Giter Site home page Giter Site logo

bverschueren / cluster-image-registry-operator Goto Github PK

View Code? Open in Web Editor NEW

This project forked from openshift/cluster-image-registry-operator

0.0 1.0 0.0 130.76 MB

The image registry operator installs+maintains the internal registry on a cluster

License: Apache License 2.0

Go 99.22% Dockerfile 0.13% Shell 0.37% Makefile 0.28%

cluster-image-registry-operator's Introduction

Image Registry Operator

GoDoc Licensed under Apache License version 2.0

Overview

The registry operator manages a singleton instance of the openshift registry. It manages all configuration of the registry including creating storage.

On initial startup the operator will create a default image-registry resource instance based on configuration detected in the cluster (e.g. what cloud storage type to use based on the cloud provider).

If insufficient information is available to define a complete image-registry resource, the incomplete resource will be defined and the operator will update the resource status with information about what is missing.

The registry operator runs in the openshift-image-registry namespace, and manages the registry instance in that location as well. All configuration+workload resources for the registry reside in that namespace.

Configuration

Registry resource

The image-registry resource offers the following configuration fields:

  • ManagementState
    • Managed - the operator will update the registry as configuration resources are updated
    • Unmanaged - the operator will ignore changes to the configuration resources
    • Removed - the operator will remove the registry instance and tear down any storage that the operator provisioned.
  • Logging
    • Sets loglevel of the registry instance
  • HTTPSecret
    • Value needed by the registry to secure uploads, generated by default.
  • Proxy
    • Not currently implemented
    • Defines the Proxy to be used when calling master api, upstream registries, etc
  • Storage
    • Storagetype details for configuring registry storage, e.g. S3 bucket coordinates.
    • Normally configured by default
  • Requests
    • API Request Limit details
    • Controls how many parallel requests a given registry instance will handle before queuing additional requests
  • DefaultRoute
    • Determines whether or not an external route is defined using the default hostname. If enabled, the route uses re-encrypt encryption.
    • Defaults to false today
  • Routes
    • Array of additional routes to create
    • User provides hostname, certificate for the route
  • Replicas
    • Replica count for the registry

Additional config resources

In addition to the image-registry resource, additional config is provided to the operator via separate configmap + secret resources located within the openshift-image-registry namespace:

image-registry-certificates (configmap)

Provides additional CAs for contacting upstream registries. Mounted to /etc/pki/ca-trust/source/anchors in the registry pod.

image-registry-private-configuration-user (secret)

Provides credentials needed for storage management/access, overrides the default credentials used by the operator, if default credentials were found.

For S3 storage it is expected to contain two keys whose values are the AWS access key and secret key that you want to use:

  • REGISTRY_STORAGE_S3_ACCESSKEY
  • REGISTRY_STORAGE_S3_SECRETKEY

For GCS storage it is expected to contain one key whose value is the contents of a credentials file provided by GCP:

  • REGISTRY_STORAGE_GCS_KEYFILE

For Azure storage it is expected to contain one key whose value is an account key:

  • REGISTRY_STORAGE_AZURE_ACCOUNTKEY

Troubleshooting

The registry operator reports status in two places:

A ClusterOperator resource is defined in the cluster scope which reflects the state of the registry operator at a high level. Retrievable via:

oc get clusteroperators.config.openshift.io/image-registry -o yaml

The image-registry resource itself has a status section with detailed conditions indicating the state of the managed registry, you can view this via:

oc get configs.imageregistry.operator.openshift.io/cluster -o yaml

If you cannot access your registry, check the following:

Is the registry deployed? Check for a registry deployment + corresponding pod in the openshift-image-registry namespace:

oc get deployment image-registry -n openshift-image-registry
oc get pods -n openshift-image-registry | grep image-registry | grep -v operator

If there is no registry pod, check the deployment for any error conditions:

oc get deployment image-registry -o yaml -n openshift-image-registry

If there is no registry deployment, check the image-registry resource instance for any error conditions:

oc get configs.imageregistry.operator.openshift.io/cluster -o yaml -n openshift-image-registry

If there is no image-registry resource at all, check if the image-registry operator deployment exists:

oc get deployment/cluster-image-registry-operator -n openshift-image-registry

If the operator deployment exists, check for the corresponding pod and, if it exists, check its logs:

oc get pods  -n openshift-image-registry | grep cluster-image-registry-operator
oc logs cluster-image-registry-operator-5c8bcf89bb-4nr8p -n openshift-image-registry

If the operator pod does not exist, inspect the deployment to determine why the operator pod was not created:

oc get deployment cluster-image-registry-operator -o yaml -n openshift-image-registry

If the deployment does not exist:

Something went wrong at the installer/CVO level that it did not deploy the image-registry operator.

cluster-image-registry-operator's People

Contributors

abhinavdahiya avatar adambkaplan avatar bparees avatar coreydaley avatar csrwng avatar derekwaynecarr avatar dmage avatar dulek avatar fedosin avatar gabemontero avatar ingvagabund avatar jupierce avatar legionus avatar mandre avatar marun avatar mrunalp avatar openshift-bot avatar openshift-merge-robot avatar ravisantoshgudimetla avatar rgolangh avatar ricardomaraschini avatar rphillips avatar russellb avatar sjenning avatar smarterclayton avatar staebler avatar steveteuber avatar thiagoalessio avatar wking avatar yselkowitz avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.