Cleaning up the welcome page, terminology, and images.

.gitignore

@@ -15,3 +15,4 @@ docs/_build
 docs/_static
 docs/_templates
 .gopath/
+.dotcloud

docs/sources/concepts/index.rst

@@ -1,10 +1,10 @@
-:title: Concepts
-:description: -- todo: change me
+:title: Overview
+:description: Docker documentation summary
 :keywords: concepts, documentation, docker, containers
 
 
 
-Concepts
+Overview
 ========
 
 Contents:
@@ -13,4 +13,4 @@ Contents:
    :maxdepth: 1
 
    ../index
-
+   manifesto

docs/sources/concepts/manifesto.rst

@@ -0,0 +1,191 @@
+:title: Manifesto
+:description: An overview of Docker and standard containers
+:keywords: containers, lxc, concepts, explanation
+
+.. _dockermanifesto:
+
+*(This was our original Welcome page, but it is a bit forward-looking
+for docs, and maybe not enough vision for a true manifesto. We'll
+reveal more vision in the future to make it more Manifesto-y.)*
+
+Docker Manifesto
+----------------
+
+Docker complements LXC with a high-level API which operates at the
+process level. It runs unix processes with strong guarantees of
+isolation and repeatability across servers.
+
+Docker is a great building block for automating distributed systems:
+large-scale web deployments, database clusters, continuous deployment
+systems, private PaaS, service-oriented architectures, etc.
+
+- **Heterogeneous payloads** Any combination of binaries, libraries,
+  configuration files, scripts, virtualenvs, jars, gems, tarballs, you
+  name it. No more juggling between domain-specific tools. Docker can
+  deploy and run them all.
+- **Any server** Docker can run on any x64 machine with a modern linux
+  kernel - whether it's a laptop, a bare metal server or a VM. This
+  makes it perfect for multi-cloud deployments.
+- **Isolation** docker isolates processes from each other and from the
+  underlying host, using lightweight containers.
+- **Repeatability** Because containers are isolated in their own
+  filesystem, they behave the same regardless of where, when, and
+  alongside what they run.
+
+.. image:: images/lego_docker.jpg
+   :target: http://bricks.argz.com/ins/7823-1/12
+
+What is a Standard Container?
+.............................
+
+Docker defines a unit of software delivery called a Standard
+Container. The goal of a Standard Container is to encapsulate a
+software component and all its dependencies in a format that is
+self-describing and portable, so that any compliant runtime can run it
+without extra dependency, regardless of the underlying machine and the
+contents of the container.
+
+The spec for Standard Containers is currently work in progress, but it
+is very straightforward. It mostly defines 1) an image format, 2) a
+set of standard operations, and 3) an execution environment.
+
+A great analogy for this is the shipping container. Just like Standard
+Containers are a fundamental unit of software delivery, shipping
+containers are a fundamental unit of physical delivery.
+
+Standard operations
+~~~~~~~~~~~~~~~~~~~
+
+Just like shipping containers, Standard Containers define a set of
+STANDARD OPERATIONS. Shipping containers can be lifted, stacked,
+locked, loaded, unloaded and labelled. Similarly, standard containers
+can be started, stopped, copied, snapshotted, downloaded, uploaded and
+tagged.
+
+
+Content-agnostic
+~~~~~~~~~~~~~~~~~~~
+
+Just like shipping containers, Standard Containers are
+CONTENT-AGNOSTIC: all standard operations have the same effect
+regardless of the contents. A shipping container will be stacked in
+exactly the same way whether it contains Vietnamese powder coffee or
+spare Maserati parts. Similarly, Standard Containers are started or
+uploaded in the same way whether they contain a postgres database, a
+php application with its dependencies and application server, or Java
+build artifacts.
+
+Infrastructure-agnostic
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Both types of containers are INFRASTRUCTURE-AGNOSTIC: they can be
+transported to thousands of facilities around the world, and
+manipulated by a wide variety of equipment. A shipping container can
+be packed in a factory in Ukraine, transported by truck to the nearest
+routing center, stacked onto a train, loaded into a German boat by an
+Australian-built crane, stored in a warehouse at a US facility,
+etc. Similarly, a standard container can be bundled on my laptop,
+uploaded to S3, downloaded, run and snapshotted by a build server at
+Equinix in Virginia, uploaded to 10 staging servers in a home-made
+Openstack cluster, then sent to 30 production instances across 3 EC2
+regions.
+
+
+Designed for automation
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Because they offer the same standard operations regardless of content
+and infrastructure, Standard Containers, just like their physical
+counterpart, are extremely well-suited for automation. In fact, you
+could say automation is their secret weapon.
+
+Many things that once required time-consuming and error-prone human
+effort can now be programmed. Before shipping containers, a bag of
+powder coffee was hauled, dragged, dropped, rolled and stacked by 10
+different people in 10 different locations by the time it reached its
+destination. 1 out of 50 disappeared. 1 out of 20 was damaged. The
+process was slow, inefficient and cost a fortune - and was entirely
+different depending on the facility and the type of goods.
+
+Similarly, before Standard Containers, by the time a software
+component ran in production, it had been individually built,
+configured, bundled, documented, patched, vendored, templated, tweaked
+and instrumented by 10 different people on 10 different
+computers. Builds failed, libraries conflicted, mirrors crashed,
+post-it notes were lost, logs were misplaced, cluster updates were
+half-broken. The process was slow, inefficient and cost a fortune -
+and was entirely different depending on the language and
+infrastructure provider.
+
+
+Industrial-grade delivery
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+There are 17 million shipping containers in existence, packed with
+every physical good imaginable. Every single one of them can be loaded
+on the same boats, by the same cranes, in the same facilities, and
+sent anywhere in the World with incredible efficiency. It is
+embarrassing to think that a 30 ton shipment of coffee can safely
+travel half-way across the World in *less time* than it takes a
+software team to deliver its code from one datacenter to another
+sitting 10 miles away.
+
+With Standard Containers we can put an end to that embarrassment, by
+making INDUSTRIAL-GRADE DELIVERY of software a reality.
+
+Standard Container Specification
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+(TODO)
+
+Image format
+~~~~~~~~~~~~
+
+Standard operations
+~~~~~~~~~~~~~~~~~~~
+
+-  Copy
+-  Run
+-  Stop
+-  Wait
+-  Commit
+-  Attach standard streams
+-  List filesystem changes
+-  ...
+
+Execution environment
+~~~~~~~~~~~~~~~~~~~~~
+
+Root filesystem
+^^^^^^^^^^^^^^^
+
+Environment variables
+^^^^^^^^^^^^^^^^^^^^^
+
+Process arguments
+^^^^^^^^^^^^^^^^^
+
+Networking
+^^^^^^^^^^
+
+Process namespacing
+^^^^^^^^^^^^^^^^^^^
+
+Resource limits
+^^^^^^^^^^^^^^^
+
+Process monitoring
+^^^^^^^^^^^^^^^^^^
+
+Logging
+^^^^^^^
+
+Signals
+^^^^^^^
+
+Pseudo-terminal allocation
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Security
+^^^^^^^^
+

docs/sources/index.rst

@@ -1,127 +1,38 @@
-:title: Introduction
-:description: An introduction to docker and standard containers?
+:title: Welcome to the Docker Documentation
+:description: An overview of the Docker Documentation
 :keywords: containers, lxc, concepts, explanation
 
 .. _introduction:
 
-Introduction
-============
+Welcome
+=======
 
-Docker -- The Linux container runtime
--------------------------------------
+.. image:: concepts/images/dockerlogo-h.png
 
-Docker complements LXC with a high-level API which operates at the process level. It runs unix processes with strong guarantees of isolation and repeatability across servers.
+``docker``, the Linux Container Runtime, runs Unix processes with
+strong guarantees of isolation across servers. Your software runs
+repeatably everywhere because its :ref:`container_def` includes any
+dependencies.
 
-Docker is a great building block for automating distributed systems: large-scale web deployments, database clusters, continuous deployment systems, private PaaS, service-oriented architectures, etc.
+``docker`` runs three ways:
 
+* as a daemon to manage LXC containers on your :ref:`Linux host
+  <kernel>` (``sudo docker -d``)
+* as a :ref:`CLI <cli>` which talks to the daemon's `REST API
+  <api/docker_remote_api>`_ (``docker run ...``)
+* as a client of :ref:`Repositories <working_with_the_repository>`
+  that let you share what you've built (``docker pull, docker
+  commit``).
 
-- **Heterogeneous payloads** Any combination of binaries, libraries, configuration files, scripts, virtualenvs, jars, gems, tarballs, you name it. No more juggling between domain-specific tools. Docker can deploy and run them all.
-- **Any server** Docker can run on any x64 machine with a modern linux kernel - whether it's a laptop, a bare metal server or a VM. This makes it perfect for multi-cloud deployments.
-- **Isolation** docker isolates processes from each other and from the underlying host, using lightweight containers.
-- **Repeatability** Because containers are isolated in their own filesystem, they behave the same regardless of where, when, and alongside what they run.
+Each use of ``docker`` is documented here. The features of Docker are
+currently in active development, so this documention will change
+frequently.
 
-.. image:: concepts/images/lego_docker.jpg
-
-
-What is a Standard Container?
------------------------------
-
-Docker defines a unit of software delivery called a Standard Container. The goal of a Standard Container is to encapsulate a software component and all its dependencies in
-a format that is self-describing and portable, so that any compliant runtime can run it without extra dependency, regardless of the underlying machine and the contents of the container.
-
-The spec for Standard Containers is currently work in progress, but it is very straightforward. It mostly defines 1) an image format, 2) a set of standard operations, and 3) an execution environment.
-
-A great analogy for this is the shipping container. Just like Standard Containers are a fundamental unit of software delivery, shipping containers (http://bricks.argz.com/ins/7823-1/12) are a fundamental unit of physical delivery.
-
-Standard operations
-~~~~~~~~~~~~~~~~~~~
-
-Just like shipping containers, Standard Containers define a set of STANDARD OPERATIONS. Shipping containers can be lifted, stacked, locked, loaded, unloaded and labelled. Similarly, standard containers can be started, stopped, copied, snapshotted, downloaded, uploaded and tagged.
-
-
-Content-agnostic
-~~~~~~~~~~~~~~~~~~~
-
-Just like shipping containers, Standard Containers are CONTENT-AGNOSTIC: all standard operations have the same effect regardless of the contents. A shipping container will be stacked in exactly the same way whether it contains Vietnamese powder coffee or spare Maserati parts. Similarly, Standard Containers are started or uploaded in the same way whether they contain a postgres database, a php application with its dependencies and application server, or Java build artifacts.
-
-
-Infrastructure-agnostic
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Both types of containers are INFRASTRUCTURE-AGNOSTIC: they can be transported to thousands of facilities around the world, and manipulated by a wide variety of equipment. A shipping container can be packed in a factory in Ukraine, transported by truck to the nearest routing center, stacked onto a train, loaded into a German boat by an Australian-built crane, stored in a warehouse at a US facility, etc. Similarly, a standard container can be bundled on my laptop, uploaded to S3, downloaded, run and snapshotted by a build server at Equinix in Virginia, uploaded to 10 staging servers in a home-made Openstack cluster, then sent to 30 production instances across 3 EC2 regions.
-
-
-Designed for automation
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Because they offer the same standard operations regardless of content and infrastructure, Standard Containers, just like their physical counterpart, are extremely well-suited for automation. In fact, you could say automation is their secret weapon.
-
-Many things that once required time-consuming and error-prone human effort can now be programmed. Before shipping containers, a bag of powder coffee was hauled, dragged, dropped, rolled and stacked by 10 different people in 10 different locations by the time it reached its destination. 1 out of 50 disappeared. 1 out of 20 was damaged. The process was slow, inefficient and cost a fortune - and was entirely different depending on the facility and the type of goods.
-
-Similarly, before Standard Containers, by the time a software component ran in production, it had been individually built, configured, bundled, documented, patched, vendored, templated, tweaked and instrumented by 10 different people on 10 different computers. Builds failed, libraries conflicted, mirrors crashed, post-it notes were lost, logs were misplaced, cluster updates were half-broken. The process was slow, inefficient and cost a fortune - and was entirely different depending on the language and infrastructure provider.
-
-
-Industrial-grade delivery
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-There are 17 million shipping containers in existence, packed with every physical good imaginable. Every single one of them can be loaded on the same boats, by the same cranes, in the same facilities, and sent anywhere in the World with incredible efficiency. It is embarrassing to think that a 30 ton shipment of coffee can safely travel half-way across the World in *less time* than it takes a software team to deliver its code from one datacenter to another sitting 10 miles away.
-
-With Standard Containers we can put an end to that embarrassment, by making INDUSTRIAL-GRADE DELIVERY of software a reality.
-
-
-Standard Container Specification
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-(TODO)
-
-Image format
-~~~~~~~~~~~~
-
-Standard operations
-~~~~~~~~~~~~~~~~~~~
-
--  Copy
--  Run
--  Stop
--  Wait
--  Commit
--  Attach standard streams
--  List filesystem changes
--  ...
-
-Execution environment
-~~~~~~~~~~~~~~~~~~~~~
-
-Root filesystem
-^^^^^^^^^^^^^^^
-
-Environment variables
-^^^^^^^^^^^^^^^^^^^^^
-
-Process arguments
-^^^^^^^^^^^^^^^^^
-
-Networking
-^^^^^^^^^^
-
-Process namespacing
-^^^^^^^^^^^^^^^^^^^
-
-Resource limits
-^^^^^^^^^^^^^^^
-
-Process monitoring
-^^^^^^^^^^^^^^^^^^
-
-Logging
-^^^^^^^
-
-Signals
-^^^^^^^
-
-Pseudo-terminal allocation
-^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Security
-^^^^^^^^
+For an overview of Docker, please see the `Introduction
+<http://www.docker.io>`_. When you're ready to start working with
+Docker, we have a `quick start <http://www.docker.io/gettingstarted>`_
+and a more in-depth guide to :ref:`ubuntu_linux` and other
+`installation </installation>`_ paths including prebuilt binaries,
+Vagrant-created VMs, Rackspace and Amazon instances.
 
+Enough reading! :ref:`Try it out! <running_examples>`

docs/sources/terms/container.rst

@@ -0,0 +1,40 @@
+:title: Container
+:description: Definitions of a container
+:keywords: containers, lxc, concepts, explanation, image, container
+
+.. _container_def:
+
+Container
+=========
+
+.. image:: images/docker-filesystems-busyboxrw.png
+
+Once you start a process in Docker from an :ref:`image_def`, Docker
+fetches the image and its :ref:`parent_image_def`, and repeats the
+process until it reaches the :ref:`base_image_def`. Then the
+:ref:`ufs_def` adds a read-write layer on top. That read-write layer,
+plus the information about its :ref:`parent_image_def` and some
+additional information like its unique id, networking configuration,
+and resource limits is called a **container**.
+
+.. _container_state_def:
+
+Container State
+...............
+
+Containers can change, and so they have state. A container may be
+**running** or **exited**. 
+
+When a container is running, the idea of a "container" also includes a
+tree of processes running on the CPU, isolated from the other
+processes running on the host.
+
+When the container is exited, the state of the file system and
+its exit value is preserved. You can start, stop, and restart a
+container. The processes restart from scratch (their memory state is
+**not** preserved in a container), but the file system is just as it
+was when the container was stopped.
+
+You can promote a container to an :ref:`image_def` with ``docker
+commit``. Once a container is an image, you can use it as a parent for
+new containers.

docs/sources/terms/filesystem.rst

@@ -0,0 +1,38 @@
+:title: File Systems
+:description: How Linux organizes its persistent storage
+:keywords: containers, files, linux
+
+.. _filesystem_def:
+
+File System
+===========
+
+.. image:: images/docker-filesystems-generic.png
+
+In order for a Linux system to run, it typically needs two `file
+systems <http://en.wikipedia.org/wiki/Filesystem>`_:
+
+1. boot file system (bootfs)
+2. root file system (rootfs)
+
+The **boot file system** contains the bootloader and the kernel. The
+user never makes any changes to the boot file system. In fact, soon
+after the boot process is complete, the entire kernel is in memory,
+and the boot file system is unmounted to free up the RAM associated
+with the initrd disk image.
+
+
+The **root file system** includes the typical directory structure we
+associate with Unix-like operating systems: ``/dev, /proc, /bin, /etc,
+/lib, /usr,`` and ``/tmp`` plus all the configuration files, binaries
+and libraries required to run user applications (like bash, ls, and so
+forth). 
+
+While there can be important kernel differences between different
+Linux distributions, the contents and organization of the root file
+system are usually what make your software packages dependent on one
+distribution versus another. Docker can help solve this problem by
+running multiple distributions at the same time.
+
+.. image:: images/docker-filesystems-multiroot.png
+

docs/sources/terms/fundamentals.rst

@@ -1,97 +0,0 @@
-:title: Image & Container
-:description: Definitions of an image and container
-:keywords: containers, lxc, concepts, explanation, image, container
-
-File Systems
-============
-
-.. image:: images/docker-filesystems-generic.png
-
-In order for a Linux system to run, it typically needs two `file
-systems <http://en.wikipedia.org/wiki/Filesystem>`_:
-
-1. boot file system (bootfs)
-2. root file system (rootfs)
-
-The **boot file system** contains the bootloader and the kernel. The
-user never makes any changes to the boot file system. In fact, soon
-after the boot process is complete, the entire kernel is in memory,
-and the boot file system is unmounted to free up the RAM associated
-with the initrd disk image.
-
-The **root file system** includes the typical directory structure we
-associate with Unix-like operating systems: ``/dev, /proc, /bin, /etc,
-/lib, /usr,`` and ``/tmp`` plus all the configuration files, binaries
-and libraries required to run user applications (like bash, ls, and so
-forth). 
-
-While there can be important kernal differences between different
-Linux distributions, the contents and organization of the root file
-system are usually what make your software packages dependent on one
-distribution versus another. Docker can help solve this problem by
-running multiple distributions at the same time.
-
-.. image:: images/docker-filesystems-multiroot.png
-
-Layers and Union Mounts
-=======================
-
-In a traditional Linux boot, the kernel first mounts the root file
-system as read-only, checks its integrity, and then switches the whole
-rootfs volume to read-write mode. Docker does something similar,
-*except* that instead of changing the file system to read-write mode,
-it takes advantage of a `union mount
-<http://en.wikipedia.org/wiki/Union_mount>`_ to add a read-write file
-system *over* the read-only file system. In fact there may be multiple
-read-only file systems stacked on top of each other.
-
-.. image:: images/docker-filesystems-multilayer.png
-
-At first, the top layer has nothing in it, but any time a process
-creates a file, this happens in the top layer. And if something needs
-to update an existing file in a lower layer, then the file gets copied
-to the upper layer and changes go into the copy. The version of the
-file on the lower layer cannot be seen by the applications anymore,
-but it is there, unchanged.
-
-We call the union of the read-write layer and all the read-only layers
-a **union file system**.
-
-Image
-=====
-
-In Docker terminology, a read-only layer is called an **image**. An
-image never changes. Because Docker uses a union file system, the
-applications think the whole file system is mounted read-write,
-because any file can be changed. But all the changes go to the
-top-most layer, and underneath, the image is unchanged. Since they
-don't change, images do not have state.
-
-Each image may depend on one more image which forms the layer beneath
-it. We sometimes say that the lower image is the **parent** of the
-upper image.
-
-Base Image
-==========
-
-An image that has no parent is a **base image**.
-
-Container
-=========
-
-Once you start a process in Docker from an image, Docker fetches the
-image and its parent, and repeats the process until it reaches the
-base image. Then the union file system adds a read-write layer on
-top. That read-write layer, plus the information about its parent and
-some additional information like its unique id, is called a
-**container**. 
-
-Containers can change, and so they have state. A container may be
-running or exited. In either case, the state of the file system and
-its exit value is preserved. You can start, stop, and restart a
-container. The processes restart from scratch (their memory state is
-**not** preserved in a container), but the file system is just as it
-was when the container was stopped.
-
-You can promote a container to an image with ``docker commit``. Once a
-container is an image, you can use it as a parent for new containers.

docs/sources/terms/image.rst

@@ -0,0 +1,38 @@
+:title: Images
+:description: Definition of an image
+:keywords: containers, lxc, concepts, explanation, image, container
+
+.. _image_def:
+
+Image
+=====
+
+.. image:: images/docker-filesystems-debian.png
+
+In Docker terminology, a read-only :ref:`layer_def` is called an
+**image**. An image never changes. 
+
+Since Docker uses a :ref:`ufs_def`, the processes think the whole file
+system is mounted read-write. But all the changes go to the top-most
+writeable layer, and underneath, the original file in the read-only
+image is unchanged. Since images don't change, images do not have state.
+
+.. image:: images/docker-filesystems-debianrw.png
+
+.. _parent_image_def:
+
+Parent Image
+............
+
+.. image:: images/docker-filesystems-multilayer.png
+
+Each image may depend on one more image which forms the layer beneath
+it. We sometimes say that the lower image is the **parent** of the
+upper image.
+
+.. _base_image_def:
+
+Base Image
+..........
+
+An image that has no parent is a **base image**.

docs/sources/terms/index.rst

@@ -1,11 +1,11 @@
-:title: Terms
+:title: Glossary
 :description: Definitions of terms used in Docker documentation
 :keywords: concepts, documentation, docker, containers
 
 
 
-Terms
-=====
+Glossary
+========
 
 Definitions of terms used in Docker documentation.
 
@@ -14,5 +14,9 @@ Contents:
 .. toctree::
    :maxdepth: 1
 
-   fundamentals
+   filesystem
+   layer
+   image
+   container
+
 

docs/sources/terms/layer.rst

@@ -0,0 +1,40 @@
+:title: Layers
+:description: Organizing the Docker Root File System
+:keywords: containers, lxc, concepts, explanation, image, container
+
+Layers
+======
+
+In a traditional Linux boot, the kernel first mounts the root
+:ref:`filesystem_def` as read-only, checks its integrity, and then
+switches the whole rootfs volume to read-write mode.
+
+.. _layer_def:
+
+Layer
+.....
+
+When Docker mounts the rootfs, it starts read-only, as in a tradtional
+Linux boot, but then, instead of changing the file system to
+read-write mode, it takes advantage of a `union mount
+<http://en.wikipedia.org/wiki/Union_mount>`_ to add a read-write file
+system *over* the read-only file system. In fact there may be multiple
+read-only file systems stacked on top of each other. We think of each
+one of these file systems as a **layer**.
+
+.. image:: images/docker-filesystems-multilayer.png
+
+At first, the top read-write layer has nothing in it, but any time a
+process creates a file, this happens in the top layer. And if
+something needs to update an existing file in a lower layer, then the
+file gets copied to the upper layer and changes go into the copy. The
+version of the file on the lower layer cannot be seen by the
+applications anymore, but it is there, unchanged.
+
+.. _ufs_def:
+
+Union File System
+.................
+
+We call the union of the read-write layer and all the read-only layers
+a **union file system**.

docs/sources/toctree.rst

@@ -17,7 +17,8 @@ This documentation has the following resources:
    commandline/index
    contributing/index
    api/index
-   faq
    terms/index
+   faq
+
+
 
-.. image:: concepts/images/lego_docker.jpg

docs/sources/use/workingwithrepository.rst

@@ -1,21 +1,21 @@
 :title: Working With Repositories
-:description: Generally, there are two types of repositories: Top-level repositories which are controlled by the people behind Docker, and user repositories.
+:description: Repositories allow users to share images.
 :keywords: repo, repositiores, usage, pull image, push image, image, documentation
 
 .. _working_with_the_repository:
 
-Working with the Repository
-===========================
+Working with Repositories
+=========================
 
 
 Top-level repositories and user repositories
 --------------------------------------------
 
-Generally, there are two types of repositories: Top-level repositories which are controlled by the people behind
-Docker, and user repositories.
+Generally, there are two types of repositories: Top-level repositories
+which are controlled by the people behind Docker, and user
+repositories.
 
-* Top-level repositories can easily be recognized by not having a ``/`` (slash) in their name. These repositories can
-  generally be trusted.
+* Top-level repositories can easily be recognized by not having a ``/`` (slash) in their name. These repositories can  generally be trusted.
 * User repositories always come in the form of ``<username>/<repo_name>``. This is what your published images will look like.
 * User images are not checked, it is therefore up to you whether or not you trust the creator of this image.