Configuring Anchore
Configuring Anchore Enterprise starts with configuring each of the core services. Anchore Enterprise deployments using docker-compose for trials or Helm for production are designed to run by default with no modifications necessary to get started. Although, many options are available to tune your production deployment to fit your needs.
About Configuring Anchore Enterprise
All system services (except the UI, which has its own configuration) require a single configuration which is read from /config/config.yaml
when each service starts up. Settings in this file are mostly related to static settings that are fundamental to the deployment of system services. They are most often updated when the system is being initially tuned for a deployment. They may, infrequently, need to be updated after they have been set as appropriate for any given deployment.
By default, Anchore Enterprise includes a config.yaml that is functional out-of-the-box, with some parameters set to an environment variable for common site-specific settings. These settings are then set either in docker-compose.yaml, by the Helm chart, or as appropriate for other orchestration/deployment tools.
When deploying Anchore Enterprise using the Helm chart, you can configure it by modifying the anchoreConfig
section in your values file. This section corresponds to the default config.yaml
file included in the Anchore Enterprise container image. The values file serves to override the default configurations and should be modified to suit your deployment.
- General Configuration
- Air Gapping
- Content Hints
- Custom Certificates
- Environment Variable Substitution
- False Positive Management
- Feeds Service
- Integrations
- Malware
- Max Image Size
- Monitoring
- Network Proxies
- Notifications
- Pipeline Scanning
- RBAC
- Reports
- Runtime Inventory
- SSO
- Storage
- TLS / SSL
- UI
- User Credential Storage
- Vulnerability Scanner
- Windows Support