Configuring Anchore

Introduction

Configuring Anchore Enterprise starts with configuring the core services, along with specific configurations for each enterprise service. Enterprise deployments using the trial quickstart (docker-compose) or production (using Helm or other) are designed to run by default with no modifications necessary to get started, though many options are available to tune your production deployment to fit your needs. All system (except the UI, which has its own configuration) services require a single configuration which is ready from /config/config.yaml when each service starts up. Settings in this file are mostly related to static settings that are fundamental to the deployment of system services, and are most often updated when the system is being initially tuned for a deployment (and very infrequently need to be updated after they have been set as appropriate for any given deployment of anchore-engine). By default, anchore-engine includes a config.yaml that is functional out of the box, with some parameters set to an environment variable for common site-specific settings (which are then set either in docker-compose.yaml, by the Helm chart, or as appropriate for other orchestration/deployment tools).

NOTE - The latest default configuration file can always be extracted from the Enterprise container to review the latest options and environment overrides using the following process:

# docker login
# docker pull docker.io/anchore/enterprise:latest
# docker create --name ae docker.io/anchore/enterprise:latest
# docker cp ae:/config/config.yaml /tmp/my-config.yaml
# docker rm ae
# cat /tmp/my-config.yaml
...
...

Last modified February 1, 2021: Added seperate page for max image size config (48e2d10)