Update examples -restricted network

enter the commit message for your changes. Lines starting
2026-02-05 12:46:18 +01:00 · 2019-11-07 11:00:17 -05:00
parent 45128e8fff
commit 48d18b3dbc
8 changed files with 83 additions and 12 deletions
--- a/_topic_map.yml
+++ b/_topic_map.yml
@@ -643,6 +643,9 @@ Topics:
 - Name: Configuring the Samples Operator
  File: configuring-samples-operator
  Distros: openshift-enterprise,openshift-origin
+- Name: Using the Samples Operator with an alternate registry
+  File: samples-operator-alt-registry
+  Distros: openshift-enterprise,openshift-origin
 - Name: Understanding containers, images, and imagestreams
  File: images-understand
 - Name: Creating images
--- a/modules/cli-installing-cli.adoc
+++ b/modules/cli-installing-cli.adoc
@@ -20,6 +20,7 @@
 // * installing/install_config/installing-restricted-networks-preparations.adoc
 // * installing/installing_vsphere/installing-vsphere.adoc
 // * installing/installing_ibm_z/installing-ibm-z.adoc
+// * openshift_images/samples-operator-alt-registry.adoc
 //
 // AMQ docs link to this; do not change anchor

--- a/modules/installation-adding-registry-pull-secret.adoc
+++ b/modules/installation-adding-registry-pull-secret.adoc
@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * TBD
+// * openshift_images/samples-operator-alt-registry.adoc

 [id="installation-adding-registry-pull-secret_{context}"]
 = Adding the registry to your pull secret
--- a/modules/installation-creating-mirror-registry.adoc
+++ b/modules/installation-creating-mirror-registry.adoc
@@ -1,6 +1,7 @@
 // Module included in the following assemblies:
 //
 // * installing/install_config/installing-restricted-networks-preparations.adoc
+// * openshift_images/samples-operator-alt-registry.adoc

 ifeval::["{context}" == "installing-restricted-networks-preparations"]
 :restricted:
--- a/modules/installation-local-registry-pull-secret.adoc
+++ b/modules/installation-local-registry-pull-secret.adoc
@@ -1,6 +1,7 @@
 // Module included in the following assemblies:
 //
 // * installing/install_config/installing-restricted-networks-preparations.adoc
+// * openshift_images/samples-operator-alt-registry.adoc

 [id="installation-local-registry-pull-secret_{context}"]
 = Creating a pull secret for your mirror registry
--- a/modules/installation-mirror-repository.adoc
+++ b/modules/installation-mirror-repository.adoc
@@ -1,6 +1,7 @@
 // Module included in the following assemblies:
 //
 // * installing/install_config/installing-restricted-networks-preparations.adoc
+// * openshift_images/samples-operator-alt-registry.adoc

 [id="installation-mirror-repository_{context}"]
 = Mirroring the {product-title} image repository
--- a/modules/installation-restricted-network-samples.adoc
+++ b/modules/installation-restricted-network-samples.adoc
@@ -1,17 +1,33 @@
 // Module included in the following assemblies:
 //
 // * installing/install_config/installing-restricted-networks-preparations.adoc
+// * openshift_images/samples-operator-alt-registry.adoc
+
+ifeval::["{context}" == "installing-restricted-networks-preparations"]
+:restrictednetwork:
+endif::[]
+
+ifeval::["{context}" == "samples-operator-alt-registry"]
+:samplesoperatoraltreg:
+endif::[]

 [id="installation-restricted-network-samples_{context}"]
-= Using sample imagestreams in a restricted network installation
+= Using Samples Operator imagestreams with alternate or mirrored registries

 Most imagestreams in the OpenShift namespace managed by the Samples Operator
-point to images located in the Red Hat registry at link:registry.redhat.io[registry.redhat.io]. Mirroring
+point to images located in the Red Hat registry at link:registry.redhat.io[registry.redhat.io].
+ifdef::restrictednetwork[]
+Mirroring
 will not apply to these imagestreams.
-
+endif::[]
 The `jenkins`, `jenkins-agent-maven`, and `jenkins-agent-nodejs` imagestreams
-come from the install payload and are managed by the Samples Operator, so no
-further mirroring procedures are needed for those imagestreams.
+come from the install payload and are managed by the Samples 
+ifdef::restrictednetwork[]
+Operator, so no further mirroring procedures are needed for those imagestreams.
+endif::[]
+ifdef::samplesoperatoraltreg[]
+Operator.
+endif::[]

 [NOTE]
 ====
@@ -26,23 +42,32 @@ not addressed in this procedure.

 .Procedure

-. Mirror images from link:registry.redhat.io[registry.redhat.io] associated with any imagestreams you need
-in the restricted network environment into one of the defined mirrors:
+. Access the images of a specific imagestream to mirror, for example:
 +
 ----
-$ oc image mirror myregistry.com/myimage:latest myregistry.com/myimage:stable
+$ oc get is <imagestream> -n openshift -o json | jq .spec.tags[].from.name | grep registry.redhat.io
+----
+
+. Mirror images from link:registry.redhat.io[registry.redhat.io] associated with any imagestreams you need
+ifdef::restrictednetwork[]
+in the restricted network environment into one of the defined mirrors, for example:
+endif::[]
+ifdef::configsamplesoperator[]
+into your defined preferred registry, for example:
+endif::[]
+
+----
+$ oc image mirror registry.redhat.io/rhscl/ruby-25-rhel7:latest ${MIRROR_ADDR}/rhscl/ruby-25-rhel7:latest
 ----
 +
 . Add the required trusted CAs for the mirror in the cluster’s image
 configuration object:
 +
 ----
-$ oc create configmap registry-config --from-file=$path/ca.crt -n openshift-config
+$ oc create configmap registry-config --from-file={MIRROR_ADDR}=$path/ca.crt -n openshift-config
 $ oc patch image.config.openshift.io/cluster --patch '{"spec":{"additionalTrustedCA":{"name":"registry-config"}}}' --type=merge
 ----
 +
-//(meaning https://github.com/openshift/api/blob/master/config/v1/types_image.go#L46 … add ref to associated doc)
-+
 . Update the `samplesRegistry` field in the Samples Operator configuration object
 to contain the `hostname` portion of the mirror location defined in the mirror
 configuration:
@@ -72,3 +97,11 @@ Many of the templates in the OpenShift namespace
 reference the imagestreams. So using `Removed` to purge both the imagestreams
 and templates will eliminate the possibility of attempts to use them if they
 are not functional because of any missing imagestreams.
+
+ifeval::["{context}" == "installing-restricted-networks-preparations"]
+:!restrictednetwork:
+endif::[]
+
+ifeval::["{context}" == "samples-operator-alt-registry"]
+:!samplesoperatoraltreg:
+endif::[]
--- a/openshift_images/samples-operator-alt-registry.adoc
+++ b/openshift_images/samples-operator-alt-registry.adoc
@@ -0,0 +1,31 @@
+[id="samples-operator-alt-registry"]
+= Using the Samples Operator with an alternate registry
+include::modules/common-attributes.adoc[]
+:context: samples-operator-alt-registry
+toc::[]
+
+You can use the Samples Operator with an alternate registry by first creating a mirror registry.
+
+[IMPORTANT]
+====
+You must have access to the internet to obtain the necessary container images. In this procedure, you place the mirror registry on a mirror host that has access to both your network and the internet.
+====
+
+include::modules/installation-about-mirror-registry.adoc[leveloffset=+1]
+
+[id="samples-preparing-bastion"]
+=== Preparing the mirror host
+
+Before you create the mirror registry, you must prepare the mirror host.
+
+include::modules/cli-installing-cli.adoc[leveloffset=+2]
+
+include::modules/installation-creating-mirror-registry.adoc[leveloffset=+1]
+
+//include::modules/installation-local-registry-pull-secret.adoc[leveloffset=+1]
+
+include::modules/installation-adding-registry-pull-secret.adoc[leveloffset=+1]
+
+include::modules/installation-mirror-repository.adoc[leveloffset=+1]
+
+include::modules/installation-restricted-network-samples.adoc[leveloffset=+1]