Commit Graph

29 Commits

Author SHA1 Message Date
Daniel Jiang
1ca1eddb0f Merge pull request #2676 from yixingjia/nginxonphoton
Move nginx to photon OS
2017-07-01 00:08:08 +08:00
Wenkai Yin
bdbdb383ac update 2017-06-30 16:21:55 +08:00
yixingj
fc50fd51d5 Move nginx to photon OS 2017-06-30 14:03:42 +08:00
Wenkai Yin
d6b4330cc8 create a global project manager 2017-06-30 00:08:45 +08:00
Daniel Jiang
0b02231093 Update registry img (#2330)
* update the registry image

* update other yml files and docs to reflect image update
2017-05-19 00:19:27 -07:00
Tan Jiang
965c7a5e70 reference the patched nginx image 2017-04-07 15:07:46 +08:00
Wenkai Yin
e60fd0530f mount config to another dir, fix #1939 2017-04-07 09:14:41 +08:00
wy65701436
f6c4137af1 fix issue 1916 2017-04-05 22:53:09 -07:00
Daniel Jiang
7d6d641827 Merge branch 'master' into dev 2017-04-05 17:01:27 +08:00
Wenkai Yin
ee2a6748c0 mount ca dir to container, fix #1829 2017-03-30 12:50:20 +08:00
Tan Jiang
a33f4151e2 merge with dev branch 2017-03-24 14:40:34 +08:00
Tan Jiang
980101eab5 package vmware/registry into offline package 2017-03-23 12:36:36 +08:00
Tan Jiang
44cd3ec85b update make file and docker compose template 2017-03-22 20:56:08 +08:00
Tan Jiang
f9180c0c96 rebuild registry image on photon 2017-03-22 20:27:15 +08:00
Wenkai Yin
383997f785 read capacity from adminserver 2017-03-21 16:28:24 +08:00
Wenkai Yin
108aa21499 upgrade registry to 2.6.0 2017-03-16 13:44:16 +08:00
Aron Parsons
8ab45d439b label volumes for SELinux
allow Harbor to run when dockerd is running with --selinux-enabled

example AVC denials:
type=AVC msg=audit(1488384855.681:154671): avc:  denied  { read } for  pid=454 comm="registry" name="config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.681:154671): avc:  denied  { open } for  pid=454 comm="registry" path="/etc/registry/config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.687:154672): avc:  denied  { append } for  pid=350 comm=72733A6D61696E20513A526567 name="registry.log" dev="dm-5" ino=4315920 scontext=system_u:system_r:svirt_lxc_net_t:s0:c599,c800 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384856.895:154702): avc:  denied  { remove_name } for  pid=708 comm="mysqld" name="4691d4d62464.lower-test" dev="dm-12" ino=402656159 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=dir
type=AVC msg=audit(1488384856.926:154703): avc:  denied  { lock } for  pid=708 comm="mysqld" path="/var/lib/mysql/ibdata1" dev="dm-12" ino=402656097 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384857.958:154736): avc:  denied  { open } for  pid=924 comm="harbor_jobservi" path="/etc/jobservice/app.conf" dev="dm-8" ino=142 scontext=system_u:system_r:svirt_lxc_net_t:s0:c102,c158 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc:  denied  { read } for  pid=1017 comm="nginx" name="nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc:  denied  { open } for  pid=1017 comm="nginx" path="/etc/nginx/nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
2017-03-03 14:13:39 -05:00
yhua
9f18c8458b fix #1332 2017-02-27 18:52:22 +08:00
Wenkai Yin
9f3f48be59 add harbor network to adminserver 2017-02-24 14:35:11 +08:00
Wenkai Yin
414e8a8bcf Merge remote-tracking branch 'upstream/dev' into 170224_merge_config
Conflicts:
	make/docker-compose.tpl
	src/ui/service/token/authutils.go
2017-02-24 13:52:19 +08:00
Wenkai Yin
40eb6bb7d3 encrypt passwords enhancement 2017-02-22 16:59:28 +08:00
Wenkai Yin
390f89ee0a encrypt passwords and secret 2017-02-17 18:23:21 +08:00
Daniel Jiang
a17cd5bcfe add a default network for containers in harbor (#1384)
LGTM
2017-02-16 14:51:21 +08:00
Wenkai Yin
b62a958250 configure harbor 2017-01-12 17:15:32 +08:00
yhua
0249f2181a update registry from 2.5.0 to 2.5.1 2016-12-15 16:50:50 +08:00
kunw
55b98f9abd Merge remote-tracking branch 'upstream/dev' into dev-volume-info 2016-11-09 14:53:26 +08:00
Wenkai Yin
4fcfffeb47 upgrade nginx to 1.11.5 2016-11-02 15:49:28 +08:00
kunw
560b41b5e6 Merge remote-tracking branch 'upstream/dev' into dev-volume-info 2016-11-02 12:46:57 +08:00
yhua
03e2a3ee56 remove tag in docker-compose.yml 2016-10-26 13:09:12 +08:00