Hunting the white whale of mutable immutable infrastructure
Go to file
R Tyler Croy 7ad8b8eed7 Fix cols 2020-09-12 10:36:47 -07:00
layers.d Add an example layers directory for the server to read from 2019-10-20 11:07:36 -07:00
src Minor documentation tweaks 2020-09-12 10:34:46 -07:00
support Add this support directory for some simple testing 2020-07-19 14:12:14 -07:00
.gitignore Work-in-progress reworking in Rust 2020-02-01 03:54:18 -08:00
Cargo.lock Add the snippet of code for checksumming layers for metadata 2020-09-09 10:54:05 -07:00
Cargo.toml Add the snippet of code for checksumming layers for metadata 2020-09-09 10:54:05 -07:00
HACKING.adoc Clean up a lot of the older files 2020-09-12 10:31:52 -07:00
LICENSE.txt Add the AGPLv3 license 2020-09-12 09:49:22 -07:00
README.adoc Fix cols 2020-09-12 10:36:47 -07:00

README.adoc

<html lang="en"> <head> </head>

Contaminate

Contaminate is a caching proxy masquerading as Docker registry. It can modify Docker images and manifests on the fly, for those who need a little more mutability in their immutable infrastructure.

Configuration

Contaminate can be configured with a contaminate.yml file, or via specific environment variables which can override configuration values.

YAML Keys

Name

Env Variable

Default Value

Notes

layers_dir

CT_layers_dir

./layers.d

A directory containing the layers to override on images passing through Contaminate.

registry

CT_registry

https://registry-1.docker.io

A Registry HTTP V2 compliant URL, reachable by Contaminate.

Environment Variables

Name

Default Value

Notes

RUST_LOG

warn

Log level for Contaminate logs to be printed

RUST_BACKTRACE

0

Print full stack traces when errors occur

Hacking

Ensure that your local Docker daemon can access your Contaminate instance without requiring HTTPs:

/etc/sysconfig/docker
DOCKER_OPTS="--insecure-registry=localhost:5000 --insecure-registry=localhost:9090"

Running a local Docker registry to contaminate:

docker run --rm -ti -e REGISTRY_HTTP_SECRET=secret -p 5000:5000 registry:2

Pull some upstream images and push them into your registry

docker pull alpine:latest
docker tag alpine:latest localhost:5000/library/alpine:latest
docker push localhost:5000/library/alpine:latest
</html>