docker/dtr install

Estimated reading time: 3 minutes

Install Docker Trusted Registry

Usage

docker run -it --rm docker/dtr \
    install [command options]

Description

This command installs Docker Trusted Registry (DTR) on a node managed by Docker Universal Control Plane (UCP).

After installing DTR, you can join additional DTR replicas using the ‘join’ command.

Example usage:

$ docker run -it –rm docker/dtr:2.2.0 install \ –ucp-node \ --ucp-insecure-tls

Note: We recommend –ucp-ca “$(cat ca.pem)” instead of –ucp-insecure-tls for a production deployment.

Options

Option Description  
--debug Enable debug mode for additional logging  
--dtr-ca Use a PEM-encoded TLS CA certificate for DTR. If not provided, one will be generated at install time.  
--dtr-cert Use a PEM-encoded TLS certificate for DTR. If not provided, one will be generated at install time.  
--dtr-external-url URL of the host or load balancer clients use to reach DTR. Format https://host[:port]  
--dtr-key Use a PEM-encoded TLS private key for DTR. If not provided, one will be generated at install time.  
--dtr-storage-volume Full path or volume name to store Docker images in the local filesystem  
--enable-pprof Enables pprof profiling of the server  
--extra-envs Environment variables or swarm constraints for DTR containers. Format var=val[&var=val]  
--http-proxy The HTTP proxy used for outgoing requests  
--https-proxy The HTTPS proxy used for outgoing requests  
--hub-password Password to use when pulling images  
--hub-username Username to use when pulling images  
--log-host Endpoint to send logs to, required if –log-protocol is tcp or udp  
--log-level Log level for container logs. Default: INFO  
--log-protocol The protocol for sending container logs: tcp, tcp+tls, udp or internal. Default: internal  
--nfs-storage-url NFS to store Docker images. Requires NFS client libraries. Format nfs://<ip hostname>/
--no-proxy Don’t use a proxy for these domains. Format acme.org[, acme.com]  
--overlay-subnet The subnet used by the dtr-ol overlay network. Example: 10.0.0.0/24  
--replica-http-port The public HTTP port for the DTR replica. Default is 80  
--replica-https-port The public HTTPS port for the DTR replica. Default is 443  
--replica-id Assign an ID to the DTR replica. By default the ID is random  
--ucp-ca Use a PEM-encoded TLS CA certificate for UCP  
--ucp-insecure-tls Disable TLS verification for UCP  
--ucp-node The hostname of the target UCP node. Set to empty string or “random” to pick one at random.  
--ucp-password The UCP administrator password  
--ucp-url The UCP URL including domain and port  
--ucp-username The UCP administrator username  
--unsafe Allow DTR to be installed on any engine version  
chat icon Feedback? Suggestions? Can't find something in the docs?
Edit this page Request docs changes Get support