mirantis/dtr reconfigure¶
Change MSR configurations.
Usage¶
docker run -it --rm mirantis/dtr reconfigure [command options]
Description¶
The reconfigure command changes MSR configuration settings.
MSR is restarted for the new configurations to take effect. To have no down time, configure your MSR for high availability.
Options¶
Option |
Environment variable |
Description |
---|---|---|
|
$ASYNC_NFS |
Use async NFS volume options on the replica specified in the
|
|
$CLIENT_CA |
Specify root CA certificates for client authentication with
|
|
$CUSTOM_CA_CERTS_ BUNDLE |
Specify additional CA certificates for MSR service containers to use
when verifying TLS server certificates with
|
|
$DEBUG |
Enable debug mode for additional logs of this bootstrap container (the
log level of downstream MSR containers can be set with |
|
$MSR_CA |
Use a PEM-encoded TLS CA certificate for MSR. By default MSR generates a
self-signed TLS certificate during deployment. You can use your own root
CA public certificate with |
|
$MSR_CERT |
Use a PEM-encoded TLS certificate for MSR. By default MSR generates a
self-signed TLS certificate during deployment. You can use your own
public key certificate with |
|
$MSR_EXTERNAL_URL |
URL of the host or load balancer clients use to reach MSR. When you use
this flag, users are redirected to MKE for logging in. Once
authenticated they are redirected to the url you specify in this flag.
If you don’t use this flag, MSR is deployed without single sign-on with
MKE. Users and teams are shared but users login separately into the two
applications. You can enable and disable single sign-on in the MSR
settings. Format |
|
$MSR_KEY |
Use a PEM-encoded TLS private key for MSR. By default MSR generates a
self-signed TLS certificate during deployment. You can use your own TLS
private key with |
|
$MSR_STORAGE_ VOLUME |
Customize the volume to store Docker images. By default MSR creates a
volume to store the Docker images in the local filesystem of the node
where MSR is running, without high-availability. Use this flag to
specify a full path or volume name for MSR to store images. For
high-availability, make sure all MSR replicas can read and write data on
this volume. If you’re using NFS, use |
|
$ENABLE_CLIENT_CERT_ AUTH |
Enables TLS client certificate authentication; use
|
|
$MSR_PPROF |
Enables pprof profiling of the server. Use |
|
$MSR_REPLICA_ID |
The ID of an existing MSR replica. To add, remove or modify MSR, you must connect to an existing healthy replica’s database. |
|
$FORCE_RECREATE_NFS_ VOLUME |
Force MSR to recreate NFS volumes on the replica specified by
|
|
$MSR_EXTENDED_HELP |
Display extended help text for a given command. |
|
$MSR_HTTP_PROXY |
The HTTP proxy used for outgoing requests. |
|
$MSR_HTTPS_PROXY |
The HTTPS proxy used for outgoing requests. |
|
$LOG_HOST |
The syslog system to send logs to. The endpoint to send logs to. Use
this flag if you set |
|
$LOG_LEVEL |
Log level for all container logs when logging to syslog. Default: INFO.
The supported log levels are |
|
$LOG_PROTOCOL |
The protocol for sending logs. Default is internal. By default, MSR
internal components log information using the logger specified in the
Docker daemon in the node where the MSR replica is deployed. Use this
option to send MSR logs to an external syslog system. The supported
values are |
|
$MAX_WAIT |
The maximum amount of time MSR allows an operation to complete within.
This is frequently used to allocate more startup time to very large MSR
databases. The value is a Golang duration string. For example, |
|
$NFS_OPTIONS |
Pass in NFS volume options verbatim for the replica specified in the
|
|
$NFS_STORAGE_URL |
Set the URL for the NFS storage backend. docker run -it --rm mirantis/dtr:2.9.16 reconfigure --nfs-storage-url nfs://<IP-of-NFS-server>/path/to/mountdir
To reconfigure MSR to stop using NFS, leave the option empty: docker run -it --rm mirantis/dtr:{{ page.dtr_version}} reconfigure --nfs-storage-url ""
Refer to Reconfigure MSR to use NFS for more details. |
|
$NOCOLOR |
Disable output coloring in logs. |
|
$MSR_NO_PROXY |
List of domains the proxy should not be used for. When using
|
|
$REINITIALIZE_STORAGE |
Set the flag when you have changed storage backends but have not moved the contents of the old storage backend to the new one. Erases all tags in the registry. |
|
$REPLICA_HTTP_PORT |
The public HTTP port for the MSR replica. Default is |
|
$REPLICA_HTTPS_PORT |
The public HTTPS port for the MSR replica. Default is |
|
$RETHINKDB_CACHE_ MB |
The maximum amount of space in MB for RethinkDB in-memory cache used by
the given replica. Default is auto. Auto is |
|
$STORAGE_MIGRATED |
A flag added in 2.6.4 which lets you indicate the migration status of your storage data. Specify this flag if you are migrating to a new storage backend and have already moved all contents from your old backend to your new one. If not specified, MSR will assume the new backend is empty during a backend storage switch, and consequently destroy your existing tags and related image metadata. |
|
$UCP_CA |
Use a PEM-encoded TLS CA certificate for MKE. Download the MKE TLS CA
certificate from |
|
$UCP_INSECURE_TLS |
Disable TLS verification for MKE. |
|
$UCP_PASSWORD |
The MKE administrator password. |
|
$UCP_URL |
The MKE URL including domain and port. |
|
$UCP_USERNAME |
The MKE administrator username. |