Configuring Anchore
Introduction
Configuring Anchore Enterprise starts with configuring the core services, along with specific configurations for each enterprise service. Enterprise deployments using the trial quickstart (docker-compose) or production (using Helm or other) are designed to run by default with no modifications necessary to get started, though many options are available to tune your production deployment to fit your needs. All system (except the UI, which has its own configuration) services require a single configuration which is ready from /config/config.yaml when each service starts up. Settings in this file are mostly related to static settings that are fundamental to the deployment of system services, and are most often updated when the system is being initially tuned for a deployment (and very infrequently need to be updated after they have been set as appropriate for any given deployment of anchore-engine). By default, anchore-engine includes a config.yaml that is functional out of the box, with some parameters set to an environment variable for common site-specific settings (which are then set either in docker-compose.yaml, by the Helm chart, or as appropriate for other orchestration/deployment tools).
- General Configuration
- Environment Variable Substitution
- Custom Certificates
- TLS / SSL
- Network Proxies
- Enterprise UI
- Enterprise Feeds Service
- Enterprise RBAC Module
- Storage Configuration
- Max Image Size
NOTE - The latest default configuration file can always be extracted from the Enterprise container to review the latest options and environment overrides using the following process:
# docker login
# docker pull docker.io/anchore/enterprise:latest
# docker create --name ae docker.io/anchore/enterprise:latest
# docker cp ae:/config/config.yaml /tmp/my-config.yaml
# docker rm ae
# cat /tmp/my-config.yaml
...
...
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.