **Image updates**: - [official-images repo's `library/express-gateway` label](https://github.com/docker-library/official-images/issues?q=label%3Alibrary%2Fexpress-gateway) - [official-images repo's `library/express-gateway` file](https://github.com/docker-library/official-images/blob/master/library/express-gateway) ([history](https://github.com/docker-library/official-images/commits/master/library/express-gateway)) - -- **Source of this description**: - [docs repo's `express-gateway/` directory](https://github.com/docker-library/docs/tree/master/express-gateway) ([history](https://github.com/docker-library/docs/commits/master/express-gateway)) - -# What is Express-Gateway? - -Express Gateway is an API Gateway that sits at the heart of any microservices architecture, regardless of what language or platform you're using. Express Gateway secures your microservices and exposes them through APIs using Node.js, ExpressJS and Express middleware. Developing microservices, orchestrating and managing them now can be done insanely fast all on one seamless platform without having to introduce additional infrastructure. - -Express-Gateway's documentation can be found at [https://express-gateway.io/docs](https://express-gateway.io/docs). - -## Main Features - -- Built Entirely on Express and Express Middleware -- Dynamic Centralized Config -- API Consumer and Credentials Management -- Plugins and Plugin Framework -- Distributed Data Store -- CLI -- Admin API - -![logo](https://raw.githubusercontent.com/docker-library/docs/8ee4b026326a61ab0ccf22634eacbbbfbfaaf678/express-gateway/logo.png) - -## How to use this image - -Unless you're using identity features (such as `users`, `applications` and `credentials`), Express-Gateway does not require any data storage. - -If so, skip directly to the point **2**; else, please keep going with this guide. - -### 1. Link Express-Gateway to a Redis container - -#### Start Redis - -Start a Redis container by executing: - -```shell -$ docker run -d --name express-gateway-data-store \ - -p 6379:6379 \ - redis:alpine -``` - -### 2. Start the Express-Gateway instance - -Once the Redis instance has been started (if required), we can start the Express-Gateway instance link it to the Redis container. - -```shell -$ docker run -d --name express-gateway \ - --link eg-database:eg-database \ - -v /my/own/datadir:/var/lib/eg \ - -p 8080:8080 \ - -p 9876:9876 \ - express-gateway -``` - -*Note:* You might want to expose other ports to the host in case you're serving your APIs through **HTTPS**. - -*Note:* You need to mount a volume with configuration files and volumes in order to make Express-Gateway start correctly. - -You can now read the docs at [express-gateway.io/docs](http://express-gateway.io/docs) to learn more about Express-Gateway and configure it accordingly to your needs. - -### Install plugin - -You can install custom plugins to the current Express Gateway image just creating a new `Dockerfile`, use `express-gateway` as base image and then install the required plugins as global yarn packages - -```dockerfile -FROM express-gateway -RUN yarn global add express-gateway-plugin-name -``` - -# License - -View [license information](https://github.com/ExpressGateway/express-gateway/blob/master/LICENSE) for the software contained in this image. - -As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). - -Some additional license information which was able to be auto-detected might be found in [the `repo-info` repository's `express-gateway/` directory](https://github.com/docker-library/repo-info/tree/master/repos/express-gateway). - -As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. diff --git a/express-gateway/content.md b/express-gateway/content.md deleted file mode 100644 index 5aa8a3cc9..000000000 --- a/express-gateway/content.md +++ /dev/null @@ -1,63 +0,0 @@ -# What is Express-Gateway? - -Express Gateway is an API Gateway that sits at the heart of any microservices architecture, regardless of what language or platform you're using. Express Gateway secures your microservices and exposes them through APIs using Node.js, ExpressJS and Express middleware. Developing microservices, orchestrating and managing them now can be done insanely fast all on one seamless platform without having to introduce additional infrastructure. - -Express-Gateway's documentation can be found at [https://express-gateway.io/docs](https://express-gateway.io/docs). - -## Main Features - -- Built Entirely on Express and Express Middleware -- Dynamic Centralized Config -- API Consumer and Credentials Management -- Plugins and Plugin Framework -- Distributed Data Store -- CLI -- Admin API - -%%LOGO%% - -## How to use this image - -Unless you're using identity features (such as `users`, `applications` and `credentials`), Express-Gateway does not require any data storage. - -If so, skip directly to the point **2**; else, please keep going with this guide. - -### 1. Link Express-Gateway to a Redis container - -#### Start Redis - -Start a Redis container by executing: - -```shell -$ docker run -d --name express-gateway-data-store \ - -p 6379:6379 \ - redis:alpine -``` - -### 2. Start the Express-Gateway instance - -Once the Redis instance has been started (if required), we can start the Express-Gateway instance link it to the Redis container. - -```shell -$ docker run -d --name express-gateway \ - --link eg-database:eg-database \ - -v /my/own/datadir:/var/lib/eg \ - -p 8080:8080 \ - -p 9876:9876 \ - %%IMAGE%% -``` - -*Note:* You might want to expose other ports to the host in case you're serving your APIs through **HTTPS**. - -*Note:* You need to mount a volume with configuration files and volumes in order to make Express-Gateway start correctly. - -You can now read the docs at [express-gateway.io/docs](http://express-gateway.io/docs) to learn more about Express-Gateway and configure it accordingly to your needs. - -### Install plugin - -You can install custom plugins to the current Express Gateway image just creating a new `Dockerfile`, use `%%IMAGE%%` as base image and then install the required plugins as global yarn packages - -```dockerfile -FROM %%IMAGE%% -RUN yarn global add express-gateway-plugin-name -``` diff --git a/express-gateway/deprecated.md b/express-gateway/deprecated.md deleted file mode 100644 index 9a16fcc98..000000000 --- a/express-gateway/deprecated.md +++ /dev/null @@ -1 +0,0 @@ -This project is no longer maintained. Read [here](https://github.com/ExpressGateway/express-gateway/issues/1011#issuecomment-748354599) for more details or if you're interested in taking over the project. diff --git a/express-gateway/github-repo b/express-gateway/github-repo deleted file mode 100644 index ffecc1ea1..000000000 --- a/express-gateway/github-repo +++ /dev/null @@ -1 +0,0 @@ -https://github.com/ExpressGateway/express-gateway diff --git a/express-gateway/license.md b/express-gateway/license.md deleted file mode 100644 index 2de981d32..000000000 --- a/express-gateway/license.md +++ /dev/null @@ -1 +0,0 @@ -View [license information](https://github.com/ExpressGateway/express-gateway/blob/master/LICENSE) for the software contained in this image. diff --git a/express-gateway/logo.png b/express-gateway/logo.png deleted file mode 100644 index 1da4074db1721ab752e7452ce70d984e2dcfebda..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 38611 zcmeGDc{tSFA2^H;kuBMYvJYd6hz!Y6V~w%QkS$~@Bn_srFQp8UWhna+28k$HvQ&s6 zOV+a1F!rU$zCCC3xqrX!b3K1Q|2_A0-Pe6PbIy6a&THS^I1{8UGb0}(1Oj2!*F%^= zAjeF>zvA@A!3t+CQy=&budlYHFUrf+_x=rU7l@X#m!pf2zUPgbE@mz_oc%CF7c~eZ z8LN-bLO&Q@tiO(jUc+Vwu*+B(GD(#E>FwtD!JZ0ZGS_zy6&u_lK;5UsM(QSIcdVR~8#kuT5rk2~1#b-mdB&pbk5ym+@2#`s3L3%WBu5*ox)r z=k@Fap2t0+`M#CO@0Y78EiHXs;k-zfI;`PYlCyqNdpn#B;}}x2`Qye3fcXFS&;P3w z&>Sd|r-5M3RbjlpsCU+e+&(7)fk@3&w{FzDY%FiN3lTDfn3SGVN>}9f?mi!L0-|~M zc1cR5d!LQYybojCzud#ed82(K9JD5} znm9EjUIqw6f{lpi>^sgc6w-#E;*>M-pyz}@9%v4ZX9|nb#%Va`LZY}N;$a3`5XeVZ zNj!BMuYxJ0g`uCCaw}t;VL$IW1P$trao3Zavzm7JQAey<5eg`>2=3U>Ic(9zGH^2@7lqzJEkTrxrSgDxHGw2av!)YB9ojQ2mH!g{=SZt&Rh)iTOl*wwnr^z`fy#qrGy~2LdS+ z_sydPw~B|$0Q#eoY8MQT5WBD#;ndR8djhn4ozQBgi$FHF zWcr+`0s8X{oJWX=6YkVzcv9%XC`{d=d<(!y^y$Y|Q|RK@YP1y?0DR3ken5UGWA^1U zH|fC!?;BysGXPmcY}#zfB0y#J;cZTUSNs(U1BL8ej}X_)`_2&D;`@OCY|v~d`L=on z0NJ835Z`ziLj#tC+px(6MwDy5q~_$SfR%WezN1ZgZ#Z^Jg4`)m3yEkNb^@q~gq3Q6 zzsNn=WEB7@%n7#okB6ZO!l!A$n?F*wWb^|_?SwmJp8(r|T`+N`E~6*|B>ydt4R8r{ z6P7NQ0x49m@HiFNp_%-T8-cyP{N8{DkfrKUO(Pv3r5`T>MZi(hKXQ2tF3_Z99+Kn% zfA>UX6sA2+o(5~FLKL{6j$w{$(%?q*Jn}YU6Oh|bWL~~XClu`Xi|NO9QRw*Yr?~6j zWq{nQ^Wz0Yfc{Q)3=6nb*=R_Ma_jG>X>oIVK$fxvD@*}FB!0oKfb*<0%tQJ|zei+5 z=BFSsD9TU&*k#D{Xi>;S#tg8T{#otZy?zQ9H6g%2E3k*kuIV2Kh}F2~Ugcorb3|7y zxEO!p2(izu|M-W0lyNsdLnTob;Ib9>lp4wy%D@A5e{ldR2)1*^WZb%T;z&#!9iRSN zf|)3M5^$kBFE`vK8CVk&A&-9qk@t={+A^2l}N!hl3R6!nw>W8yka8due9Sp zn{d=^3`3Pq^tphj1h?r>fuA30mVXBtn627>9cD*SV#ZkBBjrNlULHxF!)4p&0{>Q+ z*dzuoA7iIICrr_Mput8?zuY2fT2dMfj(Kxa%L`_&8yrx(CInsVox zDc)(Z8$%HYh?zT&KcB=Dhfm)6#n$Vr&KOUJ`+HIBpwOwXaGeBX=U#)`IwJFrSSH*w{N+f1dfW= zul*No$Iyh2eFhtNh!k=33(=~H`7Z#F%R{g}kh6611^bIX(*WfJ_wG{P__Y(T>~U^5 z6rq*>Vgz2}aCA{9+=Yh_JiExG$B8~!VFHfFx1qx1PU-A}-A-1(5tuLo3`MvoTGIk_lOWD=sYl zV}FmFF>OOOea#WUSLCys zQwGjxb#Q={P_8~n)9+P1)4;W%AY{tQ~F;ymRrICei0B?0H`+?J-R=U5qeV(&wEPT+#-IMYv!u_0!$2 zgarLv+8n<&6A4rgJ!ze~_L^cA*c{E4ut=+xqRpYzeAy~%V5$0>R3!j!)mrlA$^Mhk zD2>jliGYxYqRep;CO8kbE-1y(z{#7!;=9;Gi#Hah!8(%_<%nhr@rA>n3iEc%ZiC|n zfHpBDK?9)4S7FQswFW4mO{jd!BP>!Ihtlw{$h#E?tXd(P1h*%U#~6;mw_R?-SY+bu zux4q+Mu2Aj|9BqBLBg+JF)YzWd9|#LtkgGlePh()eBg3ta_WDkI}|?00dvZ=n^BZ3 z`E?x1Sa+rBG|<-)HLk62M{=n@ssHLjiopm|2JDwT5<1P6W}J6@ZZi>ILwjU@z2YJO z8qGK?vSCQY=<+_m-#C#$GdJ7z|1YSdDQ!l}8GJ{peK6gT;;_>iOwCD9luW)I$hU;W zGAjYIDPMI95YoWq$B|o&4+#fRlPkQ-3xcD-kROh&bm974L>GVrLQODcrId6#rq$5$0B>blU z5t|uB2Hn?sYzyG>?Vr}EZz(2)l@M6pvMZ!r*X71uSQ}>83e~j0sk&rY-erKWa@%Z_ zU+)P}M$^gnH3}^Xy}Gb8vnD9MGa8|UN;}*&K6B@M#7Cjv$HJj8)B~E?5QqUmIrQSl z+S>cXm)9$NmuJ0hdu;WTdgqL9mXQV2>cz~4*7w%3heVOIL6D`@DL+FK7+QrQK0$dD-Ndy#&p|Zr^|IH#t?xx+wb~OG#74}o(nu$jDsR#c-sTlPN%p@H z-AC_dFsCQstnHrm_GFyIDc$TTN8j`|0)53`z2n2sLAgHg=CYU;m(4_`J_CTeKtceOXl4NSG&8l zqEPg!oZ0Yok(pZOm#RlB;SNiPZubM>fRu!xP0=|kt6@jIV##ZjcLv)h{2kiY1EWwH zX%@LBeJK35g3ibM8ExQ(WIObF*S)3ZSZrn99348xV?ceAss4fpa(JqU$2t>uE>T(o zS=O7U7(gieo}=J>4wR*UpxCDg;iq8mp z>n7`*GJJxLQ^tb1uhZ=MOyb=fBHVL;6g7A zV_xyH^L$)DDXNrUo37*4^nQQ+6HEiy;R76PmF71P=U&crl66iS#?OSg7uDX^Ery~h z9b`xKPGMHh8c!0JYLg1ZVsC-??^&p!#OfS_u);!x@}$o0+MJr%F{-g!ma&Sro{2={ zW~Z`OI#R%r%g02Ko{x_?xaXu|6_nmAvS6eF)nAfT*lD>q3v1_Gb11vC6QlaXuTYu1 zFd<@tJ{^Cc`}GYLUEvCh6DEty*wozigGqM6fz!RN zD9%=KcG~#sbqfV)zzeiR(Hw&xCTM%rHiYmU)(s>wzipm z+cRV>5zjXLNiKLEf98V-%ILf&?bR3H!782B#(Td&4j3;Hx%fG_-S@*9aBw1S#z>-_ zt5t33%#62e?*JE}M9}fW;H6m9C-(CBy-nkUPpKw_h&<ZNy>H+eC7LNgm{iP85bbCcaPOM!+?!on&aA!oM)H6&AOnjFsyiCl)+TjXp>AcOmvk z3}5oD)c)cgY8a$SMC$iRSt*=*Dcw`Dt=c&SPkAfSVr>Rxq&~??k@JUBMc$nvqv_wJ z4fDr+Z9l+^=ui4a_7$$_HqT4?y*C?hHTV%PsnVEQd8fv{KAhCwU7S?N6?+28`1!;s z=rJs%F44E|s@SP!u9G?HUvM!<4>cWqmh3;=;?{3J;q55)qj*CjaCJyJD`+d1qHnZ^ss-(QF&w{~& zZV5bXHPt^v&67IN`({=B#!^nui%O^|yWiKjF8*Aa5hPHwUW=BK0BrJHt4b)x4aOPOadGMM+Bs1GZ8$=e(WR&($R*Q zhR&}+*b0%GcFri^BHWm%F3DH*jBr06oHERrqUwGeKPx3S)Uk7N;o0G@jH|Y_aS}be zfoGH>d_Ph_riyxMJPLHv`65ve9!ztQ1cpyX1igAYUurn!aZ*ujkag+PsGFaGb2(`p zKYy3^O0MQLR*|q)UL9&7ck6-=%aT#ica5*ryR!0Vx39CpG*;32IsSyiqU&o9O98fZ zR{)LFo-05ZeQ8C3J&5FCc#-TF2fJ2!zn@lT{OU8wp=g_Q#WvLIEseWch3W!XCSnTa z((`tx{7BSc*^J=f!;2%fg8*eVd|R`3dORfZWKEC3wB#()9pjqJHjah#%hj5R*j`!W zZajU`=+ru~?a_Qjh=S00u2}ebZ#g?QuH!U2t!j9p4<(?J|0X~771a|>T-sCgkd@)w zOvO58aF96b;7_Zb-AgsIOo=L%Y*AD&Ukgddle60YA~;&}IsYV%x>2h=3P`4=jNVVt z6hih2j8ri>{uWu{b2**bW(JKOm0dIFP)AzkL=||}CQ254cDwbQF#I#fyC>>M-G6fy zw$X@KNdT5T>aOJ|6p|}W9aJ?f<*9{G z6GsLVm`Ix?RTn9+(+*SfP+(qdC893&s1&-@QeEZ8m<5(=r~5`H3i|OW^5FD5Epz4{ zsh5v$!P1<%jA~x{q&|9|Bw?K?YHH#Q5p@ZC8$+Xcm*&GVQK>@3wKfGNCl)|?cy1ga zb@)=x`;h(SL_zyo+Cr$-bi+>0at`lN-6ya0vUP8NT|PvXZS^NNt$}^jH+Dx zOe$AOZ*N7)`CU#YJ%=^xA8Mg}@`H^719SLG4Kqs9_8aJX%b(ryi$!QLXmuX(O2XGr zd99z(B(uOao1XwLsty%F*0xB}`xP6ljyS8oZ5$0GvG9a{O|?u(aAEbhcbc!gi=Ee) zsDrJ(En;e7=zvll169G^l4@e>TRO9wTC!t@JZ~Bi$p0CRBA;Ji9cYje~^V*^0*&hr^jg+~V&{ z1n>X(?OZ(PSejzil{oyd92n~;N~B`Q`xo$4Q*Z>CX&v@elo@5#MBglV2V?eziH$%S zQXy|M+)p)86ENXmyheigOv@Xu{hW6a-2KS-+#1SQz!W?vehEjF&1#Lz?hm8^o~&c!3_mnP4ouGv25i9(-q0v7W06lx@=EjNv&!eEJh9&knJRkAA)r zpk7m%$T74ciX7mEF^8#;IQvxzbrU%*A(cB@f{%nzEA#jMT)eY$`Y-3(hpHek@Rroc zb*Rfeg8u#9YTiMn@x4+@dD>AKc1)CgCM#^8&a|1NI6HLKDLg?kCE$7Vxc)|?o&R4a zLCcwn7=+eF_N|n7$nS955{pXZSc%;0D*xCjjI2}`&$;mT8qP3C6q4dUbkn$FPui+T zrwarby{n`D?9M5+Q$z;IPAKqCCbHh2?E1&yxskB}&KXj&NO{2PJp0Tqhm~#p2}zRc zs}3&nFUG>jZjM!KO>ggrx#Kz%*=d`OLAP~Y67?YX_Tr5%Y|BjCR{eFMaA72Q(WzPT zo*%_dL7xU8MBa7ue^B2IrSJcPnVFT}2m>jUZE3v3sWVWe#XjILvK5C5M&1Wr{Zl8z zGySe!mh=d)JZwRlq{xOd1hM(IVAFDi%Ad~e;xqEMDCt4PQ^cpA4isG=3-LG;)r;&( z76vc9P9Yf}EN6f^@DNDUKFvjlfKE4#iv=I-it}yrHk|XlhYy-8^7@t4F6VyKed7y! zhD7>%)A9GCF8SJ-u1-lXPyzb$(zdLZgpN|%9?>OscE2{P1cAZJ3x)hUob1~Yl=$pB z*Eymx_Y9@<8HETMS#|SDj)u3KMe+fV`i*MZGRTLwE~c2-Bm|+9rITiY_AFlOy}qlj zoBI)HMK;Za3{6kzEV?fZ6TrJPs+D))N;pW0t1DHA0s+)$;OBO9lVM^~?YXwGv5{bT<0M|#c6kL;*pJH#g0M~>@N}eM70|7lZRrEY>yV)r!&A7S*k9SuljB1~i zHjTC=#TOP|?UzhMbvQ!4N6e>9BYP{-OHiYvJkfKy>3=(3Ph^<%g~a;CIOnV1BMkR0 zrRiXQcf4nrK3IM!Xkzmv5~1}?3*7|J7V?^+F21z;&QT$GSs3X;L&h(d+khJY=HHlx zkp<|eFGljgDd2AdS_ zmUl5=95YZid~)df6SyRkKHtzTUUvNa<;9w1E7T?EevdOXt~f@MSj9Zk$*J5!6Uy&A z))z%uyRJUckPqaW#0}#ISmfE?*KvPAU#B`2pE+R!{@eLT2q`6dJQDRA z7=Ax)0%Rjz1T(x@>*!)IhHZ($H%Ai;-;)K`Eb@jQG3cQ|Zwht{i0T*J26=p?@q$73 zQY|Jr{7M|GSuzkjfkIL8f&Ep#iKxr*sTh%gQ-6Aa@c2Ap0%zI9CQGaIiJJ-~|Ka6Zkc>jgNBF{e+d15qpyN<4rQgo0K2?I@-j}P8G z?Op6!-&Kq?;rPbezJ8ep#{A!NO&^i^59tsHZo&Oox(i7-yzRp&rn+f$r#CxTN@T*O zj}P?dafU*4a)HFIWRN9?m~7I0X{I9+gKO45aInJUPD`>^I=d9Vob&%Howa+p@2{f5 z{O%rIW3Vz%@WS7;24ekp*wg5dBM*5wI z+bQWQw1?UM-XGJ|$ew3vu-EU{bq{E7AF;@tW{{36>=BCsMylz@z14R`f10jOTA8J4&2TVp2?w-*U?|h(GtAfjAVh|L zDRRi~_QH58c~lEN*RkFx&r{rm_67%*rN0HXqE`+?NxWXhH3B3&Lrue3t9W-wc1au# z`NMDi_m2-=6AGaSNtR_Xp^K!L-j93nAxcRO)?x6a>w*l!c&m8OCzDLrhDtOcuHQZT#%CyR<8P?-ZYF zq8cQ(GSx({Msy4aUzsk}%hL%|idh5>Hb@%y_?%;8fBC=~%|S`Rv*-9Sn|QMyY7B7_ zPpSO-XkD$od-wjubBOnr9BkN(5&LBvlbHBlUfhMw%u+9;OAM{aBDE;4dS8uTYy1?> z>^Rookn{!gg-@_Fi@`588vm{z6E*ZyFx0}COPMq4h;gL8H5Ng(Msqv2uYcwym;pI5 zyBlj-`UIZzo<(&7^F4~wK3UZCjd4%Cqpa`7JlsunA+M;3Uc3C+X=FjEPq*`{ucgtC zfNlm|`T;D+*Z(^?YTmp>zO)nKE#mqNdQlt4zqiI0v@fkGUcnZU%*0Y)Nj%4;O_-3` z-V@4{fcZ1ee`drvgR>LmDe95GJlMy`4|=V6#esQ>H%uq})uoNGFyp7Q;>h-O-)Iyo zumWxx-I7BnS!7?(BTtx_Vg~4)IS3ZHR|_2=IqUcEAuv}v8JAb=G}B0x_eGBJFq%%Wzz`t}b$ z_xRJlL_ll(da-MUVMIcHf>%3q_g(3qCUQ~`NHB#dJUC=GuCY5|FKbfD^FyuDS=)fT z&IKOQdD&c2Aoh_7Nu%eA^ zcD9#$=PtM)d^3v`M$O(V`6!zTV5en3T=|E*NJR1Sqxr(1e!4n@!7*;7 zam68q{wUsrAdse0>2FcuRaV#`jGgQs-;J7Fc{nvZR&excvq$cOM6~rXp~iE&;Ri^2 z*y5T&;*_}Y^O5%@GKsUvR%uK<&JgdMXN`dCapF(T3)MZBE3Hk2~P%;<0boX)#< zGsH*aa4&baW>SFI&F8hq*Ku&ozt2`>1G?sGIOZGyZxM(SLNeZ?Ci@Fhv{@g>z#VOO zT-$M6_+I#wPL>cqpOB&Ow`Gpf*XTCI(#bF!jX`YZWPNWeoGlJ*mmW@$g&-lF8oR|c zd^2LLBoP!#KS&U(Hr_7(;oh`W-gb?>oFJ2;mZ>0{mS5R%W-*>{{oiXI$stvM1WtwQ zN)9!h+?)n(CDwrpIls*F4rS6Ix{hrRTfX1jtckWe#xxul)^SlAuEt zpyeoZ*b6bJn9LWXIV)`zjX14`Ui^$V=oNmX|I{)A>!@u|cPcDlIkaMfXe^$DMbbbU zC<*rE^nSW)_yu`m=0jK{6O2GiKtu zsagTfMu153zxM@~^2xI-9bhYv?Z8?wikj+iJh=JFxMb@wEKPHp2=wLu@wU(G1T7is zcz3p^LZ-v{`r*yAFe4^CluO>cVoGt?D!R(pqu?tr$p{KjfV)UMG}ga28WL%DdgaQy z61{RHBhCzld@HM0*Y~ENXdZgmrPiw0fYAL~Q@<~gY}TOX0Avv7g<-r5WN@8|gX~{C zBgwpqPFp^v7vuc`Yo>?y!WiTi-6;067e8f0FfNul?^d&JoDk+d-|*eE^qME8U5g^V zBfy6Auc4Kui!ZmhncV(&R1TAC$RaMxRcs`U&R`@0L5-ch*9D3s7f&%z04{}5k^K*5 zaA>U@-tMRNbiJd8q9QTpdIWPYGr?ZV*-Wfa4^8=Aq zz!X@{pu0vyk@F9Q+Sk$DD88wp=}ko5FB;m&&ZTy=6-7MGbEC|g(kOt(N@lW(TI z4mtwN22^YXJ&g}FLzaA!W5rnS4GNmC1*4Ql(?(GS3Miv^eFfwXYWA$tL{);qc&7KI z0WBot`ekD5t_D5cCF60tV)}zek2&=EPf?3a9Aqh%givenNTO>88FP{Kj8oa z2Zb|5?qAJKqfv*)-wAB*+rI=9S3+kesG6LlmDqNybg_3P&pq_iIUj8@HldjKURO7r zI+@~SXw%8!J@#U>!7T}QYoMKD z)5Syr6_^+ePg>i+FGR>7`9P?!8p4W5#`0|(=+CGl7;*DF5^k>pqnaQFjHd=OH09YO z6D6q=KK`fXGWdm}OaiFjMl=^?0Y_~*;ZKX>GtTV-qj6XMP+b{;Uf)#ze#3dajT3lJ z!9X*gv-Cha??M)=(La{Lo&er0CtDqLDOB4=R@ zQ&b)O2US*$WJ#RiAdEk_4_YE6J|YYF6s)w_)#kVXeBoq4z!l@4AG_CRiTjz(-rpLQ ziH!JnC+(NFMRJ@3VT&)1>ZQ%+w+q46UBv`}8Sujmf$o4TKEFy}kAgh!^}7xQer|hHc{S4%Ufp_R~+`b0GMT z^as+hr|XJe096ICE~TX9(QDc`kQUKB$dqIKWjQde__@6=CK2c4blb7@ztNIP z@tEmv{w%3dCDs3`K$NhAQ>$l5ZsC!h`SsiqO?@HknaZEpUBBE1@2&O^stZ_TbB|&) z&i`t;GeRVRsy?!-ks96^aankxHm8x5w}ZsUy*$)Y7M1PD{hg z%o7T^z<_15+bSyCsn#PiyjmliOG0Hle{I}Qi>fs_vB+Xk0q~#Rl9eFU84;QI*(aON zhif7IZ-{|$qFwK8%wEBIb((SG-vR|Q*GCO}khz&GMqIN#hVi@fxhWg?Q?|LccR*+hP49v|c zKB|`1|1Z1t)wMR3p1m?xEn*@^;X#1<_Q?xoDU21eJ3Ja#gD>(LDMvkpYEan+wI;?N zm}dQuuSy$)80)-ZAycz2%F(exNVfLGK&>|yX16TNtj3b%nJXD05{o{0{(8tmI6=ik zLJt5fG4no&r$mI;Fumu7IE9c89mAR|3UWQd1S%1rXOD?OXS$}VDRD*h3B6ymAK!YS znPy^{QhYJR{V^pQ+M;46<%I|eA%&w+ysKy`%rFPtsku>}6g_Qe)6)EHzbof)Z&(^g zrLOw-YvQJe3~2jfG-HGZo}q7!%c4Zem?BZO6w#RYgkJy!Ebsc+=Ay%utE1ShSAaWo zxL!F^Y0y-;A>i9$*EuX6x2v{JL^aX=ep?AaF0f@ej5Ihjsh1r#!9Fj{-gGIxq0#vD z>{Ex$P+^K=ssOzc5%51CJ8|1wpLjf59*M@YldV&;bgxlTUm$L7!f#4Y$vkb&e5Hm# zJ9xeRSVKxxi1CIjB7M*J<&om>P4l^s`i&P}#Ve*on&)=C5T0Pa;?gXsVwItWrA{QI zSQnhcRDRsVY$>c?%~Bsw6ut938ovFMUUKNwd-xojg_ZF0m|gq&>gWNb;tMs%0@L2# zdTrOJ%=ZRv&tz)n5EFlI1gxB9!w-pkZ*9sSYDeGQ?IiZ6O1kiiQ?fJEoBg9|>JAx% zr?mebZ1+f+;VA;LN{!_ zXuk*rDd&z~oOgX&i++nA7@BGn7{WiptR6<&U$3i-K+Lg8FxU;6q#EE*QpT@xu)_=S zgxVif5%)OB{(Ur1oZFY z`}F?OGaXn%$hwu@@UMvpF}rrD|v%S+_sHK5IjP9R2co z<1Xe-i(8d5ZEa;i3u*cdgGvV<$)6w)HjHf~w1HwjZ`>m()Z2nIF|SAeOu=en{Qsn; zx}^x}H?Lh`s`bUkR1eQ3!C=yrqxvl>Q3&?J_pV1o^>~qPW~wW}4M7I897h*1zx5b9 zO)+q^JnqfJGI$Z-6KsEI^5#bD1Fs-4SpGyTJFwy%3bO;Uyz zJV08)^CgnJz0g#lC#|8hvcF``T)UKAg&C_mPQG(APerbtG?tRKqzifP+<$s zQd&Jr>(kQGz4Fz({;=-qW4q1vt%SUomBT6T-Rj#bjfa28(|)@j#xVy6&*Vn-S7dB7 z>MlH>SpKx8&==WGV)H`m<_$ob)dc(!yo8aDhF!d>)W+mm^Gd?3OoF^ytAaISGsL7( zpYVYVYkg_ERoXWxRbeW>cAvpqw*&ImzPIB3-W{k&qg zaIj3y63`2N0^jBURvs@bU|Atj8H-4QnMk`D-#kxmn4U{iU2p578T;;g92!PxxsqQb ztotk&KNdsr#PYYV=VsAK4xL`1eM^^lPr-M*?wdhRep!IZwpCn7yz?_5nLqQcEwaY< z*3Xymzia%U$X0q&m;RarDNietnw4q^y6i zZi1{H%5njxnR9D@wixq&SOr#06CpZ9E;(HPsRB~Jb6{LJi zC;eULL-RIO9H+jkzO#OC@>jE3I|d=e%$;8&_Xcm|e^xShbL6Q{hPeFMpKpA?f~5HT z-~MMXX1rJe**^h09OYIQ)P@>pDSBjd0$EU^m!Gkh%m(B4xluyum%BQaMU>L2qa8oP%JcgMoXW^FIIZXS}oVb`v~cwfH&#q<{r z%^%9FELDH1|F=NCZU* zNieG_JY!;sRqigoX0UGubs4h4!fo21!YYS|GU{GpPDq}ycboV06No|7Bu~$fNe7|N`fGR1xPIq-9!}eu`^5|*AHMKT5VU2aY%-sSn9f9< z@Qx?6;}U6-i_`{=dS1yh2R~|Vcu6R@XuE&8(}aX+G!y$aW`v9rtP*56T>KydS1M55 z_4lyXN`e(NOGupm1`6W}|IiwQkAcAj3c^L>qQ;=G9Yex@P+J$BAr^BLSxB_*Kh09P zu6)VJ%yK60;zEDD>C*iKnZ9)C?qiVeq81vps&2OBS(e&D$o-*l6;C5^^i{lvTW~{R zXjLwW6ML;bXv%F6hvL9Uxh6--Ea0)1?cXU3oFuDlk-O6cUMAWH`s7$(<_%D(ZkJO* zA*?(>oV%N==iZpl*SANGsa@98`;*3FxKYc!XYk5bB1mK=A~lwiO|hb@D1oF%A72QX z$p&3dKBpCeAS$HZCN&dTJ3|HG)T-k6IerBcxOArx>o%_mo!xKB(-r^D_4gJ zJw`LwYa6fTS@U!GQBuKcDWg-`W%qM!Sun$N+qsU!b~Fs{(*leD5q*6~g?&O5Mm#t6 zw*VF=4*87~L6==;eYHP$P4eme3$GFUI=MPm@xGHDLP#fC%uOThL1pGRLM;=0KJ!6L zX;2JYTgG_bYl1z+Uo9IMY*ElV&2j#qE53SAC4bY^e={x9aPR^Z%JtU0X&upaE76;DG1ov_1HwS%&J^Jr(ayoWn&lYKzQRA4`5Yo^Zzd2p z+g9fPdc#D_)Y>{V;KV5ezSj_y*7vSjhb=PkpiF|gL)FEPPK9vowIQv~okkB!o4?k7 zUd~=z@Flm%K|h1hQ%LB(ADQr6oE%bQxqj6=cD28QGTjE94@dAT(~foM7QvTFJQTP* zG%~d^p(DOGGh2@>q_?U1u@bZzk*eF54(RURqfP*mJ9ljUwsowR)=bsatj`D(Bnm(@ zk!E1@EnN0^!qe4zXU#=HqBwQB+b2G{FZLWxQ`jh=x#*6!9VI4iCVqe~9VSpL)pXeX zpbPOulL6h`Z(52zyq_Z?(kZcqxDx~-Xr^?~lI=Q}= zQkrKioYA_nvv|y+;LC>_W!<31O=GonU@WWLeK=Jy#O? zf85w)Bj?v;yHmUWY-QnKtZH-bgS4#wxb67!i29v`n@<{8H0>f0I71v7XNz-wDnC%w zxF~r#Upp6>l76w2O9sggGt^HenxsBAPoKY|F*67a$0D6GsJRLI)7O$iJw;WL)p<`AqS8a%AF;!z&Bv1FsV~_V4_~u6DhC6|zy2 zlY2Za>F)u0^}$|}eV2Dk08z*9StIbR=YksEG4mbLjugO}rXCeF31?cRyQag*7NwL* zPf>bR+4iWew>)Zos+_P(HfLn4F!bmha1iR;5$grU-Q(wQ4H zR+%ksI|~?3-NKWWzd*hB?sj)%+@)uCwZwa61}4i!t0(-6!F+LxltF(gueVcc0=Z~X zfWGhVD&qd7X5z!q<7bf%^;EZmM1ieP#=5w7at^pvK8Cl%I6q4G+Vkv#7B9R`>h2<(1g(;^JFZeMRNC9|Ul%%R+WOTWroR{E3Cn$D zcPdZp-hKk~aBsf>tLM~tB@*>!Rk3U0`Kp$rDChVzVxd+!aAf~H?`tWMl%h@^mb9|{ zpP(C=J19+22GSz#@RS}>u`qI<<_EF6z5hUY zF~cFQ?5^_1{hn@(P&loKf!p@jp!Cr6MV1IzBvo7DaSY${cWNfkh2Ek1+xZJBKAM>U zgSWM8^_-$wy6o=+ZMU8E0p$rp<)O|~Z#-*+M3eGklkzV-;U;lLfr5@pUC`Otps9m~ zuU@a7(GCKbAoE-WdBx4pd^O_=qpB{ogwYNL-#FL!JpC&>J|cz|xr}K~C>?gAKjLo0 zpXM4POAZpBBOF>jkv0#^40b7_lW6VS$H}YATX*?=a?X!O>$LxNcTM|h_Ts-GjkBb8 zEDAibm$*$}8ZeZ?lai%WU7Zr2TI}=<@f*+bQu6Jr_%vQ|z6S_aLcTnxJ+xIA5wS88 zcuCk}oG-#$xCEQ(50XmCx_UdvqUSz@%s3IiF@cd!>Va-rVT7 ziR|)+AsB-X^Gd9Q?;yx!)X3)D>Bvi*07GD!uv76nwpC|$PTL=@eoGtwJ9UEWPZm*r zxRfOBw~^rmD($2^?ew@;Z{m(~WbK7$IF%peK$A0Vq!<(7o&K# zflEe3T{hX-VE?(<;l_6`#MXIA!W<;l;31%X5t5iY8D^bjOH`GPFMcKKH(0mC?0Zt? z;YjAbjbG|v?-MUKFzJYg59~JUTbV?{TV#;idkoEPG{APgBjUMWDIuu^Hd3}Xb-Dzt zs-Pap>{dJ9%#RJp4RD^BJE}r#$6(+j#d+F<9QN|s`I}iv*X&1w#66Pa4!1-0vb_!A25hcp^Rr-@Tu^oTG`n-| z=VbBnCB+fwr*=aOtRfRfgXxv3icB=a%xh1_oL3IopaLPAnoGM&26S>jQ4!aso%%ju zSK<2m0N7Aq)-f=aWR(uO)urwm)BxWR2TDxU6Xla!fuWPc#jF&PxAJmI3BO%QA z|D!T`t%e1W3)&hfmovFR&Fn>fE1^nF?(Da|`vOA9+A^BQ-t`|RGi=|N51zfrk&|FJ zQ0euc*!wzFR`9y&TGnCfp|D0*&|Fj1Z9fgUPahPO{PWxfcd0&68~}-g?^ZAL8>b7n zl>*FTqG9=$8KO84vTp49CnFp#`)XCQ4+Q_&e+BW2v*W_?e2gN-nE=jkb4! zR{}yLHIjR$&)|xy72RGS3{qs+V6+^xpuGfJ7>+eOduiv}C(mzlZa$%pLtAA&& zuAl=?QuwiYC~kgsNZKP%E@-R+XLvnLvFyPGzgUKvYk2{U9eYhFJM)+J+rnza5FV$(m|0b79s_Mh( zE`XhdnzDayC?{nilj{PuiiV(CW>nFS>!#HiUaWr{f+rfg&#A+CEeXk|C}_zR?Zj0KE7W7`?`Bm zKtJ;aJi#S_{gPjDmw#m969XVA9XATH^#~pGYCT1o!^SyC@#DX^jv}k@kc4kgYscbsrek-wfnvoKV6slfK36)UN)(MV7#q-#IxrGh*!EPq+~h*43jBfEmp>FGk$e)ZLP06-I%3cby2?y0 z2uiQ6_!GF>Gqd78oHg{daJh)$=)J!mKXi(Lb2S8Ub*LJx&UM-Rh;N&$~81^&kQa|#WzrTQntex8e9vQNhh%+rAB#%56ved;7Qr-PD? zMu{PDom|a7b)1CuJZk=dG1V6^V4Z&4NsPLx^ZbB+|4`i{bNA0cwEf=LW~G#vsRh0_ z+F~cL4cB|STuYFWR26fTEhysOM<&walL$C&9>JYHxeH*-JlKtJ8GJFpL82rK z`iJXkTQ6Li{gRyvOHB5|xun@j?3N!azgqR}F+juIaTUFa3$kW!{X*O+-=jnrUp|^7 z0$*z`;CZ}1jou~UM_T&Y`=iF_bUO>z&9u9;L0f!DbOBL!Wl*22hOru6Uzxa+ytj6^ zvFF~(*#F64x>XWtAZu`#J_8d2^PT3wBH)8X;RQ5rFBW;)BAxLAOmEV-QDR8SP3;>Z zoy1DG-A7O2^sY{`R_^vuKb`RVSgJdY!-|lT$1Gy) za_~*3s@a&&SkaM_AoahuO78fP-Xs+oq1YQftYw^%Fa?u-fX19OOTbG)kiJ_8Fa`LQInT2x(E8!z3(2Ka5DjL6gn5see^*CVp)d*otJ`%;r zL78Dsp@sK^)Qz=`v z(V|cWV{9Y)ScVj$vV@X7##)vbOV(_SAz_e^l$1S7)+u||jAgPfV_*OG==Z$u|Glo~ zx;(=7d*A0i=X1{eIm?U+&T$RF3>_gE5nnc6_%10}zev=G^;E@5D6xO&Y>D+OI5~FM zGBr(qxZ2bg=>1*#U3Dqa`iJp|2e0sTkiR#jZh)+LizPcDun~d2f$r-0Ieuos1v6Jv z!xK*ZA0fmV7Dz+!b$^06!>Ig1wn!HJO)Mz4f*)Tae4rf-wJb0*gF?Dg976`HuJxs9X^r`Lxc z>F4b54WPZ!bN7cl`w|cp5hiF=(!%mo=P*kz644^--F5H5&F{@XvqADpl?B`4BC3iXmKx`zU81WQRdupWdYbBuHL* zx%R32+?lzaW<(G)6avzGJ1q|N{>qP5_s?9MGj3Zr&GtOL&{$`8E6SV*E}Ck~mP%!YQ9J(Xk8;P@*^B1}>z^xwqQk zB7mb*#d@?);mX-vB@Pz8x5+Q0YQIOI)0eJm_Y}?~tqURz!N$1)lu>%FSy~M)tL^er zekYE9uq>!)h&d`p3k9N7X}MXZ$7ZI`*mom{!I)smp8RiP%`pq0%mz3`QV@(_Ny@8E zB5|i^7W}W)F`zy*%R)a}YjF;d5ME`|DGy?8ns0|e7B;4UMJPPE<7hpT>Ggs_BgOw zcN=ZM>-phHq;C554=1N7Arsl)uUmqY!oZd!x2j{*tI&_gDlmUX_FdjpgNug9Y++uL z;zTGdd&&jmp#G%>hrloRZWrMA(*gJ8{)Z?Np5%Y&PAb#ehT>cA!W0Q5oh^qJFQE>6 zV}36u{x;?(i(E9AGn;l?;1C&WN0~IBQlq0-Ht0mluPygsvH~LC0RM9Xng}hx(_<$udx!1 z_l8WR=gJ=9K2v+%9;z&~%;JdK>De#+xpBLM$c4BEcCQ2$ydS6A?R>CDQ|NwHmG2Hd zyupD@OUGkjE(dtcPX=jMI=rDQcSzX}u4rIoVw~a4*N8n~AXV~4yJz4s!Gxlol|TnU zAqQyX6+`twKyM~mkjJ4#+ev~4QgNy^IkMw)!%KhaRJ;m3&{-MksuDh&*|9r7l3 zu~Jdb84>}znidm$pJKd1b6i!>P_~Z($cbv-A*P=k|U-*cW=zRVMRBGG5esZhey#;9f8shNp+dP>GtcFR^P6b=p$w_7vf8@Xy zjOf*KZUgNKlq&@jC{e@D2+m~-2{@i<(cM2N&cCwqZJSWjBQw(8qnoM#>Nc++B>?QN z@?D>8lV9&HrT&z+pLPz5kc%_>z}e#V>HmjC;i#wo9L+tx{kmxFkH}Y`mlTmnX_mRj z17Xjz{l?Pl5###jUy)8@jp7}A<>=k%{t9}o&oVKpSph33Jd*>O@8*#b<*|cEl9g|; zS`PAi$Y;u|K`REfUQ^?-WbU)I8TkIaS?&R`&1g^zbU|GrW`n9Z{DX;CY!6N~L`3{MN@zgO((dyJD9b6a#R(ZcA)OgBydnt4 zTfV`jDlwNiZ(^*zgSvCd7V7^eu;X&)x133Z2q!_qDQ)8sxYnJq6GX0LiUG=&ZuXm6 z?5V~(e5G8^Kz1E=Q--eVoX{&Vf6DEGmIHywSgx+wax){!qBfAK*w)zYFV?3TAX~fD zp9+=pogMhnDaxWH8c2ysp98Ae`f3w!_Z$vs3d=G?8BsOoaIh0cDnmArfTg*jWR5ub zTWd(bM4oYrfF9MU<^P>8+x_JC+hcjnd8|-VaEFF#aB2nW*>R4DU6&3<dtylyqQ9O*k8Hb*H)AH;9tGV zD=E4Q2eq$kUc0Hau7MQpl+SSlXDdp{O+OKo7@VIHdNpb_`!_(UQ65j!Ki&WdLTC9* z`RrC@`R|mE@fz!p^F&%PJ;*llQnk;|z4E}yk#OTzd?f-%s^c<^FSGPrwfk>$#5uLn zI&cWee)nIamtB0q@f?a~2?tdupU!=*1G;*nQ1iXL5>KISuU`2!;^T?`q@HDyuF8(L zJZXlR6)^lNtX(abaN~i(SfbYNj=b;i3 z%ZctX0c1R06Sx!(gX4xoueO!2>{T`GJ`V0%?{pJa+dfOf|}HukR>)43^eSK*VaLL=p} zR@Z`3OKS~U1X9fMv=$DHMR1sB)~`$p*iCu zXin+ct&94asB77C*p1;6JgySsLD5jXihZEmrr*U^cn4ZoT~{w51sg7fqZr+0)p3Ix zu0lyCj7@|Ko_y646;(xmHLg~^n~b51PDuR0@}wC3-5sPSyN)*s)(fYvPonV_;Ah7X zAO}(pvL-Q}7g4kQoY_()yj`c#J&_{7(;JsSX$ABH8no=?(2mWg%@LP@yUi~AGf=j4 zf#a2C@5P$f@ZL7H)&n;D)yDiE*EDTfv=V-BUT%&IqdeJc3KI4#&szB6C+|5s1`@IO zDG2WyJ4#Pdx2~s%MSuX*fq#;jFZJ~;HRt;;5iIs-9KDbc32UI|j6lYzv&IcJlO5<(vONzY+h;q*V`w;94gH{|D_*!(^<&u({+Yl2*IEuchkD1U19 zT+ZB~YS>n%uVxQzT)b|NSzO>-(}IHxQ`VCm#veK%e6HHkx~7(ELH@ay2+7cvvtn^# zizI|HD9}6G@YTQ2ER{*fr3IA>(EkS|7T9Y;4I#daGGYcV8h)d|B*<>J zeB6_s@)?gvD7?>MnD(t~XlpzoG6N*3*sEBCC~ccu2mWRoD#x`;jp~j|CA4x;0G`+g zIfh=nh*WJuR31IlkR{>66xtB$ey3omy6=?)S^!xsX%cLUnKx1|)V zV1_K1?+i6=(sK^jyn_56Q668l?RddpJU^Enn^y%w68L5N9bKVYU1h|;gUM26rNgb& zOp0TS-YL#GvDDRH^SJ0kys#c00v9Wi9)1-FprPgaB(e{}1q6@_lAqM)#ZW><3L|@L z_+!&dt?LhX#8j%Wzw;in@NsymWZ49r%%YnMvbc-0DV#L-o;h*)sWJ)&%{e0i`Sz{r z;F5^9+gQ${E9jTIlC(ldU$giNKqbOar_i$^`+eRct;ScGtKRE&3^)zDXXM}hXLDen zPq-#3M`t58Z-fF2wlsBaoh?1(meo)Dl>)sGYLT}aX3mNs97MHZ+l@B8G&zXIiU72; z?vi9MP?juf{&$pYXb0nxv%mUrN+X+PCH52yw2$E^^6nBuN?B@PQpyh82WCm=bgrIl&o}_!Zq<|-W^-5FRNLkgn15Q1lAZ>MfL%; z$%0#z7HB+n47*`^`wd5`+2{onrP0EmD4De95)`i}?3k$8V&jJ$QA%+y-cwy%`h5{$ zaM$Ox+T;CYvxb)D5Ix{mLBIJ0?bx!NSI_!%)_)j(fAZ{yF^y|M5zycYr;NnyR=*OJ zK1R%0jqFZcX-1mbEn*p7?l@?i2%)qn?N;s<_!kC>WUd=2NO=-3dP?8)^`JO%32HmV zRm58cVMhrJ$8-7bg2!T&W>{RxEh}#2AJsgAisME~T_f;e)mhszcDo`ak`WL}%Am%K z4euY={Vx+?KoYoU?53z>^!jTnV7%c+5}7Vzc?6V_8bDJv~bWwB} z%%!!BD{|JJau`e63Fo9T{7d9|2ID^G{u!%F%lm9(@bbF3i|TcA&D$V;0p;rYxXDUI zr$&%Fr^QInef)SnrI$x``vb83`P+cv`V22N#S{0PGz7}Jb4zZn(0x<=X*D6?< zNYt^_Y#nU8DEr0-hbhQkG8cvkl{NXg00ri8Bpau^NSeuy18!wMG{mjyC#C%UTQo=Z zd!?Se-dfvP=kEDLnJjw&WEu$7&j!DIW5J3s5;iJ>g|$kRzUBiRA`RMo`CT9ZSu#eZ z{}+-sUtPNMrl9{yVS2$XwB?69m^W1MWC9e`{JIPNSi~@XR;gJNOy2#Z>-N#S1t@-W z`wc;0Twt1&?T-Xi*RzP`7UPRaax4AFz4zfg=@^6F2&WsNV1o|SAdk$+kz<){k3RWJ z$f>zos_M<7*T$G54iB`Mu)7w#(A`f?cdJntktQQR)&4Wsj6^@@efj55K|?{UL|t5$ zO;8evEmS6_UKntF3N!hMl+8CjcdN>5gd{r^F2v_IhP~W#RLGU{FndF}SWrgq^2mn zay{uAFi?z?*61*+ukslTS+iW+em!RXZI2iTyW#amVLDCr4=R@5;pt4O={FG{&g5x9 zB<{)pXzg|@Fb9^GUm|5<{^}XIP2)*^L-|_y{*>v%ry;Gj`Jm&)qfZNw@5KLbD)liZ z2d)3!>Ou|WEWM-Atty}J{l)>rOd~2zbnpM-lQ_%cE0197B_Ly z6g!B-#)>Lu<#Oe_Z#X>dnG;r6=P%T)T4y1MDCsmY5rr?;C6EA|2EEE{^U_{*Yz#af z4dt$)6n=w=5R>`T#4`TNN3+iFPCe4)GXjkb0Vd5_-5_eXl_KFkzrH$mxE}Y_UtWSV zxqmpLSh%j5B^ocDTHC2B6)uEY^_~+6H~Cw-He$-UxM$&G02*~&>TY5ql2Id+#a}hG zIV22$IUid|r%bc%P6hU-E+&8dc(ze1494Q$n3RxiK@CS|#$dbMsWiCem0sWE7Vi!o2=C(Ea8Vx*4w(zpgELxYnhZDq=-- zo>Fy9!E#%RMnyZ2R#&DTp9{RAN6+067j`tm#3SWNc>WGEx(c5`Q0rqF-`@L*M=?Y5l&;30ltte~Mj`E) zv!Z%b=_i2`?a^;foTH^k65!y1MjQM_p)UK+h41GN`%OjIo~oMoM((2fxPE?7eGbJK z<5P2%Dl*FBaz0FHWzYP8bBqE4;)l4PA&Oi?z*>ILZ?mM_&*>~AwS-yZq z>o|ugx7g*hZxnv-!u{r$Vc-5;VYD&qvGENV_0)2+o8~JGUxSv)y%;FBB>pQw8YIjs z>c>ty_gg%jtz$L)_|A$dt5?z(}{+nh{ z=w46>E-m=9)oXmGqcXf>=ed+?U|PcxvS`cG6H0TppUeOFD`==5p6D_A2oygbEdITl z{!F6^L=LpRp{Go!3?HI}A)4vk{KV z6B2Ia!+rv_qIE<1U<3w}1pqOMURlOWT=spb^{}QdxMmmL=cznTlmQ)v>yXaU&)k$M zQ$zKL9vY*r{wN(R7lrft1fAj>xPWYI%U>j)aFw`UvmAaJg}-(kFn^80r38U{52 zV*l>P$cKX}7Y)zfP5&`ob-i)S-|DqJ z9UJ~`q4{&O2Z?ccQV7S!6OQO7;{Dc?>}j7I7)U{#akSf(IoLI#vxiSe#5xLWS6lyW zcFwl{p)0P-RJcHfa??9c@oxX{oubgxDHm5W#MmVAvY_jwHnfiEaT;0L6S)Mq0R0wZ zL`8v;33a1lCvv3#xr(%Nk2XV7(A00Jt-z(WVWzXC!GV}^zm2KqobNHrs-ThoWy1C2 zi^pO2Df39c`GtaP4{8PEmLVJ9uY$4~fgQxA=Do9gvQl69D({9b4frd=Ri`?+28fHR z5v2`!M~mH+$%n7SmKW4WlS7&-gdDW*D~--b?w!1Qa8K&wVZX-gr$wHnc&B($s_OLf zd9jvU?!52wXM|hvn(u$(tzU8CPye$R&^c2Eone?~7h87^-9SHBqGyYfcLKG?Cg+6& zPYWT1bfO21ZGA!;nY(m@CU`Kb5{9W}I1*1;0${Eg!U1AZQEqtk7UTX=7sZgf{;H7m zN0G+<<6cjmaB`birp@M>jM>F2E@FQek4DnWVNcu< zn`SRXa%YG&CE``Uq1wh@>g_l$l&!6q@S{s`(?ZgZFXez0%(Ve+y+#U`381Rth!h0Q z^gNMk4Hi$yNLrE@S=`m%e^EJwiSMfUh%8_*yO5Y`H2vI9KVJQ!!Q~B6jvTG5vrml) zU>Y`MVv;c$95AJ>=$gJa7yiEH%$UP&=K{U>KC?Qgk+^iX|DqmM1WFr_v@qXOm@Z(U zLqn@r%A^6h|NWuE7ki^3Qx(^<8$5{YPWcLs4??IZ(-cIk-N;1j85ic);O!4s)hM>$ zD58z5C7=23NR7*EY}rLcXu~Us51^+20-Bjv*47E z$tk?lq(jscRXVPD)2J>!5WYXOv~XNf>#ktIw`TLF0Y&Q`H~ZvSw-gO+#t5ME4a20F zUG37T>*?j#pfxcCI^|0IZPHUTzV_ftSWqQT+Z=k(iWHuoM72ntl6xr?4+j1s&4 zZf}3Zja?5)r(bJe4%0tq-qsTW>k`Jqa~|scrHY{(kOUhW$c06st_+1kxeqsN(m@8g zvgykN-$Z-fwO_ zO5b}=M{RNp^higLC}WbE;Z9NVjE>)tFXALq08OEcW)N%G)CPAYP44Icg#N={@}&s0O)Eimf0~6~_|W>?CM?eBtoQ~eQmN_t*uAw~ zo^L!6)qN%p_-n-_`Mxr7CF{XD^`D+I;)Uq{0?${ zqPDT+_|+I)#is5j4<^BsYTdGMR7bZ!^A+Up$waikmiPT7`eEp{Im_1-?l1b8!lU~Y zk}?b3uC42Pe0_!P;G_!OCGJPPB3vkRe}KD}p76#(e;dZ8T3K=!HV@p7=GxtJHd)$} zl%2optD4&ivAU)!`)m7BKRMl1n{+0F^TAZxdf7v4RLh%??1A8!cmwWsDV(p}NK`e*15|9{-lk z0Td|=eryiwhui@BNJo9JZkNZmyN70|*$n2lmvlmEu3horW02iFHzkk16dNi*C1n^8 z``CCoiF8LyKEo=m1dIej&7Z+bbxMOV!7zPqzA^1~&O&!7AR{=@d>xnMi7XS5oF)TWDF_Yfput59{D&*XFIJU5 z8u3jCqC4|~xb=z8Fhb%oy-ki!JbuAH8; z=+Rg7AqQB`x#^u5_#du`@*S`YjjV!JP=Cbp-0bp%?!$Bxn##~*DE?z7$hZLy-RcSK z0QKC>@u*xinrF`@-G?1*CKkWp<@b!^r2j#rbvcYs%5#SVZjgZEz1E~2BRL10kn!JU zX<$v(QQvX&t7vA>KFM&oLs8Y5@vde9MjD+SS|$>sAONm?;R&nHv?v+;Q4-@|JUu1U z24x!}NQl$%R>?#%gg8G^UcS&h{X;qqP&7_Tb6_r_^>=xE)R28;^tCyx6oK1}#0X-d zqp&C!H&+Gn%Jl_Q#j%*KFpt}JPLnQ16+FbcouO%6X9AgSYNi@%i#7Q4%`feop#iYB z@QK8>^_O6p0$G`1C8)CyrF7XWZ8uCeQL1y)-&bt=X`OE{gLUa=kxe=Frr{?8UQI12 zM4o_$jNmcv@HglXG0dM>Y66F=NCmLjh_dvmuj@-v7v1-rJK*{+@3zJ7s5SVG=W z3;)WAb>&6APX(~*EQ^?3xv8uArx!`aNwDow)FLTy%;JwP-=6@a3dr&BmdW&U6a{Oa z+@Iljy)ol0r;tC$A|!)lkO?;^@lTx5mDTs=AHxbg>>wX!5#oxvMt(N!{U&NIpQLw$ zRf&Z(Qij@czWocAeX~ASWOOH*s)1JxZ@4Sr+lNel@5-I|zK?Zdn61d*1glXA8Jo+` zLf^wM++meT`Wf9*d1E!h@kK@+9557{?h*k}k$huJ!_AGmr#0aEE=po*!QscI0Ujm$ zM}0orQH$17wN{M980qd7Wly0mX5<57r=U;5egE&123o(!8=Uvlt?2l zOjDH_vbGMtg-nW*y9s=NxU8#fKxv6ab(F2AC;lDL&zI zwifntXO8v!ppbAMZL0WG*^;&y&ee>SUvP3XnGYAPJ!9}mT9fFk`A%JdjfksF_I%rp}QGwN< zh=k@l{UzoW*kjmd#?W<@NV2m1-V9Gp_L6bmU5#J{+9Ayf%eo2kCU~wz3_9y)j6G;)etA&pGkaMfZFk}xmA zD^B$I;vCY&R3-aSIM-GehO4X%2BS(-^iei^w}q+un4?ANRUID?qBj?A%5jeONbAKd zS*>lT<6O0A{wZ~lcT;}iwU>T42E~cQaXot-z71HWpk1a)!|jZc{eFJ=9?`X4=G44r zpa|`?hn+)?n8X|w_5_sn{j({^*mGcG^tzOT1BbO|sZVp4lt>GXNsyEK^x~6V&N3L` zp%B(57qYtFHgJ>T9ja~Tt^4Gz>2vL{v&>;5_^hU>z+hJ;R!wQlNyFkNKM=G{sWHQ% z=gn@k?tt06z=yQD^7@}Y{_lSU?;X7fv@R}KfaxM9hRW~GJ+-Bq`k5|iFnu^*N8ZRU z+NcE(R5$TjUwPasDsr^>C>``4yrk0m#k^UXbC@UBK0EYTDTaIGsb|0AZ{4m}ceEw2 zv4vhZ0u%`~q#`BjPzHT<4KUyA?KGf@#=0!lX;?M0{<&MVvK*KLG`NwU-i$a+u6MSM zkdzb;h>D(dQyj~&sT#UHtYWkbe_3TA8G_DA2_1Kw#tiTxj34l2s)S^rGfSK-gz8!7 zr3~+1_?<_V^WVL8po>}?OK~gBm?rZaY%&J~r@e4)gLJ3Po)02GL$B)p6i}@@EzP=h zPKl+zn<;5-p?TU0bXto8akT?+^xaQF!Yhqc{g@RKIk)fI)jnrN*xrxs=cbp3+f_aCZ)h6Yma7AG%?muO%kSmjwZ z-Hpy&o#J$JQ^IR5O&A@(>VWpA(}Sse0emUMn$fL`W@(3q^CORv&NZestrWW3QC(6g zyeE^vMwB83oCy(DrlEV>V@D-j6_jdO=Mngcid&Y-+Inzc`lShuCC@7}?fe>tDC#o$ z?3=~bqVON#Klb(sGYQyW`ERSM)hlrBl}Z)F{o7B;>EE#^2*q&hQR zuz_qR;dv8gZ&1v z)4Nfq#7AWok}C=pD!390N%H@{5HRQ$Uyx$qy3xU@U?Ayo|Je1M6}^9gym@5 z?!+e_qODrYWWSQ5W1GkJXSIF5m~{nrRvAmSDuTr>tamVZHzmzYb#T&pjF(vG^QG*# zRY5Kdb(|x$-BKPYHha$x7Cu?*tfb`3%DgN0o6r(~9Di7n(S4ORVIMnBvQfgvS|~++ zwvhDVJKf?|HE|GX>vuuL8WSg_uzWMU?bW=gT`M+FX@zl~B-21S%>|N-Ze1c-bcmqE zSCWxH$9{(Bw=y%O;l&$84c;}?T%KW77PcLW!BG@oN^#nK_DRz=mCcrlL+`W<(G&LN*mJvgMTU}?+LIp^?Vg_dhYCtD`>kL_LMee#Ea`hPHU#_{1 zdJ;c=Sp4xb-I*G;vS=zh^gTaYk|_hV^JvnUL7s*p22|(kc9JmbGWbL8v!vGhf3G5qiO&^xsMHZ} zi~{_2w~IL2v*^aTa?X9QDE=D+LAIRvQd{pqiLQoL-BfQNf}jtw;o)x4Npm6rVQrQL{gN!Vi;_1ET4_+u zY=){=N-UNT^8r8Y5q;k~{b{AS7NG0{1hilCtefgYo_8^rCDeb5LK#D{aV01ZQ636{!cu+XFczE?ypY z*S5O40wlU37dq_&7jq4mdswsoOZUN~y(?S=SJ}OaB|sLMC!87J!DsOInR2nRsX(3n zxJ%8+)I-O%CSPfgBsyKK<;H|_$c1xU?&&TCC>T4EmP_wdq*#4^zzVprO5zysUqidE zZMwufOQTC7>&5a1>g6K{xBeWrs=YA6)szv1) zs70U5ApaqmgcJt5tXv&gUQcNm!u2!ynJS1K!ov#7m|rqu%`q$Nylv}7V`J2-*gN=I znDJ&*Hyc_Rdzij0R&4J8=LSlWNO@_gB6eU6y776^wygci_tWsc&y)ENv1vEWSJ}%i zF77fVCeW9OSV^;XWPK9hf5gW|Qkod;_@<1wpZIv>Qi5rjj9AuH#(=GL_w;9jx;NOC<@CPZlTgF10tx3-H=_tN?=mVbie0jV;?!d4cigpE*#MQgW+;10_`cTeEROh45jV$ zDXWEkpv}p5s8IOo=p_0}{k(xdCWb`6fQ45Y8;P;q4Z2)UR`yle$mtizU?SN}kz_q7 z^5KaLJM-1yF&X}Ya7c#RpzpBm*URWcn5hrnX|(w&WRl92?|Ns<<4#&3rtY_Mmp%$( zkx!#5m_>Kx-YcaI60}rIbol^iM!KY_g4eYW{YZlsW9DU3E`24Bi@`kC=PoXc&wkYs z-DQ51iu`$|)xMtnKH@TT#)0ix?e$ig`{>MPt+j4dsZdFU&gA#czFPG{oxm2w{AyN) zD-|yx)9mL-Ty9iaf%`=t3(0}JyK?HM=NACPitSQly(@7+mat9>61ppoJBScK>J~kmYjeZgZ;tt{giu7&cLT!LeFL0DG45 zZN7WeKDGfp?m8+n)NhHl$wwS#552G*Fj0Y2UdZOt1&8=b*bg~z3hCP5@cposBoppJ zbSJu>RlzQmE163m&IMe5b^*OJD@(yq70Vk3FaAg`%dwzjrYc+ZSOMmCZ;_utC8auL zi>vm2d~Rj)y2=@9a@MunvW*0fvI|D#$yX9&WpwLg;Q^aNSM$&M4lm%s{-|MJZKE%_!-39IWK zZRdv^e+vOhp8%@``$Isv`AFvdmVI645M0z-PbPlv-#C1H1cAmKz*d+G0tm4L5XiLC z_#s1?LCLP)oLwuS;FwhDz-*&>yjUGhBHOD8`@ubo>2PBE^SU-tV<|Dv>qb6;a*CJ+{fl##=iJLL-Z?itro~EVQSlU5vm^X ze)@~=DM|zd$G;#zTxv<+G)pZc|LkmG8!Dhn14b*)!&RBGJPXF%9k;LyK$+n9x&~B1 z0YGDHjCd!B|B=H{U_QsvMw z#b3m8Z#+I4_Aiin05MSEayBc^$NAc^r6tF$6m~$>%{6wd$Delhau=Dj0v(eQc*J$cOV#5^=%Yfh)%@OgTrTyBHLcfTr{n^ zf43bWcy`PJZ8tjovGJ=zEFr%+ycKwHKC%+nk^qRnfVQBoxmLe%Q)4j0UbrzbNaXeJ zzUQsQ;S#VbcO9c-30$q1xk42oF2QAD=F9`V$#b4SIa7w zoo%(nv^x$I+m#a2iWe+FAtmC;vmIK&9c>CUk8tYGOM9JvFj^b4);J4;2Akao?*dA)xli{A}+t z0P|zE+Mk_4``$j6Y`+Z-<-xGkLD)K>mSk)M0v3I2{~1z#Gx=Ld6l*YWdTw3lx1Hya zWrjCTCKckabn-YZ9r=^CAbhf09IQso0*;_gP7t6$Cd(fD^MD?h)K1bAB+QQ+MKQY);%?J4WH+tllF zMf{Ph@$o6wD`SS^dxIGd)o!a?=RORc^3iMZN(3(=%dv2gcqPOqRU_RK5&d^aO(Pf? zS#Xot*IP@^0tisT{$xZNsRp9RE1hECoB5iWtv_9A%sHHHAoglpPPT&gdiJG`Y32GM z_gLT1av!SgWJMkYUSv7jh@;T!nOcj7`)BY874`Z3_BI*GUzrO8Bf9?R+bdCA08rd^ zKv#wb7o|2B^&S^u`qGgRxNR(!`Sit(FNn*-)egca0o7C|&A9#@u*+dr%Q%7q_ucf8 z_YYK`c#zcMDwoGMDZy8wI;!*MA7E_8N5=M_*tvJGJ0&Z1IbqWhB9k|*856b3`?lrB zjrCQo>#AgC3gH+i>qw}fnxf!Ws8I=)RehCY1^;Bv8hLsG+?fw)02d)P3C^5Yxdr8a zPRJ)T4;c%-;c7>`u>r9BdQNz-Hy`eAn6`TS#t+@V?WDPA|0c+hT0f~6&2+8YJy5^g zVR+Im%ivPr!4#@(`uOy(o~C7Za7)S%H|wuqfxoZ+GQ@b#JGC^!Cp=1Fnc!|wEZwQm zBR~{(9loA$l^NJIl*+v0+GPTWoilhq6rCqWiG>@tzl5S_0ao!XRt6eUVg_Yr3Qu+J zmCNk4vnxtHcMVt!6X^m~|3eAP7WP)7>qVTMS=w7@8B~M&NP2_9zVf8G_Cq#HgQ?D2 z|5s%>$#U!4$9b2mU<#&;Z)9YWl+QaJW?mq8*5?-m6@+9(xRf42S_tX@Y9;-W=Qx*k zqZ{0~E@QN^chzt6kn?f|>hHa#!;*tDTi6$nFTkB_r%Yf8`Tci)>QW=P*aXizugc|| zYv(fl-%H7I+?>tiO-bAcYWG<~$IW+7 z4dlTQo)7dPw*XvP)0)_09shq-Uhi?msB4YW8U6z0NcSFXQnb96vD8UEmj1)BXn#v0 zmoS8od3pOP5i*76A`vajS970vUER5UX_|+yDB)^A10F9zdAz!B3O}*|JYF4G)L_tm z78MPMgvqlvjG+Qq&(_puZtZ?_&PZMkYK2SAG@=T^9v`{K4fnHJ=bQz z?bXbwZRGr~@WVH2L5}Ovf85i)xNwmCkZOKZ@mqp1?WD4ZBF?c}G{zx|et9?^rJZp* zUnuu#E?FtN#*c!Jll|hr%PkTJq_Rb4=T2}ow|-@cwj=JJc+8jDvdzE6&%tBihfJEo zxWn;gNpm@0nV)aEXemDrrY!(z@>8V`|UfzbD7eLNp$+ zUHdiVQ}Gbn#744q))`%z;O1?<(MQWp%T+rKW+(2k&fN4katZ2>z60+Lu3Kk?I+-`+ z*5&H@_JWe8f#B!;wwn@~%QU9~1+di2d~m!LvzV);1^`oTN$ld!=>9aVOvf^4^WQJa zD@TvqP5=PX2bc!nG{S*|RwuUj9=A(k)8E}TkUpz(FKUd%BR!x52%|)0`z@=x(_xmg^rzAISlPj zs@#Jv^3sP5SUt3$3m3oV{n=S;0bsj$a4LmEP24&UB6z46R>-fibOL(yu+hKUdCLc&AI+0zbZ}& z_vqAuVgeT@=u1we$(C{vg3^SCti}y5>TvPQD_=X6+Z?!z-{}CdqW3bE$n{fbkj%#(vrny3)}Z25liTWX|VGWERIo`R{*9`N7C07M&BOc@}FIMvx6kuxJTP@)$0;Ws~U zoq20ffkod>mJ4rPw-tC z^#P#rB^vP`&lw&TR>0In!LhS6>U#-4AxFc=#3epC$3ihBJ~;iWmejKhs6jZz!a3*y;Q02X zd#5r`{5QtHTAg0e<_3Y|N(Yo}?f+e+_HO(Ud)_hWk9;?9ArriqlL%fs=CtUDhHDzO z1DN3Q2JF0G#4Ye#@MPTM0`aTY%b@fp&x*6MZ2`cxVNoGL{8kj+;L4E=-8^?N@R2L!u{R64=(L2LTT`Ro)##)Z^~yIaHo@A z-XPLmztZ2vPa2mNwQa7TV^?qfKnYcALuTZe7Md^8QLb3^NDwA}b!p`XDDQ`?nE1l0 z@JWWAomMwRGGJvZK%wb~g2}mTcEpv{=f^@j*V!ai<=%g#dhea)Ao{!oV6jVhG8_OZ zOqF3pj^zRttQwAo5+RgpA%y_bUKM>(xk*f|Xr)3m>TlKfu29LmWWD18`~)eJ?1~sM9&IfFG3mQFnnP+sS~> z#wP@_jtzI%E!Bk(9Imb;77)kXTQ6a=xZYDX1j0fPN*{V1EJi*&r40yyV*&O2Pd>pi zob*hfjSy`V&xucx{W?~kPkyqHwEATRDF5Mlhj5BrdW@ItT>jF0xbSr#EfiSTAI;Cs ztf$l&@Rqc!8K{k*cU&0>;8UKN@Z!!#*^&p0HN;a3mAk~$91g0V>8#NBWOzkD&iNlj zr_N`7ywl4l;Hgn0{xHSct7=DK?mfJ1;M<&D^+(IZ&615ppN}O&?#rx6OE@L>n%QH} zS|Fz5fm@B%z9KsM zSDz=3Kt02r0wWzm@vu(cyvyiCUU0=(wz8^zngd3HCd`!vxz7W!lBBpm^ogPCYlAQ3K|*slGRf}sXxRIK>9|KyFMYhp;Ta&Z&%! zkBuE0E(M>TfnmoD_Lu%wN?=SXow0@ml~2~hQ@ zi68wxkM1}C#cHXiGZTIVTp0(OE47clfO9jcqTm8Zy{u3+0fD_Ve>y66SleZP68w7R z-eRwN@TZU|cZr(60F&;P<_7-55pO@_yU{w^-H%Sf^nH<1$JoE@{U+Y@g{EiS);!+? zsIYp7m+16ABs)jbvNU$Af0=w(wKBxRm%>~3Ji%I&DO{uH`jj8=@K)Sy>u!o_|Ipno zo8qrrRFr|P$EJ^+FN3k3jRlt*akB{qG4Ol-2LRDrBDO?}wqHhFczHd6VxXtLs>~qt zL?a}>_!x8fAwy7Z5bCrg|~DH;M~Dg0WyEW54ke>-E88E z^NFZlQqLS?@0`1tdbtrXKJKjM{yN>WPZfK=vtCEbC+`f+ejq?cAg8-T>np8f^#lID z9n(D2zNYqC<{MzIe-CiD#fn$xc>mvTt?XiM845DSfeyQx9tQp1T>d5Dwb6M{S|p`ul7kO9)B*PH>W7w2NHxw3@7~g z$6LVr@%_U+q5;xwslbk&mQYarZf_4kzr$iN(_Rbu{RGaoP5H+b0lbk47|;fVibsKy z383;1SY~!G7y5ujITgRU{w~&vy%@EvLTL^#bak$;jb2KZ+KeusN(4S8(Bv$ z*Gq*mDsj!2HRIR!Zy)5(&W+SOw6bB*)_04#!R;Bg9c_OK_hg*0gM>n9y!1r(s-@uc z#<~0wyU6LUz-qL#W4YF&9m2k|*H+vztpfI|8~l9!zRO=et2uI|Hpr(6AR8Bp`KflO zAJV+_{QZ&3)6P{h2(mulh_e<5{(nv8jL%*3lovw4We^6hT`Zo8`L_h$JoK{V`i6}9 zd+PHTl(-I@WC_(?k|uuZ{~iwu-|a6T!Na(2;hMs%gY@mBIH&`<}dz^k1rE^n{@x6v} - -# **DEPRECATION NOTICE** - -This project is not actively maintained. See [dshearer/jobber#334](https://github.com/dshearer/jobber/pull/334) for more details. - -# Quick reference - -- **Maintained by**: - [Jobber](https://github.com/dshearer/jobber-docker) - -- **Where to get help**: - [the Docker Community Slack](https://dockr.ly/comm-slack), [Server Fault](https://serverfault.com/help/on-topic), [Unix & Linux](https://unix.stackexchange.com/help/on-topic), or [Stack Overflow](https://stackoverflow.com/help/on-topic) - -# Supported tags and respective `Dockerfile` links - -**No supported tags** - -# Quick reference (cont.) - -- **Where to file issues**: - [https://github.com/dshearer/jobber-docker/issues](https://github.com/dshearer/jobber-docker/issues?q=) - -- **Supported architectures**: ([more info](https://github.com/docker-library/official-images#architectures-other-than-amd64)) - **No supported architectures** - -- **Published image artifact details**: - [repo-info repo's `repos/jobber/` directory](https://github.com/docker-library/repo-info/blob/master/repos/jobber) ([history](https://github.com/docker-library/repo-info/commits/master/repos/jobber)) - (image metadata, transfer size, etc) - -- **Image updates**: - [official-images repo's `library/jobber` label](https://github.com/docker-library/official-images/issues?q=label%3Alibrary%2Fjobber) - [official-images repo's `library/jobber` file](https://github.com/docker-library/official-images/blob/master/library/jobber) ([history](https://github.com/docker-library/official-images/commits/master/library/jobber)) - -- **Source of this description**: - [docs repo's `jobber/` directory](https://github.com/docker-library/docs/tree/master/jobber) ([history](https://github.com/docker-library/docs/commits/master/jobber)) - -# What is Jobber? - -Jobber is a utility for Unix-like systems that can run arbitrary commands, or "jobs", according to a schedule. It is meant to be a better alternative to the classic Unix utility cron. - -Along with the functionality of cron, Jobber also provides: - -- **Job execution history:** you can see what jobs have recently run, and whether they succeeded or failed. -- **Sophisticated error handling:** you can control whether and when a job is run again after it fails. For example, after an initial failure of a job, Jobber can schedule future runs using an exponential backoff algorithm. -- **Sophisticated error reporting:** you can control whether Jobber notifies you about each failed run, or only about jobs that have been disabled due to repeated failures. - -# How to use this image - -This image contains Jobber running as an unprivileged user named "jobberuser". The jobs are defined in the file /home/jobberuser/.jobber. By default, the only job is one that prints "Jobber is running!" every second. You should replace it with your own jobs. Refer to [the documentation](https://dshearer.github.io/jobber/doc/v1.4/#jobfile) to learn how to do this. - -# License - -[Jobber's license](https://github.com/dshearer/jobber/blob/master/LICENSE) - -As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). - -Some additional license information which was able to be auto-detected might be found in [the `repo-info` repository's `jobber/` directory](https://github.com/docker-library/repo-info/tree/master/repos/jobber). - -As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. diff --git a/jobber/content.md b/jobber/content.md deleted file mode 100644 index bfda592de..000000000 --- a/jobber/content.md +++ /dev/null @@ -1,13 +0,0 @@ -# What is Jobber? - -Jobber is a utility for Unix-like systems that can run arbitrary commands, or "jobs", according to a schedule. It is meant to be a better alternative to the classic Unix utility cron. - -Along with the functionality of cron, Jobber also provides: - -- **Job execution history:** you can see what jobs have recently run, and whether they succeeded or failed. -- **Sophisticated error handling:** you can control whether and when a job is run again after it fails. For example, after an initial failure of a job, Jobber can schedule future runs using an exponential backoff algorithm. -- **Sophisticated error reporting:** you can control whether Jobber notifies you about each failed run, or only about jobs that have been disabled due to repeated failures. - -# How to use this image - -This image contains Jobber running as an unprivileged user named "jobberuser". The jobs are defined in the file /home/jobberuser/.jobber. By default, the only job is one that prints "Jobber is running!" every second. You should replace it with your own jobs. Refer to [the documentation](https://dshearer.github.io/jobber/doc/v1.4/#jobfile) to learn how to do this. diff --git a/jobber/deprecated.md b/jobber/deprecated.md deleted file mode 100644 index 4ebe5963e..000000000 --- a/jobber/deprecated.md +++ /dev/null @@ -1 +0,0 @@ -This project is not actively maintained. See [dshearer/jobber#334](https://github.com/dshearer/jobber/pull/334) for more details. diff --git a/jobber/github-repo b/jobber/github-repo deleted file mode 100644 index f2974babe..000000000 --- a/jobber/github-repo +++ /dev/null @@ -1 +0,0 @@ -https://github.com/dshearer/jobber-docker diff --git a/jobber/license.md b/jobber/license.md deleted file mode 100644 index 91922f433..000000000 --- a/jobber/license.md +++ /dev/null @@ -1 +0,0 @@ -[Jobber's license](https://github.com/dshearer/jobber/blob/master/LICENSE) diff --git a/jobber/maintainer.md b/jobber/maintainer.md deleted file mode 100644 index bc73df28e..000000000 --- a/jobber/maintainer.md +++ /dev/null @@ -1 +0,0 @@ -[Jobber](%%GITHUB-REPO%%) diff --git a/jobber/metadata.json b/jobber/metadata.json deleted file mode 100644 index e90624aca..000000000 --- a/jobber/metadata.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "hub": { - "categories": [] - } -} diff --git a/nats-streaming/README-short.txt b/nats-streaming/README-short.txt deleted file mode 100644 index caea83c13..000000000 --- a/nats-streaming/README-short.txt +++ /dev/null @@ -1 +0,0 @@ -DEPRECATED; An open-source, high-performance, cloud native messaging streaming system. diff --git a/nats-streaming/README.md b/nats-streaming/README.md deleted file mode 100644 index 754bd8dc5..000000000 --- a/nats-streaming/README.md +++ /dev/null @@ -1,340 +0,0 @@ - - -# **DEPRECATION NOTICE** - -The NATS Streaming Server is being deprecated. Critical bug fixes and security fixes will be applied until June of 2023. NATS enabled applications requiring persistence should use [JetStream](https://docs.nats.io/jetstream/jetstream). - -# Quick reference - -- **Maintained by**: - [the NATS Project](https://github.com/nats-io/nats-streaming-docker) - -- **Where to get help**: - [the Docker Community Slack](https://dockr.ly/comm-slack), [Server Fault](https://serverfault.com/help/on-topic), [Unix & Linux](https://unix.stackexchange.com/help/on-topic), or [Stack Overflow](https://stackoverflow.com/help/on-topic) - -# Supported tags and respective `Dockerfile` links - -**No supported tags** - -# Quick reference (cont.) - -- **Where to file issues**: - [https://github.com/nats-io/nats-streaming-docker/issues](https://github.com/nats-io/nats-streaming-docker/issues?q=) - -- **Supported architectures**: ([more info](https://github.com/docker-library/official-images#architectures-other-than-amd64)) - **No supported architectures** - -- **Published image artifact details**: - [repo-info repo's `repos/nats-streaming/` directory](https://github.com/docker-library/repo-info/blob/master/repos/nats-streaming) ([history](https://github.com/docker-library/repo-info/commits/master/repos/nats-streaming)) - (image metadata, transfer size, etc) - -- **Image updates**: - [official-images repo's `library/nats-streaming` label](https://github.com/docker-library/official-images/issues?q=label%3Alibrary%2Fnats-streaming) - [official-images repo's `library/nats-streaming` file](https://github.com/docker-library/official-images/blob/master/library/nats-streaming) ([history](https://github.com/docker-library/official-images/commits/master/library/nats-streaming)) - -- **Source of this description**: - [docs repo's `nats-streaming/` directory](https://github.com/docker-library/docs/tree/master/nats-streaming) ([history](https://github.com/docker-library/docs/commits/master/nats-streaming)) - -# [NATS Streaming](https://nats.io): A high-performance cloud native messaging streaming system. - -![logo](https://raw.githubusercontent.com/docker-library/docs/ad703934a62fabf54452755c8486698ff6fc5cc2/nats-streaming/logo.png) - -`nats-streaming` is a high performance streaming server for the NATS Messaging System. - -# Backward compatibility note - -Note that the Streaming server itself is backward compatible with previous releases, however, v0.15.0+ now embeds a NATS Server 2.0, which means that if you run with the embedded NATS server and want to route it to your existing v0.14.3- servers, it will fail due to NATS Server routing protocol change. You can however use v0.15.0+ and connect it to existing NATS cluster and therefore have a mix of v0.15.0 and v0.14.3- streaming servers. - -# Windows Docker images - -Due to restrictions on how the Windows Docker Image is built, running the image without argument will run the NATS Streaming server with memory based store on port 4222 and the monitoring port 8222. If you need to specify any additional argument, or modify these options, you need to specify the executable name as this: - -```bash -$ docker run -p 4223:4223 -p 8223:8223 nats-streaming nats-streaming-server -p 4223 -m 8223 -``` - -If you need to specify the entrypoint: - -```bash -$ docker run --entrypoint c:/nats-streaming-server/nats-streaming-server -p 4222:4222 -p 8222:8222 nats-streaming -``` - -# Non Windows Docker images - -If you need to provide arguments to the NATS Streaming server, just pass them to the command line. For instance, to change the listen and monitoring port to 4223 and 8223 respectively: - -```bash -$ docker run -p 4223:4223 -p 8223:8223 nats-streaming -p 4223 -m 8223 -``` - -If you need to specify the entrypoint: - -```bash -$ docker run --entrypoint /nats-streaming-server -p 4222:4222 -p 8222:8222 nats-streaming -``` - -# Example usage - -```bash -# Run a NATS Streaming server -# Each server exposes multiple ports -# 4222 is for clients. -# 8222 is an HTTP management port for information reporting. -# -# To actually publish the ports when running the container, use the Docker port mapping -# flag "docker run -p :" to publish and map one or more ports, -# or the -P flag to publish all exposed ports and map them to high-order ports. -# -# This should not be confused with the NATS Streaming Server own -p parameter. -# For instance, to run the NATS Streaming Server and have it listen on port 4444, -# you would have to run like this: -# -# docker run -p 4444:4444 nats-streaming -p 4444 -# -# Or, if you want to publish the port 4444 as a different port, for example 5555: -# -# docker run -p 5555:4444 nats-streaming -p 4444 -# -# Check "docker run" for more information. - -$ docker run -d -p 4222:4222 -p 8222:8222 nats-streaming -``` - -Output that you would get if you had started with `-ti` instead of `d` (for daemon): - -```bash -[1] 2022/10/11 14:57:50.404688 [INF] STREAM: Starting nats-streaming-server[test-cluster] version 0.25.2 -[1] 2022/10/11 14:57:50.404739 [INF] STREAM: ServerID: fbZJjwGYLBpNM5I8z23NSN -[1] 2022/10/11 14:57:50.404741 [INF] STREAM: Go version: go1.19.2 -[1] 2022/10/11 14:57:50.404743 [INF] STREAM: Git commit: [9e599667] -[1] 2022/10/11 14:57:50.406004 [INF] Starting nats-server -[1] 2022/10/11 14:57:50.406009 [INF] Version: 2.9.3 -[1] 2022/10/11 14:57:50.406011 [INF] Git: [25e82d7] -[1] 2022/10/11 14:57:50.406013 [INF] Name: NDQOBTB34ECZWAKAJAREPEXQPXGKUEJEZINCHV2CIHGGJQCSCVPQPU5W -[1] 2022/10/11 14:57:50.406015 [INF] ID: NDQOBTB34ECZWAKAJAREPEXQPXGKUEJEZINCHV2CIHGGJQCSCVPQPU5W -[1] 2022/10/11 14:57:50.406423 [INF] Listening for client connections on 0.0.0.0:4222 -[1] 2022/10/11 14:57:50.406679 [INF] Server is ready -[1] 2022/10/11 14:57:50.434935 [INF] STREAM: Recovering the state... -[1] 2022/10/11 14:57:50.434945 [INF] STREAM: No recovered state -[1] 2022/10/11 14:57:50.435271 [INF] STREAM: Message store is MEMORY -[1] 2022/10/11 14:57:50.435303 [INF] STREAM: ---------- Store Limits ---------- -[1] 2022/10/11 14:57:50.435306 [INF] STREAM: Channels: 100 * -[1] 2022/10/11 14:57:50.435308 [INF] STREAM: --------- Channels Limits -------- -[1] 2022/10/11 14:57:50.435310 [INF] STREAM: Subscriptions: 1000 * -[1] 2022/10/11 14:57:50.435311 [INF] STREAM: Messages : 1000000 * -[1] 2022/10/11 14:57:50.435313 [INF] STREAM: Bytes : 976.56 MB * -[1] 2022/10/11 14:57:50.435315 [INF] STREAM: Age : unlimited * -[1] 2022/10/11 14:57:50.435316 [INF] STREAM: Inactivity : unlimited * -[1] 2022/10/11 14:57:50.435318 [INF] STREAM: ---------------------------------- -[1] 2022/10/11 14:57:50.435320 [INF] STREAM: Streaming Server is ready -``` - -To use a file based store instead, you would run: - -```bash -$ docker run -d -p 4222:4222 -p 8222:8222 nats-streaming -store file -dir datastore - -[1] 2022/10/11 14:59:45.818823 [INF] STREAM: Starting nats-streaming-server[test-cluster] version 0.25.2 -[1] 2022/10/11 14:59:45.818874 [INF] STREAM: ServerID: mNhpLEpCO6WFqrnD9CYEZa -[1] 2022/10/11 14:59:45.818876 [INF] STREAM: Go version: go1.19.2 -[1] 2022/10/11 14:59:45.818877 [INF] STREAM: Git commit: [9e599667] -[1] 2022/10/11 14:59:45.820192 [INF] Starting nats-server -[1] 2022/10/11 14:59:45.820196 [INF] Version: 2.9.3 -[1] 2022/10/11 14:59:45.820198 [INF] Git: [25e82d7] -[1] 2022/10/11 14:59:45.820200 [INF] Name: NCDMFFEVOSPVVGQZVEQ3O5434LHF2KAPOR5LKAI7YEIAFIABTHQLZRLA -[1] 2022/10/11 14:59:45.820202 [INF] ID: NCDMFFEVOSPVVGQZVEQ3O5434LHF2KAPOR5LKAI7YEIAFIABTHQLZRLA -[1] 2022/10/11 14:59:45.820688 [INF] Listening for client connections on 0.0.0.0:4222 -[1] 2022/10/11 14:59:45.820849 [INF] Server is ready -[1] 2022/10/11 14:59:45.848443 [INF] STREAM: Recovering the state... -[1] 2022/10/11 14:59:45.848737 [INF] STREAM: No recovered state -[1] 2022/10/11 14:59:45.849050 [INF] STREAM: Message store is FILE -[1] 2022/10/11 14:59:45.849054 [INF] STREAM: Store location: datastore -[1] 2022/10/11 14:59:45.849070 [INF] STREAM: ---------- Store Limits ---------- -[1] 2022/10/11 14:59:45.849072 [INF] STREAM: Channels: 100 * -[1] 2022/10/11 14:59:45.849073 [INF] STREAM: --------- Channels Limits -------- -[1] 2022/10/11 14:59:45.849075 [INF] STREAM: Subscriptions: 1000 * -[1] 2022/10/11 14:59:45.849076 [INF] STREAM: Messages : 1000000 * -[1] 2022/10/11 14:59:45.849077 [INF] STREAM: Bytes : 976.56 MB * -[1] 2022/10/11 14:59:45.849078 [INF] STREAM: Age : unlimited * -[1] 2022/10/11 14:59:45.849079 [INF] STREAM: Inactivity : unlimited * -[1] 2022/10/11 14:59:45.849080 [INF] STREAM: ---------------------------------- -[1] 2022/10/11 14:59:45.849082 [INF] STREAM: Streaming Server is ready -``` - -You can also connect to a remote NATS Server running in a docker image. First, run NATS Server: - -```bash -$ docker run -d --name=nats-main -p 4222:4222 -p 6222:6222 -p 8222:8222 nats -``` - -Now, start the Streaming server and link it to the above docker image: - -```bash -$ docker run -d --link nats-main nats-streaming -store file -dir datastore -ns nats://nats-main:4222 - -[1] 2022/10/11 15:00:56.780184 [INF] STREAM: Starting nats-streaming-server[test-cluster] version 0.25.2 -[1] 2022/10/11 15:00:56.780235 [INF] STREAM: ServerID: jVQkB4KiIN4IVIuVoSumE0 -[1] 2022/10/11 15:00:56.780237 [INF] STREAM: Go version: go1.19.2 -[1] 2022/10/11 15:00:56.780241 [INF] STREAM: Git commit: [9e599667] -[1] 2022/10/11 15:00:56.809173 [INF] STREAM: Recovering the state... -[1] 2022/10/11 15:00:56.810336 [INF] STREAM: Recovered 0 channel(s) -[1] 2022/10/11 15:00:56.810612 [INF] STREAM: Message store is FILE -[1] 2022/10/11 15:00:56.810617 [INF] STREAM: Store location: datastore -[1] 2022/10/11 15:00:56.810633 [INF] STREAM: ---------- Store Limits ---------- -[1] 2022/10/11 15:00:56.810635 [INF] STREAM: Channels: 100 * -[1] 2022/10/11 15:00:56.810636 [INF] STREAM: --------- Channels Limits -------- -[1] 2022/10/11 15:00:56.810637 [INF] STREAM: Subscriptions: 1000 * -[1] 2022/10/11 15:00:56.810639 [INF] STREAM: Messages : 1000000 * -[1] 2022/10/11 15:00:56.810640 [INF] STREAM: Bytes : 976.56 MB * -[1] 2022/10/11 15:00:56.810641 [INF] STREAM: Age : unlimited * -[1] 2022/10/11 15:00:56.810642 [INF] STREAM: Inactivity : unlimited * -[1] 2022/10/11 15:00:56.810643 [INF] STREAM: ---------------------------------- -[1] 2022/10/11 15:00:56.810644 [INF] STREAM: Streaming Server is ready -``` - -Notice that the output shows that the NATS Server was not started, as opposed to the first output. - -# Commandline Options - -```bash -Streaming Server Options: - -cid, --cluster_id Cluster ID (default: test-cluster) - -st, --store Store type: MEMORY|FILE|SQL (default: MEMORY) - --dir For FILE store type, this is the root directory - -mc, --max_channels Max number of channels (0 for unlimited) - -msu, --max_subs Max number of subscriptions per channel (0 for unlimited) - -mm, --max_msgs Max number of messages per channel (0 for unlimited) - -mb, --max_bytes Max messages total size per channel (0 for unlimited) - -ma, --max_age Max duration a message can be stored ("0s" for unlimited) - -mi, --max_inactivity Max inactivity (no new message, no subscription) after which a channel can be garbage collected (0 for unlimited) - -ns, --nats_server Connect to this external NATS Server URL (embedded otherwise) - -sc, --stan_config Streaming server configuration file - -hbi, --hb_interval Interval at which server sends heartbeat to a client - -hbt, --hb_timeout How long server waits for a heartbeat response - -hbf, --hb_fail_count Number of failed heartbeats before server closes the client connection - --ft_group Name of the FT Group. A group can be 2 or more servers with a single active server and all sharing the same datastore - -sl, --signal [=] Send signal to nats-streaming-server process (stop, quit, reopen, reload - only for embedded NATS Server) - --encrypt Specify if server should use encryption at rest - --encryption_cipher Cipher to use for encryption. Currently support AES and CHAHA (ChaChaPoly). Defaults to AES - --encryption_key Encryption Key. It is recommended to specify it through the NATS_STREAMING_ENCRYPTION_KEY environment variable instead - --replace_durable Replace the existing durable subscription instead of reporting a duplicate durable error - -Streaming Server Clustering Options: - --clustered Run the server in a clustered configuration (default: false) - --cluster_node_id ID of the node within the cluster if there is no stored ID (default: random UUID) - --cluster_bootstrap Bootstrap the cluster if there is no existing state by electing self as leader (default: false) - --cluster_peers Comma separated list of cluster peer node IDs to bootstrap cluster state - --cluster_log_path Directory to store log replication data - --cluster_log_cache_size Number of log entries to cache in memory to reduce disk IO (default: 512) - --cluster_log_snapshots Number of log snapshots to retain (default: 2) - --cluster_trailing_logs Number of log entries to leave after a snapshot and compaction - --cluster_sync Do a file sync after every write to the replication log and message store - --cluster_raft_logging Enable logging from the Raft library (disabled by default) - --cluster_allow_add_remove_node Enable the ability to send NATS requests to the leader to add/remove cluster nodes - -Streaming Server File Store Options: - --file_compact_enabled Enable file compaction - --file_compact_frag File fragmentation threshold for compaction - --file_compact_interval Minimum interval (in seconds) between file compactions - --file_compact_min_size Minimum file size for compaction - --file_buffer_size File buffer size (in bytes) - --file_crc Enable file CRC-32 checksum - --file_crc_poly Polynomial used to make the table used for CRC-32 checksum - --file_sync Enable File.Sync on Flush - --file_slice_max_msgs Maximum number of messages per file slice (subject to channel limits) - --file_slice_max_bytes Maximum file slice size - including index file (subject to channel limits) - --file_slice_max_age Maximum file slice duration starting when the first message is stored (subject to channel limits) - --file_slice_archive_script Path to script to use if you want to archive a file slice being removed - --file_fds_limit Store will try to use no more file descriptors than this given limit - --file_parallel_recovery On startup, number of channels that can be recovered in parallel - --file_truncate_bad_eof Truncate files for which there is an unexpected EOF on recovery, dataloss may occur - --file_read_buffer_size Size of messages read ahead buffer (0 to disable) - --file_auto_sync Interval at which the store should be automatically flushed and sync'ed on disk (<= 0 to disable) - -Streaming Server SQL Store Options: - --sql_driver Name of the SQL Driver ("mysql" or "postgres") - --sql_source Datasource used when opening an SQL connection to the database - --sql_no_caching Enable/Disable caching for improved performance - --sql_max_open_conns Maximum number of opened connections to the database - --sql_bulk_insert_limit Maximum number of messages stored with a single SQL "INSERT" statement - -Streaming Server TLS Options: - -secure Use a TLS connection to the NATS server without - verification; weaker than specifying certificates. - -tls_client_key Client key for the streaming server - -tls_client_cert Client certificate for the streaming server - -tls_client_cacert Client certificate CA for the streaming server - -Streaming Server Logging Options: - -SD, --stan_debug= Enable STAN debugging output - -SV, --stan_trace= Trace the raw STAN protocol - -SDV Debug and trace STAN - --syslog_name On Windows, when running several servers as a service, use this name for the event source - (See additional NATS logging options below) - -Embedded NATS Server Options: - -a, --addr Bind to host address (default: 0.0.0.0) - -p, --port Use port for clients (default: 4222) - -P, --pid File to store PID - -m, --http_port Use port for http monitoring - -ms,--https_port Use port for https monitoring - -c, --config Configuration file - -Logging Options: - -l, --log File to redirect log output - -T, --logtime= Timestamp log entries (default: true) - -s, --syslog Enable syslog as log method - -r, --remote_syslog Syslog server addr (udp://localhost:514) - -D, --debug= Enable debugging output - -V, --trace= Trace the raw protocol - -DV Debug and trace - -Authorization Options: - --user User required for connections - --pass Password required for connections - --auth Authorization token required for connections - -TLS Options: - --tls= Enable TLS, do not verify clients (default: false) - --tlscert Server certificate file - --tlskey Private key for server certificate - --tlsverify= Enable TLS, verify client certificates - --tlscacert Client certificate CA for verification - -NATS Clustering Options: - --routes Routes to solicit and connect - --cluster Cluster URL for solicited routes - -Common Options: - -h, --help Show this message - -v, --version Show version - --help_tls TLS help. -``` - -# Configuration - -Details on how to configure further the NATS Streaming server can be found [here](https://docs.nats.io/nats-streaming-server/configuring) - -# License - -View [license information](https://github.com/nats-io/nats-streaming-server/blob/master/LICENSE) for the software contained in this image. - -As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). - -Some additional license information which was able to be auto-detected might be found in [the `repo-info` repository's `nats-streaming/` directory](https://github.com/docker-library/repo-info/tree/master/repos/nats-streaming). - -As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. diff --git a/nats-streaming/content.md b/nats-streaming/content.md deleted file mode 100644 index 0545e4133..000000000 --- a/nats-streaming/content.md +++ /dev/null @@ -1,279 +0,0 @@ -# [NATS Streaming](https://nats.io): A high-performance cloud native messaging streaming system. - -%%LOGO%% - -`nats-streaming` is a high performance streaming server for the NATS Messaging System. - -# Backward compatibility note - -Note that the Streaming server itself is backward compatible with previous releases, however, v0.15.0+ now embeds a NATS Server 2.0, which means that if you run with the embedded NATS server and want to route it to your existing v0.14.3- servers, it will fail due to NATS Server routing protocol change. You can however use v0.15.0+ and connect it to existing NATS cluster and therefore have a mix of v0.15.0 and v0.14.3- streaming servers. - -# Windows Docker images - -Due to restrictions on how the Windows Docker Image is built, running the image without argument will run the NATS Streaming server with memory based store on port 4222 and the monitoring port 8222. If you need to specify any additional argument, or modify these options, you need to specify the executable name as this: - -```bash -$ docker run -p 4223:4223 -p 8223:8223 %%IMAGE%% nats-streaming-server -p 4223 -m 8223 -``` - -If you need to specify the entrypoint: - -```bash -$ docker run --entrypoint c:/nats-streaming-server/nats-streaming-server -p 4222:4222 -p 8222:8222 %%IMAGE%% -``` - -# Non Windows Docker images - -If you need to provide arguments to the NATS Streaming server, just pass them to the command line. For instance, to change the listen and monitoring port to 4223 and 8223 respectively: - -```bash -$ docker run -p 4223:4223 -p 8223:8223 %%IMAGE%% -p 4223 -m 8223 -``` - -If you need to specify the entrypoint: - -```bash -$ docker run --entrypoint /nats-streaming-server -p 4222:4222 -p 8222:8222 %%IMAGE%% -``` - -# Example usage - -```bash -# Run a NATS Streaming server -# Each server exposes multiple ports -# 4222 is for clients. -# 8222 is an HTTP management port for information reporting. -# -# To actually publish the ports when running the container, use the Docker port mapping -# flag "docker run -p :" to publish and map one or more ports, -# or the -P flag to publish all exposed ports and map them to high-order ports. -# -# This should not be confused with the NATS Streaming Server own -p parameter. -# For instance, to run the NATS Streaming Server and have it listen on port 4444, -# you would have to run like this: -# -# docker run -p 4444:4444 %%IMAGE%% -p 4444 -# -# Or, if you want to publish the port 4444 as a different port, for example 5555: -# -# docker run -p 5555:4444 %%IMAGE%% -p 4444 -# -# Check "docker run" for more information. - -$ docker run -d -p 4222:4222 -p 8222:8222 %%IMAGE%% -``` - -Output that you would get if you had started with `-ti` instead of `d` (for daemon): - -```bash -[1] 2022/10/11 14:57:50.404688 [INF] STREAM: Starting nats-streaming-server[test-cluster] version 0.25.2 -[1] 2022/10/11 14:57:50.404739 [INF] STREAM: ServerID: fbZJjwGYLBpNM5I8z23NSN -[1] 2022/10/11 14:57:50.404741 [INF] STREAM: Go version: go1.19.2 -[1] 2022/10/11 14:57:50.404743 [INF] STREAM: Git commit: [9e599667] -[1] 2022/10/11 14:57:50.406004 [INF] Starting nats-server -[1] 2022/10/11 14:57:50.406009 [INF] Version: 2.9.3 -[1] 2022/10/11 14:57:50.406011 [INF] Git: [25e82d7] -[1] 2022/10/11 14:57:50.406013 [INF] Name: NDQOBTB34ECZWAKAJAREPEXQPXGKUEJEZINCHV2CIHGGJQCSCVPQPU5W -[1] 2022/10/11 14:57:50.406015 [INF] ID: NDQOBTB34ECZWAKAJAREPEXQPXGKUEJEZINCHV2CIHGGJQCSCVPQPU5W -[1] 2022/10/11 14:57:50.406423 [INF] Listening for client connections on 0.0.0.0:4222 -[1] 2022/10/11 14:57:50.406679 [INF] Server is ready -[1] 2022/10/11 14:57:50.434935 [INF] STREAM: Recovering the state... -[1] 2022/10/11 14:57:50.434945 [INF] STREAM: No recovered state -[1] 2022/10/11 14:57:50.435271 [INF] STREAM: Message store is MEMORY -[1] 2022/10/11 14:57:50.435303 [INF] STREAM: ---------- Store Limits ---------- -[1] 2022/10/11 14:57:50.435306 [INF] STREAM: Channels: 100 * -[1] 2022/10/11 14:57:50.435308 [INF] STREAM: --------- Channels Limits -------- -[1] 2022/10/11 14:57:50.435310 [INF] STREAM: Subscriptions: 1000 * -[1] 2022/10/11 14:57:50.435311 [INF] STREAM: Messages : 1000000 * -[1] 2022/10/11 14:57:50.435313 [INF] STREAM: Bytes : 976.56 MB * -[1] 2022/10/11 14:57:50.435315 [INF] STREAM: Age : unlimited * -[1] 2022/10/11 14:57:50.435316 [INF] STREAM: Inactivity : unlimited * -[1] 2022/10/11 14:57:50.435318 [INF] STREAM: ---------------------------------- -[1] 2022/10/11 14:57:50.435320 [INF] STREAM: Streaming Server is ready -``` - -To use a file based store instead, you would run: - -```bash -$ docker run -d -p 4222:4222 -p 8222:8222 %%IMAGE%% -store file -dir datastore - -[1] 2022/10/11 14:59:45.818823 [INF] STREAM: Starting nats-streaming-server[test-cluster] version 0.25.2 -[1] 2022/10/11 14:59:45.818874 [INF] STREAM: ServerID: mNhpLEpCO6WFqrnD9CYEZa -[1] 2022/10/11 14:59:45.818876 [INF] STREAM: Go version: go1.19.2 -[1] 2022/10/11 14:59:45.818877 [INF] STREAM: Git commit: [9e599667] -[1] 2022/10/11 14:59:45.820192 [INF] Starting nats-server -[1] 2022/10/11 14:59:45.820196 [INF] Version: 2.9.3 -[1] 2022/10/11 14:59:45.820198 [INF] Git: [25e82d7] -[1] 2022/10/11 14:59:45.820200 [INF] Name: NCDMFFEVOSPVVGQZVEQ3O5434LHF2KAPOR5LKAI7YEIAFIABTHQLZRLA -[1] 2022/10/11 14:59:45.820202 [INF] ID: NCDMFFEVOSPVVGQZVEQ3O5434LHF2KAPOR5LKAI7YEIAFIABTHQLZRLA -[1] 2022/10/11 14:59:45.820688 [INF] Listening for client connections on 0.0.0.0:4222 -[1] 2022/10/11 14:59:45.820849 [INF] Server is ready -[1] 2022/10/11 14:59:45.848443 [INF] STREAM: Recovering the state... -[1] 2022/10/11 14:59:45.848737 [INF] STREAM: No recovered state -[1] 2022/10/11 14:59:45.849050 [INF] STREAM: Message store is FILE -[1] 2022/10/11 14:59:45.849054 [INF] STREAM: Store location: datastore -[1] 2022/10/11 14:59:45.849070 [INF] STREAM: ---------- Store Limits ---------- -[1] 2022/10/11 14:59:45.849072 [INF] STREAM: Channels: 100 * -[1] 2022/10/11 14:59:45.849073 [INF] STREAM: --------- Channels Limits -------- -[1] 2022/10/11 14:59:45.849075 [INF] STREAM: Subscriptions: 1000 * -[1] 2022/10/11 14:59:45.849076 [INF] STREAM: Messages : 1000000 * -[1] 2022/10/11 14:59:45.849077 [INF] STREAM: Bytes : 976.56 MB * -[1] 2022/10/11 14:59:45.849078 [INF] STREAM: Age : unlimited * -[1] 2022/10/11 14:59:45.849079 [INF] STREAM: Inactivity : unlimited * -[1] 2022/10/11 14:59:45.849080 [INF] STREAM: ---------------------------------- -[1] 2022/10/11 14:59:45.849082 [INF] STREAM: Streaming Server is ready -``` - -You can also connect to a remote NATS Server running in a docker image. First, run NATS Server: - -```bash -$ docker run -d --name=nats-main -p 4222:4222 -p 6222:6222 -p 8222:8222 nats -``` - -Now, start the Streaming server and link it to the above docker image: - -```bash -$ docker run -d --link nats-main %%IMAGE%% -store file -dir datastore -ns nats://nats-main:4222 - -[1] 2022/10/11 15:00:56.780184 [INF] STREAM: Starting nats-streaming-server[test-cluster] version 0.25.2 -[1] 2022/10/11 15:00:56.780235 [INF] STREAM: ServerID: jVQkB4KiIN4IVIuVoSumE0 -[1] 2022/10/11 15:00:56.780237 [INF] STREAM: Go version: go1.19.2 -[1] 2022/10/11 15:00:56.780241 [INF] STREAM: Git commit: [9e599667] -[1] 2022/10/11 15:00:56.809173 [INF] STREAM: Recovering the state... -[1] 2022/10/11 15:00:56.810336 [INF] STREAM: Recovered 0 channel(s) -[1] 2022/10/11 15:00:56.810612 [INF] STREAM: Message store is FILE -[1] 2022/10/11 15:00:56.810617 [INF] STREAM: Store location: datastore -[1] 2022/10/11 15:00:56.810633 [INF] STREAM: ---------- Store Limits ---------- -[1] 2022/10/11 15:00:56.810635 [INF] STREAM: Channels: 100 * -[1] 2022/10/11 15:00:56.810636 [INF] STREAM: --------- Channels Limits -------- -[1] 2022/10/11 15:00:56.810637 [INF] STREAM: Subscriptions: 1000 * -[1] 2022/10/11 15:00:56.810639 [INF] STREAM: Messages : 1000000 * -[1] 2022/10/11 15:00:56.810640 [INF] STREAM: Bytes : 976.56 MB * -[1] 2022/10/11 15:00:56.810641 [INF] STREAM: Age : unlimited * -[1] 2022/10/11 15:00:56.810642 [INF] STREAM: Inactivity : unlimited * -[1] 2022/10/11 15:00:56.810643 [INF] STREAM: ---------------------------------- -[1] 2022/10/11 15:00:56.810644 [INF] STREAM: Streaming Server is ready -``` - -Notice that the output shows that the NATS Server was not started, as opposed to the first output. - -# Commandline Options - -```bash -Streaming Server Options: - -cid, --cluster_id Cluster ID (default: test-cluster) - -st, --store Store type: MEMORY|FILE|SQL (default: MEMORY) - --dir For FILE store type, this is the root directory - -mc, --max_channels Max number of channels (0 for unlimited) - -msu, --max_subs Max number of subscriptions per channel (0 for unlimited) - -mm, --max_msgs Max number of messages per channel (0 for unlimited) - -mb, --max_bytes Max messages total size per channel (0 for unlimited) - -ma, --max_age Max duration a message can be stored ("0s" for unlimited) - -mi, --max_inactivity Max inactivity (no new message, no subscription) after which a channel can be garbage collected (0 for unlimited) - -ns, --nats_server Connect to this external NATS Server URL (embedded otherwise) - -sc, --stan_config Streaming server configuration file - -hbi, --hb_interval Interval at which server sends heartbeat to a client - -hbt, --hb_timeout How long server waits for a heartbeat response - -hbf, --hb_fail_count Number of failed heartbeats before server closes the client connection - --ft_group Name of the FT Group. A group can be 2 or more servers with a single active server and all sharing the same datastore - -sl, --signal [=] Send signal to nats-streaming-server process (stop, quit, reopen, reload - only for embedded NATS Server) - --encrypt Specify if server should use encryption at rest - --encryption_cipher Cipher to use for encryption. Currently support AES and CHAHA (ChaChaPoly). Defaults to AES - --encryption_key Encryption Key. It is recommended to specify it through the NATS_STREAMING_ENCRYPTION_KEY environment variable instead - --replace_durable Replace the existing durable subscription instead of reporting a duplicate durable error - -Streaming Server Clustering Options: - --clustered Run the server in a clustered configuration (default: false) - --cluster_node_id ID of the node within the cluster if there is no stored ID (default: random UUID) - --cluster_bootstrap Bootstrap the cluster if there is no existing state by electing self as leader (default: false) - --cluster_peers Comma separated list of cluster peer node IDs to bootstrap cluster state - --cluster_log_path Directory to store log replication data - --cluster_log_cache_size Number of log entries to cache in memory to reduce disk IO (default: 512) - --cluster_log_snapshots Number of log snapshots to retain (default: 2) - --cluster_trailing_logs Number of log entries to leave after a snapshot and compaction - --cluster_sync Do a file sync after every write to the replication log and message store - --cluster_raft_logging Enable logging from the Raft library (disabled by default) - --cluster_allow_add_remove_node Enable the ability to send NATS requests to the leader to add/remove cluster nodes - -Streaming Server File Store Options: - --file_compact_enabled Enable file compaction - --file_compact_frag File fragmentation threshold for compaction - --file_compact_interval Minimum interval (in seconds) between file compactions - --file_compact_min_size Minimum file size for compaction - --file_buffer_size File buffer size (in bytes) - --file_crc Enable file CRC-32 checksum - --file_crc_poly Polynomial used to make the table used for CRC-32 checksum - --file_sync Enable File.Sync on Flush - --file_slice_max_msgs Maximum number of messages per file slice (subject to channel limits) - --file_slice_max_bytes Maximum file slice size - including index file (subject to channel limits) - --file_slice_max_age Maximum file slice duration starting when the first message is stored (subject to channel limits) - --file_slice_archive_script Path to script to use if you want to archive a file slice being removed - --file_fds_limit Store will try to use no more file descriptors than this given limit - --file_parallel_recovery On startup, number of channels that can be recovered in parallel - --file_truncate_bad_eof Truncate files for which there is an unexpected EOF on recovery, dataloss may occur - --file_read_buffer_size Size of messages read ahead buffer (0 to disable) - --file_auto_sync Interval at which the store should be automatically flushed and sync'ed on disk (<= 0 to disable) - -Streaming Server SQL Store Options: - --sql_driver Name of the SQL Driver ("mysql" or "postgres") - --sql_source Datasource used when opening an SQL connection to the database - --sql_no_caching Enable/Disable caching for improved performance - --sql_max_open_conns Maximum number of opened connections to the database - --sql_bulk_insert_limit Maximum number of messages stored with a single SQL "INSERT" statement - -Streaming Server TLS Options: - -secure Use a TLS connection to the NATS server without - verification; weaker than specifying certificates. - -tls_client_key Client key for the streaming server - -tls_client_cert Client certificate for the streaming server - -tls_client_cacert Client certificate CA for the streaming server - -Streaming Server Logging Options: - -SD, --stan_debug= Enable STAN debugging output - -SV, --stan_trace= Trace the raw STAN protocol - -SDV Debug and trace STAN - --syslog_name On Windows, when running several servers as a service, use this name for the event source - (See additional NATS logging options below) - -Embedded NATS Server Options: - -a, --addr Bind to host address (default: 0.0.0.0) - -p, --port Use port for clients (default: 4222) - -P, --pid File to store PID - -m, --http_port Use port for http monitoring - -ms,--https_port Use port for https monitoring - -c, --config Configuration file - -Logging Options: - -l, --log File to redirect log output - -T, --logtime= Timestamp log entries (default: true) - -s, --syslog Enable syslog as log method - -r, --remote_syslog Syslog server addr (udp://localhost:514) - -D, --debug= Enable debugging output - -V, --trace= Trace the raw protocol - -DV Debug and trace - -Authorization Options: - --user User required for connections - --pass Password required for connections - --auth Authorization token required for connections - -TLS Options: - --tls= Enable TLS, do not verify clients (default: false) - --tlscert Server certificate file - --tlskey Private key for server certificate - --tlsverify= Enable TLS, verify client certificates - --tlscacert Client certificate CA for verification - -NATS Clustering Options: - --routes Routes to solicit and connect - --cluster Cluster URL for solicited routes - -Common Options: - -h, --help Show this message - -v, --version Show version - --help_tls TLS help. -``` - -# Configuration - -Details on how to configure further the NATS Streaming server can be found [here](https://docs.nats.io/nats-streaming-server/configuring) diff --git a/nats-streaming/deprecated.md b/nats-streaming/deprecated.md deleted file mode 100644 index db266bd8e..000000000 --- a/nats-streaming/deprecated.md +++ /dev/null @@ -1 +0,0 @@ -The NATS Streaming Server is being deprecated. Critical bug fixes and security fixes will be applied until June of 2023. NATS enabled applications requiring persistence should use [JetStream](https://docs.nats.io/jetstream/jetstream). diff --git a/nats-streaming/github-repo b/nats-streaming/github-repo deleted file mode 100644 index a58594919..000000000 --- a/nats-streaming/github-repo +++ /dev/null @@ -1 +0,0 @@ -https://github.com/nats-io/nats-streaming-docker diff --git a/nats-streaming/license.md b/nats-streaming/license.md deleted file mode 100644 index 316d32e6b..000000000 --- a/nats-streaming/license.md +++ /dev/null @@ -1 +0,0 @@ -View [license information](https://github.com/nats-io/nats-streaming-server/blob/master/LICENSE) for the software contained in this image. diff --git a/nats-streaming/logo.png b/nats-streaming/logo.png deleted file mode 100644 index 384aab597c7d84338457ce91c4bf547deb8cdb5c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 9499 zcmY*<1zc3YyEZHfEKBXe(zP^;bayPZNG~DXC`dOb(jC$uh;*aU(o)jhEg>xeN{isd z|GnS+zVG~g=S;oxJnzhzcV^DKCq`RSg%C^)#=yWJR7EMGAHpyHZV=AHv#a#A<3oVy ziB>^kd>p4ecu3&6p^Q8+FnE~%-I#tQvOW(2Mh<$0UWOX#5;m^RJXW@@)^!hAX&w*ujN)gn0Ov zWWaDZT*|}tsRUY4`G2ZEq@+;lpsnf8t$9~fwYheyJ(*h@zni!_d2wit5$FyS12_P~&&@71^hmX`Fi5)Q zkDC7EQUSsR2ePT!ji62H@5;S-;)ji@om_;uWmTO*-JiXd3l#QNqvks~(7&wr&(l(a^?Ql- zPE}K79z2a4+gm?Z+pOaibo%TYu_btyeY{&w(`is=^P&=?vOLy`Yoe{m^m0bHf~Dfu zLS5nvQqI`pQ+fI5F_am1R5mIZbybXj-Q4LPK%%iJIZG3?k4M@YA&k^Gol{$ zrOwx5uLt~!HWS}~!dN2t=5gXB;~;6UPE&a~J)xv*YPfsNo_G8t92mm;hFTzHh*43( z4%7Pa6{hyLF!z8co0tL$B_!DU1=;r?`}Unk25Jk$#LjRMos75E@FY+_^;=~jD}efo zb`4VB10it6M+F2L>CWQ3KO%bem9TR}4RpwcN76_DkxSoUROGkKSB$%m)tmI_B~GYL z+w-s+B+6?Ypa!p)ljTKY`+Mue7E7ti0QKaPLi5?|)N;6AdWOPn9r-Od|CkMd2qJv; zJ%^xY!8eeux*X&piM<-qKA<1L&=CJsM>N)g3yNZN!fRkl2<84C2AW zWCwX7(=fP*(QP0%0Mh9l&m)e3qgnk|!da7)!_fvp{RaX_F_R~=$E{IqJh+4Mc6hW5QXvL^K1 zfJr*YkR@F+eEJjaNWi zIi~St4dslY4fh5@Utr>I>^NgakJA$}az*P&QgG34CuynPeBFB~su+2s5}PsocO`^! zbj1s#ycsuiy&Bf(Pc$@0blCIivw91}Iax>BD!~yfv^k`6HQEO5|J0y>PX3wyE|l6m z4dB!HGmQmm?Lp$=|CIGl%dPaaTn&^Y-k1@;fGgw^OSn?;NAZJ3-q5*F?32aI8pod* zq*Kiq@ODVX#^^JmE+3z3f_zv95Vh)w(zCGyLvezl$U&Nkn``O1eG?Th>l5-|# zgg}lIrZo_zKU%U&sf=Q$Ge$oh5&C^13TY&61mi93*K;mvR-sb1?zNMZqWD{ZH$Cr! z_yIH&@gYA^vwNh}@x|^DF-~-U(A^rA&YGEpoY5bQ=kp4wTN6g`%(Sdn!tC@vlpP(* zYED=A;afe;GPdQPs~bPgws>+hxzJqq*20*?~Kx#epb zg8?H)Y%u_z;>WruYR|JSb=?6R>FM#$EwxUJ0nB#TK&X<`0GX=%TJ!olaUvdjqOQ_6 z;36o0Cuco?Z_YF&2SU!tiq^hz4sZk=cV}!3UqYOyz2acKCam~6&8hexG5OUL$ZxJx z{7|vj9#z~49mV4pDd=L#HCXscZOQd=GoO^CWm2J3a#W;GA&>8wfomSd<>|11c+U?idKN1xlT>6JgT)JQr zc0guTB)XRrVXr;~BiUTvO9(S56FMl)Ut&*Ld3lkMP1+fLX1=27WvdF(YEuuKN{yiX zEk{%46NY+CMrX4@F(BH@=7cbYDj65K0h*Q0SBG#PtiMP1roEc)@i4sx&2%gF(zgKb zdCKd&gAX-Ss#D>=qWJo!RdrY~(!#T40pjwDDG+nttUs7x!Mz z*xBT{eCWnEq&@Tlp)zh91*E}JIYCI8_ity2c$pEc$%JG323n=`*z&)Uv0NFYv~i4t zw5#OibMVU=dP@C^Ho1jHC4vRf&PvHWF|AUA+Jx*Ohcz9Cg%SCHkzWF%0h5M=q}kr; zg6(`k1nqGSE=p=k&}cqagkj-{%c{3LsEGX82>2cBns`hux#Y+Zf1tuoOuHxw3up0zgD764}W2k2&_ASqc6mPgT|@P-7-^$VlMY6aDQO z+o%S}8Y;(3VriQLZY&?(1FKI+{rBdHt+m7hTRB@pB7XLb2#M3 ztFJW7H25F|lzKYSq$^4rOc->c z5p;w!vMj>=z;jJvQz{8XZ}(cFl-h}5xk3$&=GZ3r)`S0@lw>U)QR_R?e@h_~p3$2HML-kM7lmpvaRI3SL{=by=Uc5%s( zBoFil7!40k#>N--_v8RA)1(sT837sLZj>r>enr$w@8xKTkvK zvZw?JnYx~6GGJZhmmHnh!xp0%e&TZ0;A4-pFAt1;(jU+KoC@Q{)4{J-r?QO4Nfl6k zTXoJPQO`tT+E_#pcz+a_eYnqej^#qNN(I#3}Bcn&;P?#%E~B3Hg6NaA0!#b)igB6r!cxorJ-iVlrMghQ0$j4iTC9F8h%?F=|Mze z!Tnl5X-234*x~OiRqE?7m5I+p*(LDyl>KkTZlw0iJR{csETm0ck8O3LoxX?_VC0Zp z{3e3DQfq^{n-vu+O4NTIBEtPuJc0eu^m_>h9E8&g^<(Hfu6|-Y5AotZHl28O3lhZ}f)dQtAqO zSM@{-IgblH@pqdjF@zMS<2@rVLufu?3{k2GmLT5JYj|}yuvF?`k7#pl^3AAYqUS=c z3~1TYVEG0GAWWs7bG~Pg!eB0eSZ`CL;($3l zT?kyfHuzM+WfHRAK*!Wqz6*6*S$fht?Jj8P{MWprWFyTosv`*09ZP8UMXflW><2$8 zwgMBn`!E<=&7=`(Mh~`DMj5-rqU5MR`segLue{eUQ^SQ$Tve#;TQ|CaV+Ldm8reFT z(N6#0c{`DxaD|9!exsLn0pteh~=5?w@dih>d zx(I=A_|I_Ny4Aw4#?_=X`j-uyB9GtL_5UJ8_KX8Ut5dABT4BkHPfeGuE(>k9`0k$e zd{^l$s*^7!0*B$JPV@0na|SoO%iEyxC%}u8p%ITRuz}#;k3J1%<-O>xCd2&f_X`yU zv!zA3@wa-RH`2HoDHps<0m+t>JVEYcIrLdTfzRy5lM7^7&-+HhZq!1ve%XEJH?brH zWP`9!(KzXqm?D{lc=jr6TMlJ@oCtjb?44nsM=WYGvc2n8B^=RjatnY3NlL2evo-IXnlRWhAtp_S z<|gwWA~5FVVrfMuYohaM*#WIk+^PZve$Xf_vD;Uj>;5$WD~t8yCm*`Ox3?eGb1{$62)+g#DR(py(KQ<@&imtq`Qn5C4OVO^=8O%{CD^erw6JGSctxQsDqSRuO2tlTnzS2s zY9)RpvTkyhZM82NjMdGOOM0EDhjI9R>h|bSCImsjpWC&o1mMmB!C~>g1rX7-2L%04 z7!@%t1DpA$@{%VapU0lYlZfTunEqr3{yoVu3$>+S{V4_b?n-_SheBRm3yZA^f|>&EkoJx-`;MU5^=ID6cd6p^*)oAL^jmdQ z^uJfi+~Pf9Uz@gC*2CTil~~YLhPucg>B^k)>rO@{pgu{-pxJD+KUiZKUr;|H?fEF7ef2 zn8kC1p?RwgoK5bFSm2Sv=@PMQtWrL1l;2H_*j}Gb@TlYx7*&lw3~((S$pSIl1$fS zC@f8e3OmqpHs-YDAgGJn8u%sciV-ek!_SeNcC_(09TkZOn|@lU$+fM1@;w@2z?XKS z{2j7}id7^UGvr2)a{Jg@21h$ z3$1-_o?Iv`fGH#SP1X{*ojUo>PihYB7ZxH&dB>uryd}XD?wdfDT*zC{#j?8JjQ528 z*?U963FnoVFbM@5S5(LVwrG54P;THOb%!?07b%I~2=vsH&&=2Dx?NYFcAP#Y$5ow& zGPWbvP*EuU;9`4cP!|FfzqIa0nHzYl{|>gKTl&73X5hWFEcUW!Q|l zSUHzd1n<5aK6C^(FX+Mn6dJc|qqKLVVxep7VX&L35uwKiG~cB%jEZ1;%t12RwWLapYs{AF#4ABied`EgP$k_XWq@)6)5fl49mq4{BhAF^w_ zNImJ3g>QJFd&9uanE zoH@S}*)NXsWk5m=k-MWG3VdG!0r1`SCfS6KzY$ zM}CTK6nn%%fTnydeX)PGk@8KXD_EUdpI|Jz7xkJ%Lpm0+m~V<5n}PN5jJyz})cT{5 zH>PTNAR*KlccJUVq6Hhry-cR4bKa9%QS7KO7Va_br zy}zC-{>b-gC2S76J_2oORnXbKr*4NduQgY$(Mu5dc(3CSyL3`LX_?~SYmDp?AXWrt z+cKeZ_tqtw7vQ;3!TSvvVbo@aW{_!rKhMj7XVXBE7qmsfZ2hush)Oqpw|A{33n5@-3s? z19P}CBio!g1k9w#u)9fGF{)>Q=25ri_e@6z{>)~ESw4sSPj(mWoX+@9mkv5ZlQ(sB z=p_P1??&tyIVUx>Q|!hCS`u**YvF*|>aq~$A}<0TlgpkH^Lv8!SN2inh85Kl%i$}u zZSgMI;mRShAvi)elf0QDE=nfRq5CvMPRojK63^d*^IjDj4Y)Vf*g#M=B5haec=_}uWTWNxb@n7((QWbag2^2uDK4#-O`iw_V z_*Bo~m$$suRuAa=Jy&K&l@zkg$FVCj6+31l^EU@_qy2M8vhtn&DtnSsf-xZOVdfkU z9XpY#RC|^bdRJMemG7oPfJ@uJ93H0JPiN%MbpwT??SJc>Q8(aBL=LRCV&vZ6hPCcF ztrY($xcf7or!?{!5~$qp+LjqT_j zZiTpZDM)_Ct!1GDtF{H59qY<_(ZM2@Ss%{#pAU4y``9g?U0qp?y*`l(`h(JMgayuq z(=pNt2?UNBbPTe{p}+Snm7Q&V_`0(B`Ns%4qwd}XL8~`QrkhX4$jL^jwMYdJ;#RxV z;_mje3_4Qv+t{h@?Y_TyB|UlR$?d2Dl1*JQimAY|z(KqyK%DBVido{nUk$`I9{zk_ zf~Jh91T?rM71J>u=8MfKlM@zo$*f+y1RD<@hur#_VxG|Xo3Ue4eXsqL#!cS`o^2#b zdC!a#E2ocLsH{fXa@nzO;wgvKcnsW}_J=rAsTmbVFz_gVg9Zg)iGNg{6JGRPXBn!J z=k!OK3BkXREeiac=0>^~S0fj-tpM7Kko*y#%^-LbTcqBhl zN5nZ?IMaxqUtRg_GySfJSZPe2nb?yxx-^6&QY^YKAo<|EwL~H}41Ac};wkdB;F2$w zz}S@{0RdYzh}49Te5t58yfAVrXeZaq_A9kQnq$hTli;wfa%=w;O8+s=+OPF|Su zGn$%4{?Z|op-*i3(W@)9{=%0b7e+Nn%q29M$j#E^UPvCgwOoG^eLRDo>Ohk$0S;in^ zv9vkL;gFZwc+lN-?>B|Jf0hGuomD`?L^F>!k#} zUk8UlYaeV$QD+Z+cC-Kk_=J~NjQ$#R10F#(!fOX97v-nhTqp%UsHFb+Okm+=cjlc32l_UqQ3et$u_tPCZ{I$ZZZz3DY&Ld4ficlDX zunPfcFq^I>265@%hWxEnTi-9`Bl+sz020hyRF0sUfYmquA^}Xiz>DaCqWT+a${B)e zp;*4d@L*vOeHv~o?Ev>DJTYfOJL`;BcNAtN@M+9ht9yZDfsUEtU^q_ipoLGGWj1D6 za#bvw@F!sY%g*KJWNc9o6ZYe&tH)2sepbhXC_JgmhEd3G>ed^8N>|IXDHNSC7^*?x z**r<#umlWLX3^U)pYy2d@^h+csH2W9D--eOvvV|(FeNP-p*5_!qv`a~xK2~?To0l} zLW(U+pZOC-?_QlnKd;y;H=&cUnJi?`&9<8MDK_Yth0m>PiQ9;sM|&P8WsjI^36k(} zP$!7O^b>YJeIwnrExwN~w~5z+c6SO~v=IjoCOu@5>Fv}!)EHeQRhUEGGl-wUNKK~Y z9~3$(;6A~JqwgO`6(h@#Uypy8n8kK%*uhfku;ZPVcNZb~8rY+;V67HXwtw)d(5g7! zh4jLn%>NB3v$)_Ci5kM$X_4vt^7XsD2;vS=!_hr@ zWc_f@KcAlZAEdB@$1)iXk!>hapYP9T^St<2Hm4K6qRY-o>W0r$sId;you4z!hR9 z=H!pGO#ksbF_Sd30tfp;ygCC_b3Tr2Da*GLY=zAv zCj3RTo}1i{7n)U~NKH_p_p_9(mfMd@OM!Y5N7t4CxTrD49J|L%teoOM5BW*%)nAhq z0v`4%KliUX8(;2`4vb@!_}Yj~Qv)%%v4(!9S&%6_m^X5g6hW?7B!>O+xWK}~_xoxH z^XW+cZm?|wbe?UPjHHDpWhcBmKU=a$$Ny)geyjMvufz|XBJ*Xdv24TTq-(n}zWQyU z9`m}>IS{h>%R^SRw7x3x@5P4mQ~ooS)gB5p^2JKubM$|J;{tS2{Y;`s)%&ZQO)U>t9g=?z!WbeopgtyiyV(6I%7ljD?})-Nk2>{8W7%Q-Nf zkO{m^k|c9Qg?cR^Ry7Cill@k|8qpgX7HsKMdAKN;#d5e^jByw^`F%q%R=>1jAm?My z!HMdx&YW8Dmc1c$M>)i9KaI4I;FOb2D3*bA%>y4~3v0I4 zTnJ+OHoRjG0W}x-V#M?$0MxW0?235#HwX|Fw(=B563)tqq{wO+M}7C1MvarSF}06uIFYX|3YClp6(y4ZHg0Uu$L=RNqdM2IDJIh zwA7x-F3iv#n(#dwCU8!ZY$%72OYDT#V3d*Ps29oo?sHi3#C@@I`*wMfLmO*u(Y>AA zMa_=;lQ*|tMsXR2v`8{ChV9H%lSvqOpP<7Gxiqy3r2 zVUF - -# **DEPRECATION NOTICE** - -Upcoming in Vault 1.14, we will stop publishing official Dockerhub images and publish only our Verified Publisher images. Users of Docker images should pull from [hashicorp/vault](https://hub.docker.com/r/hashicorp/vault) instead of [vault](https://hub.docker.com/_/vault). Verified Publisher images can be found at https://hub.docker.com/r/hashicorp/vault. - -# Quick reference - -- **Maintained by**: - [HashiCorp](https://github.com/hashicorp/docker-vault) - -- **Where to get help**: - [the Docker Community Slack](https://dockr.ly/comm-slack), [Server Fault](https://serverfault.com/help/on-topic), [Unix & Linux](https://unix.stackexchange.com/help/on-topic), or [Stack Overflow](https://stackoverflow.com/help/on-topic) - -# Supported tags and respective `Dockerfile` links - -**No supported tags** - -# Quick reference (cont.) - -- **Where to file issues**: - [https://github.com/hashicorp/docker-vault/issues](https://github.com/hashicorp/docker-vault/issues?q=) - -- **Supported architectures**: ([more info](https://github.com/docker-library/official-images#architectures-other-than-amd64)) - **No supported architectures** - -- **Published image artifact details**: - [repo-info repo's `repos/vault/` directory](https://github.com/docker-library/repo-info/blob/master/repos/vault) ([history](https://github.com/docker-library/repo-info/commits/master/repos/vault)) - (image metadata, transfer size, etc) - -- **Image updates**: - [official-images repo's `library/vault` label](https://github.com/docker-library/official-images/issues?q=label%3Alibrary%2Fvault) - [official-images repo's `library/vault` file](https://github.com/docker-library/official-images/blob/master/library/vault) ([history](https://github.com/docker-library/official-images/commits/master/library/vault)) - -- **Source of this description**: - [docs repo's `vault/` directory](https://github.com/docker-library/docs/tree/master/vault) ([history](https://github.com/docker-library/docs/commits/master/vault)) - -# Vault - -Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log. For more information, please see: - -- [Vault documentation](https://www.vaultproject.io/) -- [Vault on GitHub](https://github.com/hashicorp/vault) - -![logo](https://raw.githubusercontent.com/docker-library/docs/90d4d43bdfccd5cb21e5fd964d32b0074af0f357/vault/logo.svg?sanitize=true) - -# Using the Container - -We chose Alpine as a lightweight base with a reasonably small surface area for security concerns, but with enough functionality for development and interactive debugging. - -Vault always runs under [dumb-init](https://github.com/Yelp/dumb-init), which handles reaping zombie processes and forwards signals on to all processes running in the container. This binary is built by HashiCorp and signed with our [GPG key](https://www.hashicorp.com/security.html), so you can verify the signed package used to build a given base image. - -Running the Vault container with no arguments will give you a Vault server in [development mode](https://www.vaultproject.io/docs/concepts/dev-server.html). The provided entry point script will also look for Vault subcommands and run `vault` with that subcommand. For example, you can execute `docker run vault status` and it will run the `vault status` command inside the container. The entry point also adds some special configuration options as detailed in the sections below when running the `server` subcommand. Any other command gets `exec`-ed inside the container under `dumb-init`. - -The container exposes two optional `VOLUME`s: - -- `/vault/logs`, to use for writing persistent audit logs. By default nothing is written here; the `file` audit backend must be enabled with a path under this directory. -- `/vault/file`, to use for writing persistent storage data when using the`file` data storage plugin. By default nothing is written here (a `dev` server uses an in-memory data store); the `file` data storage backend must be enabled in Vault's configuration before the container is started. - -The container has a Vault configuration directory set up at `/vault/config` and the server will load any HCL or JSON configuration files placed here by binding a volume or by composing a new image and adding files. Alternatively, configuration can be added by passing the configuration JSON via environment variable `VAULT_LOCAL_CONFIG`. - -## Memory Locking and 'setcap' - -The container will attempt to lock memory to prevent sensitive values from being swapped to disk and as a result must have `--cap-add=IPC_LOCK` provided to `docker run`. Since the Vault binary runs as a non-root user, `setcap` is used to give the binary the ability to lock memory. With some Docker storage plugins in some distributions this call will not work correctly; it seems to fail most often with AUFS. The memory locking behavior can be disabled by setting the `SKIP_SETCAP` environment variable to any non-empty value. - -## Running Vault for Development - -```console -$ docker run --cap-add=IPC_LOCK -d --name=dev-vault vault -``` - -This runs a completely in-memory Vault server, which is useful for development but should not be used in production. - -When running in development mode, two additional options can be set via environment variables: - -- `VAULT_DEV_ROOT_TOKEN_ID`: This sets the ID of the initial generated root token to the given value -- `VAULT_DEV_LISTEN_ADDRESS`: This sets the IP:port of the development server listener (defaults to 0.0.0.0:8200) - -As an example: - -```console -$ docker run --cap-add=IPC_LOCK -e 'VAULT_DEV_ROOT_TOKEN_ID=myroot' -e 'VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:1234' vault -``` - -## Running Vault in Server Mode for Development - -```console -$ docker run --cap-add=IPC_LOCK -e 'VAULT_LOCAL_CONFIG={"storage": {"file": {"path": "/vault/file"}}, "listener": [{"tcp": { "address": "0.0.0.0:8200", "tls_disable": true}}], "default_lease_ttl": "168h", "max_lease_ttl": "720h", "ui": true}' -p 8200:8200 vault server -``` - -This runs a Vault server with TLS disabled, the `file` storage backend at path `/vault/file` and a default secret lease duration of one week and a maximum of 30 days. Disabling TLS and using the `file` storage backend are not recommended for production use. - -Note the `--cap-add=IPC_LOCK`: this is required in order for Vault to lock memory, which prevents it from being swapped to disk. This is highly recommended. In a non-development environment, if you do not wish to use this functionality, you must add `"disable_mlock: true"` to the configuration information. - -At startup, the server will read configuration HCL and JSON files from `/vault/config` (any information passed into `VAULT_LOCAL_CONFIG` is written into `local.json` in this directory and read as part of reading the directory for configuration files). Please see Vault's [configuration documentation](https://www.vaultproject.io/docs/config/index.html) for a full list of options. - -We suggest volume mounting a directory into the Docker image in order to give both the configuration and TLS certificates to Vault. You can accomplish this with: - -```console -$ docker run --volume config/:/vault/config.d ... -``` - -For more scalability and reliability, we suggest running containerized Vault in an orchestration environment like k8s or OpenShift. - -Since 0.6.3 this container also supports the `VAULT_REDIRECT_INTERFACE` and `VAULT_CLUSTER_INTERFACE` environment variables. If set, the IP addresses used for the redirect and cluster addresses in Vault's configuration will be the address of the named interface inside the container (e.g. `eth0`). - -# License - -View [license information](https://raw.githubusercontent.com/hashicorp/vault/master/LICENSE) for the software contained in this image. - -As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). - -Some additional license information which was able to be auto-detected might be found in [the `repo-info` repository's `vault/` directory](https://github.com/docker-library/repo-info/tree/master/repos/vault). - -As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. diff --git a/vault/content.md b/vault/content.md deleted file mode 100644 index d3a27503d..000000000 --- a/vault/content.md +++ /dev/null @@ -1,68 +0,0 @@ -# Vault - -Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log. For more information, please see: - -- [Vault documentation](https://www.vaultproject.io/) -- [Vault on GitHub](https://github.com/hashicorp/vault) - -%%LOGO%% - -# Using the Container - -We chose Alpine as a lightweight base with a reasonably small surface area for security concerns, but with enough functionality for development and interactive debugging. - -Vault always runs under [dumb-init](https://github.com/Yelp/dumb-init), which handles reaping zombie processes and forwards signals on to all processes running in the container. This binary is built by HashiCorp and signed with our [GPG key](https://www.hashicorp.com/security.html), so you can verify the signed package used to build a given base image. - -Running the Vault container with no arguments will give you a Vault server in [development mode](https://www.vaultproject.io/docs/concepts/dev-server.html). The provided entry point script will also look for Vault subcommands and run `vault` with that subcommand. For example, you can execute `docker run vault status` and it will run the `vault status` command inside the container. The entry point also adds some special configuration options as detailed in the sections below when running the `server` subcommand. Any other command gets `exec`-ed inside the container under `dumb-init`. - -The container exposes two optional `VOLUME`s: - -- `/vault/logs`, to use for writing persistent audit logs. By default nothing is written here; the `file` audit backend must be enabled with a path under this directory. -- `/vault/file`, to use for writing persistent storage data when using the`file` data storage plugin. By default nothing is written here (a `dev` server uses an in-memory data store); the `file` data storage backend must be enabled in Vault's configuration before the container is started. - -The container has a Vault configuration directory set up at `/vault/config` and the server will load any HCL or JSON configuration files placed here by binding a volume or by composing a new image and adding files. Alternatively, configuration can be added by passing the configuration JSON via environment variable `VAULT_LOCAL_CONFIG`. - -## Memory Locking and 'setcap' - -The container will attempt to lock memory to prevent sensitive values from being swapped to disk and as a result must have `--cap-add=IPC_LOCK` provided to `docker run`. Since the Vault binary runs as a non-root user, `setcap` is used to give the binary the ability to lock memory. With some Docker storage plugins in some distributions this call will not work correctly; it seems to fail most often with AUFS. The memory locking behavior can be disabled by setting the `SKIP_SETCAP` environment variable to any non-empty value. - -## Running Vault for Development - -```console -$ docker run --cap-add=IPC_LOCK -d --name=dev-vault %%IMAGE%% -``` - -This runs a completely in-memory Vault server, which is useful for development but should not be used in production. - -When running in development mode, two additional options can be set via environment variables: - -- `VAULT_DEV_ROOT_TOKEN_ID`: This sets the ID of the initial generated root token to the given value -- `VAULT_DEV_LISTEN_ADDRESS`: This sets the IP:port of the development server listener (defaults to 0.0.0.0:8200) - -As an example: - -```console -$ docker run --cap-add=IPC_LOCK -e 'VAULT_DEV_ROOT_TOKEN_ID=myroot' -e 'VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:1234' %%IMAGE%% -``` - -## Running Vault in Server Mode for Development - -```console -$ docker run --cap-add=IPC_LOCK -e 'VAULT_LOCAL_CONFIG={"storage": {"file": {"path": "/vault/file"}}, "listener": [{"tcp": { "address": "0.0.0.0:8200", "tls_disable": true}}], "default_lease_ttl": "168h", "max_lease_ttl": "720h", "ui": true}' -p 8200:8200 %%IMAGE%% server -``` - -This runs a Vault server with TLS disabled, the `file` storage backend at path `/vault/file` and a default secret lease duration of one week and a maximum of 30 days. Disabling TLS and using the `file` storage backend are not recommended for production use. - -Note the `--cap-add=IPC_LOCK`: this is required in order for Vault to lock memory, which prevents it from being swapped to disk. This is highly recommended. In a non-development environment, if you do not wish to use this functionality, you must add `"disable_mlock: true"` to the configuration information. - -At startup, the server will read configuration HCL and JSON files from `/vault/config` (any information passed into `VAULT_LOCAL_CONFIG` is written into `local.json` in this directory and read as part of reading the directory for configuration files). Please see Vault's [configuration documentation](https://www.vaultproject.io/docs/config/index.html) for a full list of options. - -We suggest volume mounting a directory into the Docker image in order to give both the configuration and TLS certificates to Vault. You can accomplish this with: - -```console -$ docker run --volume config/:/vault/config.d ... -``` - -For more scalability and reliability, we suggest running containerized Vault in an orchestration environment like k8s or OpenShift. - -Since 0.6.3 this container also supports the `VAULT_REDIRECT_INTERFACE` and `VAULT_CLUSTER_INTERFACE` environment variables. If set, the IP addresses used for the redirect and cluster addresses in Vault's configuration will be the address of the named interface inside the container (e.g. `eth0`). diff --git a/vault/deprecated.md b/vault/deprecated.md deleted file mode 100644 index 5a601656e..000000000 --- a/vault/deprecated.md +++ /dev/null @@ -1 +0,0 @@ -Upcoming in Vault 1.14, we will stop publishing official Dockerhub images and publish only our Verified Publisher images. Users of Docker images should pull from [hashicorp/vault](https://hub.docker.com/r/hashicorp/vault) instead of [vault](https://hub.docker.com/_/vault). Verified Publisher images can be found at https://hub.docker.com/r/hashicorp/vault. diff --git a/vault/github-repo b/vault/github-repo deleted file mode 100644 index a4a1b4c45..000000000 --- a/vault/github-repo +++ /dev/null @@ -1 +0,0 @@ -https://github.com/hashicorp/docker-vault diff --git a/vault/license.md b/vault/license.md deleted file mode 100644 index 2111daccf..000000000 --- a/vault/license.md +++ /dev/null @@ -1 +0,0 @@ -View [license information](https://raw.githubusercontent.com/hashicorp/vault/master/LICENSE) for the software contained in this image. diff --git a/vault/logo.svg b/vault/logo.svg deleted file mode 100644 index 86094d316..000000000 --- a/vault/logo.svg +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - diff --git a/vault/maintainer.md b/vault/maintainer.md deleted file mode 120000 index ef4100e01..000000000 --- a/vault/maintainer.md +++ /dev/null @@ -1 +0,0 @@ -../.common-templates/maintainer-hashicorp.md \ No newline at end of file diff --git a/vault/metadata.json b/vault/metadata.json deleted file mode 100644 index f1e527007..000000000 --- a/vault/metadata.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "hub": { - "categories": [ - "security" - ] - } -}