docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Creates docs for install DTR 2.0 

Adds docs about installing, uninstalling, and
cleans up a bunch of other docs.
This commit is contained in:
Joao Fernandes 2016-04-14 15:30:23 -07:00
parent b11da4f36c
commit d60cc64dd6
24 changed files with 304 additions and 243 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
architecture.md
View File

@ -23,13 +23,13 @@ using the Commercially Supported Docker Engine.
When you install DTR on a node, the following containers are started:
| Name | Description |
|:--------------|:-------------------------------------------------------------------------------------------------------------------------------------------|
| dtr-api | Executes the DTR business logic. It serves the DTR web application, and API. |
| dtr-etcd | A key-value store for persisting DTR configuration settings. Don't use it in your applications, since it's for internal use only. |
| dtr-nginx | Receives http and https requests and proxies them to other DTR components. It listens on ports 80 and 443 of the host where it is running. |
| dtr-registry | Implements the functionality for pulling and pushing Docker images. It also handles how images are stored. |
| dtr-rethinkdb | A database for persisting repository metadata. Don't use it in your applications, since it's for internal use only. |
| Name | Description |
|:--------------|:----------------------------------------------------------------------------------------------------------------------------------|
| dtr-nginx | Receives http and https requests and proxies them to other DTR components. By default it listens to ports 80 and 443 of the host. |
| dtr-api | Executes the DTR business logic. It serves the DTR web application, and API. |
| dtr-registry | Implements the functionality for pulling and pushing Docker images. It also handles how images are stored. |
| dtr-etcd | A key-value store for persisting DTR configuration settings. Don't use it in your applications, since it's for internal use only. |
| dtr-rethinkdb | A database for persisting repository metadata. Don't use it in your applications, since it's for internal use only. |
## Networks
@ -37,11 +37,15 @@ When you install DTR on a node, the following containers are started:
To allow containers to communicate, when installing DTR the following networks
are created:
| Name | Type | Description |
|:-------|:--------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| dtr-br | bridge | Allows containers in the same node to communicate with each other in a secure way. |
| dtr-ol | overlay | Allows containers in different nodes to communicate. This network is used in high-availability installations, to allow etcd and RethinkDB containers to replicate their data across different nodes. |
| Name | Type | Description |
|:-------|:--------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| dtr-br | bridge | Allows containers on the same node to communicate with each other in a secure way. |
| dtr-ol | overlay | Allows containers running on different nodes to communicate. This network is used in high-availability installations, to allow Etcd and RethinkDB containers to replicate their data. |
The communication between all DTR components is secured using TLS. Also, when
installing DTR, two Certificate Authorities (CAs) are created. These CAs are
used to create the certificates used by Etcd and RethinkDB when communicating
across nodes.
## Volumes
@ -61,25 +65,24 @@ the default volume driver and flags.
By default, Docker Trusted Registry stores images on the filesystem of the host
where it is running.
You can also configure DTR for using these cloud storage backends:
You can also configure DTR to using these cloud storage backends:
* Amazon S3
* OpenStack Swift
* Microsoft Azure
For highly available installations, configure DTR to use a cloud storage
backend or a network filesystem like NFS.
## High-availability support
For load balancing and high-availability, you can create multiple replicas of
DTR. In that case, youll have multiple nodes, each running the
same set of containers.
<!--TODO: add diagram with 3 controllers -->
For load balancing and high-availability, you can install multiple replicas of
DTR, and join them to create a cluster.
[Learn more about high availability](high-availability/high-availability.md).
![](images/architecture-2.png)
## Where to go next
Notice that:
* You can load balance user requests between the controller nodes.
When you make a change to the configuration of one controller node, that
configuration is replicated to the other controllers.
* For high-availability, you should set up 3, 5, or 7 controller nodes.
* [System requirements](install/system-requirements.md)
* [Install DTR](install/install-dtr.md)

6
high-availability/backups-and-disaster-recovery.md
View File

@ -117,3 +117,9 @@ Where:
* `--username, --password` are the credentials of a UCP admin user,
* `--host` is the IP address of UCP,
* `--dtr-host` is the IP address of the host where DTR is going to be installed.
## Where to go next
* [Set up high availability](high-availability.md)
* [DTR architecture](../architecture.md)

76
high-availability/high-availability.md
View File

@ -13,51 +13,77 @@ weight=0
# Set up high availability
Docker Trusted Registry (DTR) is designed for high availability.
When installing DTR you can add multiple nodes to form a cluster.
Adding more nodes to your DTR cluster allows you to:
When you first install DTR, you create a cluster with a single DTR replica.
Replicas are single instances of DTR that can be joined together to form a
cluster.
When joining new replicas to the cluster, you'll be creating new DTR instances
that are running the same set of services. Any change to the state of an
instance, is replicated across all other instances.
* Load-balance user requests across the DTR nodes,
* Keep the DTR cluster working if a node fails.
Having a DTR cluster with multiple replicas, allows you to:
To make a DTR installation tolerant to node failures, add additional nodes to
* Load-balance user requests across the DTR replicas,
* Keep the DTR cluster working if a replica fails.
To make a DTR installation tolerant to failures, add additional replicas to
the DTR cluster.
| DTR nodes | Failures tolerated |
|:---------:|:------------------:|
| 1 | 0 |
| 3 | 1 |
| 5 | 2 |
| 7 | 3 |
| DTR replicas | Failures tolerated |
|:------------:|:------------------:|
| 1 | 0 |
| 3 | 1 |
| 5 | 2 |
| 7 | 3 |
When sizing your DTR installation for high-availability,
follow these rules of thumb:
* Don't create a DTR cluster with just two nodes. Your cluster
* Don't create a DTR cluster with just two replicas. Your cluster
won't tolerate any failures, and it's possible that you experience performance
degradation.
* When a node fails, the number of failures tolerated by your cluster
decreases. Don't leave that node offline for long.
* Adding too many nodes to the cluster might also lead to performance
degradation, as data needs to be replicated across all nodes.
* When a replica fails, the number of failures tolerated by your cluster
decreases. Don't leave that replica offline for long.
* Adding too many replicas to the cluster might also lead to performance
degradation, as data needs to be replicated across all replicas.
## Size your cluster
When installing DTR for production, you should have separate nodes for running
Docker Universal Control Plane (DTR), Docker Trusted Registry, and your
containers.
When installing DTR for production, you should have dedicated nodes for running:
Having dedicated nodes for UCP, DTR, and your containers, ensures they stay
performant since all applications have dedicated resources.
* Docker Universal Control Plane (UCP) controller nodes,
* DTR replicas,
* Your own applications.
Having dedicated nodes ensures all applications will remain performant since
they have dedicated resources for them.
It also makes it easier to implement backup policies and disaster recovery
plans.
plans for UCP and DTR.
For installing DTR for production, you'll need a minimum of:
To have have high-availability on UCP and DTR, you need a minimum of:
* 3 dedicated nodes to install UCP for high-availability,
* 3 dedicated nodes to install DTR for high-availability,
* 3 dedicated nodes to install UCP with high availability,
* 3 dedicated nodes to install DTR with high availability,
* As many nodes as you want for running your containers and applications.
<!-- TODO: add diagram to illustrate this -->
![](../images/architecture-3.png)
## Load balancing
DTR does not provide a load balancing service. You can use use an on-premises
or cloud-based load balancer to balance requests across multiple DTR replicas.
Make sure you configure your load balancer to:
* Not terminate HTTPS connections,
* Use the `/load_balancer_status` endpoint on each DTR replica, to check if
the replica is healthy and if it should remain on the load balancing pool or
not.
## Where to go next
* [Backups and disaster recovery](backups-and-disaster-recovery.md)
* [DTR architecture](../architecture.md)

BIN
images/create-repo-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 99 KiB

BIN
images/create-repo-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 113 KiB

BIN
images/install-dtr-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 155 KiB

BIN
images/install-dtr-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 94 KiB

BIN
images/install-dtr-3.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 126 KiB

BIN
images/install-dtr-4.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 114 KiB

BIN
images/license-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 126 KiB

BIN
images/monitor-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 114 KiB

BIN
images/monitor-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 155 KiB

BIN
images/overview-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 97 KiB

BIN
images/overview-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 91 KiB

57
install/install-dtr-offline.md
View File

@ -15,38 +15,45 @@ weight=30
The procedure to install Docker Trusted Registry on a host is the same,
whether that host has access to the internet or not.
The only difference when installing on an offline host,
is that instead of pulling the DTR images from Docker Hub, you use a
computer that is connected to the internet to download a single package with
all the images. Then you copy that package to the host where youll install DTR.
The only difference when installing DTR on an offline host, is that instead
of pulling the DTR images from Docker Hub, you use a computer that is connected
to the internet to download a single package with all the images. Then you
copy that package to the host where youll install DTR.
## Step 1. Get the DTR package
1. Get the DTR package.
Use a computer with internet access to download a single package with all DTR
images. As an example, to download UCP 2.0, run:
Use a computer with internet access to download a single package with all DTR
images. As an example, to download UCP 2.0, run:
```bash
$ wget https://packages.docker.com/dtr/2.0/dtr-2.0.0.tar
```
```bash
$ wget https://packages.docker.com/dtr/2.0/dtr-2.0.0.tar
```
## Step 2. Copy the package
Now that you have the DTR package file, transfer it to the host where you want
to install Docker Trusted Registry. You can use the `scp` command for this.
2. Transfer the package to the offline host.
```bash
$ scp ./dtr-2.0.0.tar user@dtr-host:/tmp
```
Now that you have the DTR package file, transfer it to the host where you want
to install Docker Trusted Registry. You can use the `scp` command for this.
## Step 3. Load the DTR images
```bash
$ scp ./dtr-2.0.0.tar user@dtr-host:/tmp
```
Once the package is on the host where you want to install DTR, you can use
the `docker load` command, to load the images from the .tar file.
3. Load the DTR images.
```bash
$ docker load < /tmp/dtr-2.0.0.tar
```
Once the package is on the host where you want to install DTR, you can use
the `docker load` command, to load the images from the .tar file.
## Step 4. Install DTR
```bash
$ docker load < /tmp/dtr-2.0.0.tar
```
Now that the offline host has all the images needed to install UCP,
you can [install DTR that machine](install-dtr.md).
4. Install DTR.
Now that the offline host has all the images needed to install UCP,
you can [install DTR that machine](install-dtr.md).
## Where to go next
* [DTR architecture](../architecture.md)
* [Install DTR](install-dtr.md)

221
install/install-dtr.md
View File

@ -15,176 +15,119 @@ weight=20
# Install Docker Trusted Registry
This document describes the process of obtaining, installing, and securing
Docker Trusted Registry. You can use these instructions if you are installing Trusted Registry on a physical or cloud infrastructure.
Docker Trusted Registry (DTR) is a containerized application that can be
installed on-premises or on a cloud infrastructure.
If your cloud provider is AWS, you have the option of installing Trusted Registry using an Amazon Machine Image (AMI) instead. For more information, read the [installation overview](index.md) to understand your options.
The first step in installing DTR, is ensuring your
infrastructure has all the [requirements DTR needs to run](system-requirements).
Once that is done, use these instructions to install DTR.
## Prerequisites
## Step 1. Install DTR
Docker Trusted Registry runs on the following 64-bit platforms:
To install DTR you use the `docker/dtr` image. This image has commands to
install, configure, and backup DTR.
* Ubuntu 14.04 LTS
* RHEL 7.0 and 7.1
* CentOS 7.1
* SUSE Linux Enterprise 12
To find what commands and options are available, check the
[reference documentation](../reference/install.md), or run:
Docker Trusted Registry requires the latest commercially supported Docker Engine (CS Engine), running on a supported host.
```bash
$ docker run --rm -it docker/dtr --help
```
The Docker daemon listens to the Unix socket (the default) so that it can be
bind-mounted into the Trusted Registry management containers. This allows
Trusted Registry to manage itself and its updates. For this reason, the host you
install on needs internet connectivity so it can access the updates.
Additionally, your host needs to have TCP ports `80` and `443` available for the
Docker Trusted Registry container port mapping.
To install DTR:
Installing Trusted Registry requires that you have a login to Docker Hub (or the
user-name of an administrator of the Hub organization that obtained an
Enterprise license. If you already installed CS Engine, you should already have a [Hub account](https://hub.docker.com).
1. Make your Docker CLI client point to UCP.
Also, you must have a license for Docker Trusted Registry. This license allows
you to run both Docker Trusted Registry and CS Engine. Before installing,
[purchase a license or sign up for a free, 30 day trial license](https://hub.docker.com/enterprise/).
Download a client certificate bundle from UCP, and use it to configure
your Docker CLI client to run the docker commands on the UCP cluster.
2. Run the following command to install DTR:
```bash
$ docker run -it --rm \
docker/dtr install
```
In this example we're running the install command interactively, so that it
prompts for the necessary configuration values.
You can also use flags to pass values to the install command.
3. Check that DTR is running.
In your browser, navigate to the the Docker **Universal Control Plane**
web UI, and navigate to the **Applications** screen. DTR should be listed
as an application.
![](../images/install-dtr-1.png)
You can also access the **DTR web UI**, to make sure it is working. In your
browser, navigate to the address were you installed DTR.
![](../images/install-dtr-2.png)
## Install Docker Trusted Registry
## Step 2. Configure DTR
Trusted Registry is a self-installing application built and distributed using
Docker and the [Docker Hub](https://hub.docker.com/). You install Docker Trusted
Registry by running the "docker/trusted-registry" container. Once installed, it
is able to restart and reconfigure itself using the Docker socket that is
bind-mounted to this container.
After installing DTR, you should configure:
1. Log in to the machine where you want to install Trusted Registry.
* The Domain Name used to access DTR,
* The certificates used for TLS communication,
* The storage backend to store the Docker images.
2. Verify that CS Engine is installed.
To perform these configurations, navigate to the **Settings** page of DTR.
$ docker --version
![](../images/install-dtr-3.png)
> **Note:** To remain compliant with your Docker Trusted Registry support agreement, you **must** use the current version of commercially supported Docker Engine. Running the open source version of Engine is **not** supported.
## Step 3. Test pushing and pulling
3. Login into the Docker Hub from the command line.
Now that you have a working installation of DTR, you should test that you can
push and pull images to it.
[Learn how to push and pull images](../repos-and-images/push-and-pull-images.md).
$ docker login
## Step 4. Join replicas to the cluster
4. Install the Trusted Registry
To set up DTR for [high availability](../high-availability/high-availability.md),
you can add more replicas to your DTR cluster. Adding more replicas allows you
to load-balance requests across all replicas, and keep DTR working if a
replica fails.
$ sudo bash -c "$(sudo docker run docker/trusted-registry install)"
To add replicas to a DTR cluster, use the `docker/dtr join` command. To find
what options are available, check the
[reference documentation](../reference/join.md), or run:
> **Note**: `sudo` is needed for `docker/trusted-registry` commands to
> ensure that the Bash script is run with full access to the Docker host.
```bash
$ docker run --rm -it docker/dtr join --help
```
The command executes a shell script that creates the needed directories,
pulls the registry's images, and run its containers. Depending on your
internet connection, this process may take several minutes to complete. A successful outcome completes as follows:
To add replicas:
$ sudo bash -c "$(sudo docker run docker/trusted-registry install)"
Unable to find image 'docker/trusted-registry:latest' locally
Pulling repository docker/trusted-registry
c46d58daad7d: Pulling image (latest) from docker/trusted-registry
c46d58daad7d: Pulling image (latest) from docker/trusted-registry
c46d58daad7d: Pulling dependent layers
511136ea3c5a: Download complete
fa4fd76b09ce: Pulling metadata
fa4fd76b09ce: Pulling fs layer
ff2996b1faed: Download complete
...
fd7612809d57: Pulling metadata
fd7612809d57: Pulling fs layer
fd7612809d57: Download complete
Status: Downloaded newer image for docker/trusted-registry:latest
Unable to find image 'docker/trusted-registry:1.1.0' locally
Pulling repository docker/trusted-registry
c46d58daad7d: Download complete
511136ea3c5a: Download complete
...
Status: Image is up to date for docker/trusted-registry:1.1.0
INFO [1.0.0_8ce62a61e058] Attempting to connect to docker engine dockerHost="unix:///var/run/docker.sock"
INFO [1.0.0_8ce62a61e058] Running install command
<...output truncated...>
Creating container docker_trusted_registry_load_balancer with docker daemon unix:///var/run/docker.sock
Starting container docker_trusted_registry_load_balancer with docker daemon unix:///var/run/docker.sock
Bringing up docker_trusted_registry_log_aggregator.
Creating container docker_trusted_registry_log_aggregator with docker daemon unix:///var/run/docker.sock
Starting container docker_trusted_registry_log_aggregator with docker daemon unix:///var/run/docker.sock
1. Make your Docker CLI client point to UCP.
5. Use `docker ps` to list all the running containers.
2. Run the join command:
The listing should show the following were started:
```bash
$ docker run -it --rm \
docker/dtr join
```
* `docker_trusted_registry_load_balancer`
* `docker_trusted_registry_image_storage_0`
* `docker_trusted_registry_image_storage_1`
* `docker_trusted_registry_admin_server`
* `docker_trusted_registry_log_aggregator`
* `docker_trusted_registry_auth_server`
* `docker_trusted_registry_postgres`
In this example we'll be running the join command interactively, so that it
prompts for the necessary configuration values.
You can also use flags to pass values to the command.
6. Enter the `https://<host-ip>/` your browser's address bar to run the Trusted Registry interface.
3. Check that all replicas are running.
Your browser warns you that this is an unsafe site, with a self-signed,
untrusted certificate. This is normal and expected; allow this connection
temporarily.
In your browser, navigate to the the Docker **Universal Control Plane**
web UI, and navigate to the **Applications** screen. All replicas should
be displayed.
![](../images/install-dtr-4.png)
## Set the Trusted Registry domain name
4. Follow steps 1 to 3, to add more replicas to the DTR cluster.
The Docker Trusted Registry Administrator site will also warn that the "Domain Name" is not set.
1. Select "Settings" from the global nav bar at the top of the page, and then set the "Domain Name" to the full host-name of your Docker Trusted Registry server.
2. Click the "Save and Restart Docker Trusted Registry Server" button to generate a new certificate, which will be used
by both the Docker Trusted Registry Administrator web interface and the Docker Trusted Registry server.
3. After the server restarts, you will again need to allow the connection to the untrusted Docker Trusted Registry web admin site.
4. You see a warning notification that this instance of Docker Trusted Registry is unlicensed. You'll correct this in the next section.
## Apply your license
The Docker Trusted Registry services will not start until you apply your license.
To do that, you'll first download your license from the Docker Hub and then
upload it to your Docker Trusted Registry web admin server. Follow these steps:
1. If needed, log back into the [Docker Hub](https://hub.docker.com)
using the user-name you used when obtaining your license. Under your name, go to Settings to display the Account Settings page. Click the Licenses submenu to display the Licenses page.
2. There is a list of available licenses. Click the download button to
obtain the license file you want.
3. Go to your Docker Trusted Registry instance in your browser, click Settings in the global nav bar. Click License in the Settings nav bar. Click the Choose File button. It opens a standard file browser. Locate and select the license file you downloaded in the previous step. Approve the selection to close the dialog.
4. Click the Save and restart button. Docker Trusted Registry quits and then restarts with the applied the license.
5. Verify the acceptance of the license by confirming that the "Unlicensed copy"
warning is no longer present.
## Secure the Trusted Registry
Securing Docker Trusted Registry is **required**. You will not be able to push
or pull from Docker Trusted Registry until you secure it.
There are several options and methods for securing Docker Trusted Registry. For
more information, see the [configuration documentation](../configure/configuration.md#security)
## Push and pull images
You have your Trusted Registry configured with a "Domain Name" and your
client Docker daemons configured with the required security settings. But
before you can test your setup by pushing an image, you need to create a
repository first. Follow the instructions for
[Using Docker Trusted Registry to Push and pull images](../repos-and-images/push-and-pull-images.md)
to create a repository and to push and pull images.
## Docker Trusted Registry web interface and registry authentication
By default, there is no authentication set on either the Docker Trusted Registry
web admin interface or the Docker Trusted Registry. You can restrict access
using an in-Docker Trusted Registry configured set of users (and passwords), or
you can configure Docker Trusted Registry to use LDAP- based authentication.
See [Docker Trusted Registry Authentication settings](../configure/configuration.md#authentication) for more details.
When configuring your DTR cluster for high-availability, you should have
3, 5, or 7 replicas.
[Learn more about high availability](../high-availability/high-availability.md)
## See also

28
install/license.md
View File

@ -13,15 +13,21 @@ weight=31
# License DTR
After installing Docker Trusted Registry, you need to license your installation.
If you just want to try DTR, you can
[get a trial license](https://www.docker.com/pricing).
By default, you don't need to license your Docker Trusted Registry. When
installing DTR, it automatically starts using the same license file used on
your Docker Universal Control Plane cluster.
However, there are some situations when you have to manually license your
DTR installation.:
* During an upgrade to a new major version;
* When your current license expires.
## Download your license
When your license is issued, you can download it on Docker Hub. On Docker Hub,
navigate to your profile settings. Then click the
When your new license is issued, you can download it on **Docker Hub**. Navigate
to your **Profile settings**, and click the
[Licenses tab](https://hub.docker.com/account/licenses/).
![](../images/get-license-2.png)
@ -30,9 +36,15 @@ navigate to your profile settings. Then click the
## License your installation
Once you've downloaded the license file, you can apply it to your DTR
installation. On your browser, navigate to DTR, and then go to the **settings
installation. Navigate to the **DTR web app**, and then go to the **Settings
page**.
<!-- TODO: add screenshot -->
![](../images/license-1.png)
**Upload the new license**, and click **save** for the changes to take effect.
Click the **Apply new license** button, and upload your new license file.
## Where to go next
* [Install DTR](install-dtr.md)
* [Install DTR offline](install-dtr-offline.md)

5
install/system-requirements.md
View File

@ -49,3 +49,8 @@ DTR collects anonymous usage metrics, to help us improve it. These metrics
are entirely anonymous, dont identify your company, users, applications,
or any other sensitive information. You can disable this on the DTR settings
page.
## Where to go next
* [DTR architecture](../architecture.md)
* [Install DTR](install-dtr.md)

48
install/uninstall.md
View File

@ -11,3 +11,51 @@ weight=50
<![end-metadata]-->
# Uninstall Docker Trusted Registry
Use the `docker/dtr remove` command, to remove a DTR replica from a cluster.
To uninstall a DTR cluster you remove all DTR replicas one at a time.
The remove command:
* Removes the replica from the cluster,
* Stops and removes all DTR containers,
* Deletes all DTR volumes.
To see what options are available in the uninstall command, check the
[uninstall command reference](../reference/remove.md), or run:
```bash
$ docker run --rm -it docker/dtr uninstall --help
```
## Example
The following example illustrates how use the remove command interactively to
remove a DTR replica from a cluster with multiple replicas:
```bash
# Get the certificates used by UCP
$ curl https://$UCP_HOST/ca > ucp-ca.pem
$ docker run --rm -it docker/dtr remove --ucp-ca "$(cat ucp-ca.pem)"
existing-replica-id (ID of an existing replica in a cluster): 7ae3cb044b70
replica-id (Specify the replica Id. Must be unique per replica, leave blank for random): a701a510126c
username (Specify the UCP admin username): $UCP_ADMIN
password: $UCP_PASSWORD
host (Specify the UCP host using the host[:port] format): $UCP_HOST
```
Where:
* existing-replica-id: is the id of any DTR replica of that cluster,
* replica-id: is the id of the DTR replica you want to remove,
* username and password: are the username and password of a UCP administrator.
Now you can confirm on Docker Universal Control Plane that the DTR replica
`a701a510126c` no longer exists.
## Where to go next
* [Install DTR](install-dtr.md)
* [Install DTR offline](install-dtr-offline.md)

12
monitor-troubleshoot/monitor.md
View File

@ -19,16 +19,20 @@ capabilities of Docker Universal Control Plane.
In your browser, log in to **Docker Universal Control Plane** (UCP), and
navigate to the **Applications** page.
<!-- TODO: add screenshot -->
To make it easier to find DTR, use the search box to **search for the
DTR application**. If you have DTR set up for high-availability, then all the
DTR nodes are displayed.
<!-- TODO: add screenshot -->
![](../images/monitor-1.png)
**Click on the DTR application** to see all of its containers, and if they're
running. **Click on a container** to see its details, like configurations,
resources, and logs.
<!-- TODO: add screenshot -->
![](../images/monitor-2.png)
## Where to go next
* [Troubleshoot DTR](troubleshoot.md)
* [DTR architecture](../architecture.md)

12
overview.md
View File

@ -16,13 +16,13 @@ Docker Trusted Registry (DTR) is the enterprise-grade image storage solution
from Docker. You install it behind your firewall so that you can securely store
and manage the Docker images you use in your applications.
<!-- TODO: add screenshot -->
## Image management
Docker UCP can be installed on-premises, or on a virtual private cloud.
And with it, you can store your Docker images securely, behind your firewall.
![](images/overview-1.png)
You can use DTR as part of your Continuous Integration (CI), and Continuous
Delivery (CD) processes, to build, run, and ship your applications.
@ -35,4 +35,10 @@ and Active Directory. It also supports Role Based Access Control (RBAC).
This allows you to implement fine-grain access control policies, on who has
access to your Docker images.
<!-- TODO: add screenshot -->
![](images/overview-2.png)
## Where to go next
* [DTR architecture](architecture.md)
* [Install DTR](install/install-dtr.md)

2
release-notes/index.md
View File

@ -6,6 +6,6 @@ keywords = ["docker, dtr, release notes, upgrade"]
[menu.main]
parent="workw_dtr"
identifier="dtr_menu_release_notes"
weight=120
weight=110
+++
<![end-metadata]-->

29
repos-and-images/create-repo.md
View File

@ -15,25 +15,26 @@ weight=0
Before you can push images to your Docker Trusted Registry, you need to
create a repository for them.
To create a new repository:
To create a new repository, navigate to the **DTR web application**, and click
the **New repository** button.
1. In your browser navigate to the **Docker Trusted Registry web application**.
![](../images/create-repo-1.png)
2. Navigate to the **Repositories** page. <!-- TODO: add sreenshot -->
Add a **name and description** for the repository, and choose whether your
repository is public or private:
3. Click **New repository**. <!-- TODO: add sreenshot -->
4. Add a **name and description** for the repository.
<!-- TODO: add sreenshot -->
5. Choose whether your repository is public or private:
* Private repositories are visible to all users, but can only be changed by
* Public repositories are visible to all users, but can only be changed by
users granted with permission to write them.
* Private repositories can only be seen by users that have been granted
permissions to that repository.
6. Click **Create** to create the repository.
![](../images/create-repo-2.png)
Now you can push your images to this repository.
Click **Save** to create the repository. Now you can push your images to this
repository.
## Where to go next
* [Push and pull images](push-and-pull-images.md)
* [Delete images](delete-images.md)

2
support.md
View File

@ -5,7 +5,7 @@ description="Your Docker subscription gives you access to prioritized support. Y
keywords = ["Docker, support", "help"]
[menu.main]
parent="workw_dtr"
weight=110
weight=120
+++
<![end-metadata]-->