Update the architecture docs to reflect the notary and jobrunner containers and volumes.

Also update the general configuration to indicate that DTR comes with Notary now.

Signed-off-by: cyli <cyli@twistedmatrix.com>

architecture.md

@@ -22,13 +22,16 @@ Universal Control Plane cluster.
 
 When you install DTR on a node, the following containers are started:
 
-| Name                             | Description                                                                                                                       |
-|:---------------------------------|:----------------------------------------------------------------------------------------------------------------------------------|
-| dtr-nginx-<replica_id>     | Receives http and https requests and proxies them to other DTR components. By default it listens to ports 80 and 443 of the host. |
-| dtr-api-<replica_id>       | Executes the DTR business logic. It serves the DTR web application, and API.                                                      |
-| dtr-registry-<replica_id>  | Implements the functionality for pulling and pushing Docker images. It also handles how images are stored.                        |
-| dtr-etcd-<replica_id>      | A key-value store for persisting DTR configuration settings. Don't use it in your applications, since it's for internal use only. |
-| dtr-rethinkdb-<replica_id> | A database for persisting repository metadata. Don't use it in your applications, since it's for internal use only.               |
+| Name                                | Description                                                                                                                       |
+|:------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------|
+| dtr-nginx-<replica_id>        | Receives http and https requests and proxies them to other DTR components. By default it listens to ports 80 and 443 of the host. |
+| dtr-api-<replica_id>          | Executes the DTR business logic. It serves the DTR web application, and API.                                                      |
+| dtr-registry-<replica_id>     | Implements the functionality for pulling and pushing Docker images. It also handles how images are stored.                        |
+| dtr-etcd-<replica_id>         | A key-value store for persisting DTR configuration settings. Don't use it in your applications, since it's for internal use only. |
+| dtr-jobrunner-<replica_id>    | Runs cleanup jobs in the background. It is not exposed to DTR, and is for internal use only.               |
+| dtr-rethinkdb-<replica_id>    | A database for persisting repository metadata. Don't use it in your applications, since it's for internal use only.               |
+| dtr-notary-server-<replica_id> | Receives, validates, and serves content trust metadata, and is consulted when pushing or pulling to DTR with content trust enabled.         |
+| dtr-notary-signer-<replica_id> | Performs server-side timestamp and snapshot signing for content trust metadata.  Is not exposed to DTR, and is for internal use only.     |
 
 
 ## Networks
@@ -56,6 +59,7 @@ DTR uses these named volumes for persisting data:
 | dtr-etcd-<replica_id>     | dtr-etcd/_data                              | The volume used by etcd to persist DTR configurations.                                                       |
 | dtr-registry-<replica_id> | dtr-registry/_data                          | The volume where images are stored, if DTR is configured to store images on the local filesystem.            |
 | dtr-rethink-<replica_id>  | dtr-rethink/_data                           | The volume used by RethinkDB to persist DTR data, like users and repositories.                               |
+| dtr-notary-<replica_id>   | dtr-notary/_data                            | The volume where the Notary private TLS keys and certificates are stored so that the Notary containers can use TLS to communicate. |
 
 If you don’t create these volumes, when installing DTR they are created with
 the default volume driver and flags.

configure/config-general.md

@@ -1,7 +1,7 @@
 +++
 title = "Configure general settings"
 description = "Configure general settings for Docker Trusted Registry"
-keywords = ["docker, documentation, about, technology, understanding, enterprise, hub, general, domain name, HTTP, HTTPS ports, Notary, registry"]
+keywords = ["docker, documentation, about, technology, understanding, enterprise, hub, general, domain name, HTTP, HTTPS ports, registry"]
 [menu.main]
 parent="workw_dtr_configure"
 identifier="dtr_configure_general"
@@ -10,7 +10,7 @@ weight=3
 
 # Configure general settings
 
-This document describes the general settings you need to configure including using Trusted Content through setting up your Notary server.
+This document describes the general settings you need to configure.
 
 ## Configure your domain name and port settings
 
@@ -33,14 +33,14 @@ for the new domain. This also works with IP addresses.
 
 ## Docker Content Trust
 
-The Trusted Registry's includes integration with of Docker Notary to provide
+The Trusted Registry integrates with Docker Notary by default to provide
 Content Trust functionality, allowing your organization to push and pull
 trusted images. After pushing images in the Trusted Registry, you can see
 which image tags were signed by viewing the appropriate repositories through
 Trusted Registry's web interface.
 
 To configure your Docker client to be able to push signed images to Docker
-Trusted Registry refer to the CLI Reference's [Environment Variables
+Trusted Registry, refer to the CLI Reference's [Environment Variables
 Section](/engine/reference/commandline/cli.md#environment-variables) and
 [Notary Section](/engine/reference/commandline/cli.md#notary).
 

configure/configuration.md

@@ -16,7 +16,7 @@ this overview to see what you can configure.
 To start, navigate to the Trusted Registry user interface (UI) > Settings, to
 view configuration options. Configuring is grouped by the following:
 
-* [General settings](config-general.md) (ports, proxies, and Notary)
+* [General settings](config-general.md) (ports, proxies)
 * [Security settings](config-security.md)
 * [Storage settings](config-storage.md)
 * [License](../install/license.md)