Keane Lim 3c5fa979a4 Security guide update

Re-organized topic hierarchy

Tiny edit to restart review workflow.

Squashed with Resolved index.rst conflict commit

Change-Id: I13472792cb19d1e9975ac76c6954d38054d606c5
Signed-off-by: Keane Lim <keane.lim@windriver.com>
Signed-off-by: MCamp859 <maryx.camp@intel.com>

2021-03-12 15:10:40 -05:00

1.5 KiB

Raw Blame History

Connect to Container Registries through a Firewall or Proxy

You can use service parameters to connect to container registries that are otherwise inaccessible behind a firewall or proxy.

Do one of the following to allow access to a specified URL.

To allow access over HTTP:

~(keystone_user)$ system service-parameter-modify platform docker http_proxy http://<my.proxy.com>:1080
~(keystone_user)$ system service-parameter-apply platform

To allow access over HTTPS:

~(keystone_user)$ system service-parameter-modify platform docker https_proxy https://<my.proxy.com>:1443
~(keystone_user)$ system service-parameter-apply platform

Substitute the correct value for <my.proxy.com>.

If you access registries that are not on the other side of the firewall/proxy, you can specify their IP addresses in the no_proxy service parameter as a comma separated list.

Note

Addresses must not be in subnet format and cannot contain wildcards.

For example:
```
~(keystone_user)$ system service-parameter-modify platform docker no_proxy: 1.2.3.4, 5.6.7.8
~(keystone_user)$ system service-parameter-apply platform
```

1.5 KiB Raw Blame History

Connect to Container Registries through a Firewall or Proxy

1.5 KiB

Raw Blame History