From a8debef0f6fd0332c027a4c8a5a91bbfe1e4e6fc Mon Sep 17 00:00:00 2001 From: Steven Smith Date: Wed, 20 Aug 2025 11:15:58 -0400 Subject: [PATCH] CQA OMR cherry pick for 4.15 --- .../attributes-openshift-dedicated.adoc | 2 +- _attributes/common-attributes.adoc | 10 +- architecture/understanding-development.adoc | 4 +- installing/disconnected_install/index.adoc | 2 +- ...nstalling-mirroring-creating-registry.adoc | 16 +- .../installing-mirroring-disconnected.adoc | 6 +- ...talling-mirroring-installation-images.adoc | 6 +- ...etworks-nutanix-installer-provisioned.adoc | 2 +- modules/architecture-platform-benefits.adoc | 4 +- ...iguration-registry-mirror-configuring.adoc | 2 +- modules/infrastructure-components.adoc | 2 +- .../installation-about-mirror-registry.adoc | 8 +- ...installation-creating-mirror-registry.adoc | 2 +- modules/mirror-registry-flags.adoc | 6 +- modules/mirror-registry-introduction.adoc | 25 +- modules/mirror-registry-localhost-update.adoc | 28 +- modules/mirror-registry-localhost.adoc | 14 +- .../mirror-registry-release-notes-1-1.adoc | 9 + .../mirror-registry-release-notes-1-2.adoc | 9 + .../mirror-registry-release-notes-1-3.adoc | 9 + .../mirror-registry-release-notes-2-0.adoc | 107 +++++ modules/mirror-registry-release-notes.adoc | 413 +----------------- .../mirror-registry-remote-host-update.adoc | 26 +- modules/mirror-registry-remote.adoc | 14 +- modules/mirror-registry-ssl-cert-replace.adoc | 18 +- modules/mirror-registry-troubleshooting.adoc | 8 +- modules/mirror-registry-uninstall.adoc | 15 +- ...c-monitoring-your-app-vulnerabilities.adoc | 4 +- modules/olm-mirroring-catalog-airgapped.adoc | 2 +- modules/olm-mirroring-catalog-colocated.adoc | 2 +- modules/osd-intro.adoc | 2 +- modules/registry-common-terms.adoc | 2 +- modules/registry-quay-overview.adoc | 14 +- .../security-container-content-scanning.adoc | 6 +- modules/security-pod-scan-cso.adoc | 2 +- modules/security-registries-openshift.adoc | 2 +- modules/security-registries-quay.adoc | 28 +- ...te-service-create-service-web-console.adoc | 2 +- ...virt-preparing-container-disk-for-vms.adoc | 2 +- ...luster-for-a-disconnected-environment.adoc | 4 +- .../using_images/using-images-overview.adoc | 2 +- .../connected-to-disconnected.adoc | 6 +- registry/index.adoc | 2 +- .../security-registries.adoc | 4 +- security/pod-vulnerability-scan.adoc | 2 +- .../persistent-storage-using-lvms.adoc | 2 +- .../mirroring-image-repository.adoc | 6 +- welcome/index.adoc | 2 +- welcome/oke_about.adoc | 4 +- 49 files changed, 319 insertions(+), 550 deletions(-) create mode 100644 modules/mirror-registry-release-notes-1-1.adoc create mode 100644 modules/mirror-registry-release-notes-1-2.adoc create mode 100644 modules/mirror-registry-release-notes-1-3.adoc create mode 100644 modules/mirror-registry-release-notes-2-0.adoc diff --git a/_attributes/attributes-openshift-dedicated.adoc b/_attributes/attributes-openshift-dedicated.adoc index 5cf9d6a299..be76afbd0a 100644 --- a/_attributes/attributes-openshift-dedicated.adoc +++ b/_attributes/attributes-openshift-dedicated.adoc @@ -19,7 +19,7 @@ :GCP: Google Cloud Platform (GCP) :product-registry: OpenShift image registry :kebab: image:kebab.png[title="Options menu"] -:rhq-short: Red Hat Quay +:rhq-short: Red{nbsp}Hat Quay :SMProductName: Red Hat OpenShift Service Mesh :pipelines-title: Red Hat OpenShift Pipelines //logging diff --git a/_attributes/common-attributes.adoc b/_attributes/common-attributes.adoc index 002e2afc30..2dcb76121c 100644 --- a/_attributes/common-attributes.adoc +++ b/_attributes/common-attributes.adoc @@ -182,11 +182,11 @@ endif::[] // Service Mesh v1 :SMProductVersion1x: 1.1.18.2 // Windows containers -:productwinc: Red Hat OpenShift support for Windows Containers -// Red Hat Quay Container Security Operator -:rhq-cso: Red Hat Quay Container Security Operator -// Red Hat Quay -:quay: Red Hat Quay +:productwinc: Red{nbsp}Hat OpenShift support for Windows Containers +// {quay} Container Security Operator +:rhq-cso: Red{nbsp}Hat Quay Container Security Operator +// {quay} +:quay: Red{nbsp}Hat Quay :sno: single-node OpenShift :sno-caps: Single-node OpenShift :sno-okd: single-node OKD diff --git a/architecture/understanding-development.adoc b/architecture/understanding-development.adoc index 80d8f6d4d7..d9ac34769e 100644 --- a/architecture/understanding-development.adoc +++ b/architecture/understanding-development.adoc @@ -185,8 +185,8 @@ content, including Helm charts. If you want your own, private container registry, {product-title} itself includes a private container registry that is installed with {product-title} and runs on its cluster. Red Hat also offers a private version of the Quay.io -registry called link:https://access.redhat.com/products/red-hat-quay[Red Hat Quay]. -Red Hat Quay includes geo replication, Git build triggers, Clair image scanning, +registry called link:https://access.redhat.com/products/red-hat-quay[{quay}]. +{quay} includes geo replication, Git build triggers, Clair image scanning, and many other features. All of the registries mentioned here can require credentials to download images diff --git a/installing/disconnected_install/index.adoc b/installing/disconnected_install/index.adoc index 7a1060ad4b..983b4ad9ae 100644 --- a/installing/disconnected_install/index.adoc +++ b/installing/disconnected_install/index.adoc @@ -11,7 +11,7 @@ You can use a mirror registry to ensure that your clusters only use container im [id="creating-mirror-registry"] == Creating a mirror registry -If you already have a container image registry, such as Red Hat Quay, you can use it as your mirror registry. If you do not already have a registry, you can xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[create a mirror registry using the _mirror registry for Red Hat OpenShift_]. +If you already have a container image registry, such as {quay}, you can use it as your mirror registry. If you do not already have a registry, you can xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[create a mirror registry using the _mirror registry for Red{nbsp}Hat OpenShift_]. [id="mirroring-images-disconnected-install"] == Mirroring images for a disconnected installation diff --git a/installing/disconnected_install/installing-mirroring-creating-registry.adoc b/installing/disconnected_install/installing-mirroring-creating-registry.adoc index 9ad2b73a13..370a3486ff 100644 --- a/installing/disconnected_install/installing-mirroring-creating-registry.adoc +++ b/installing/disconnected_install/installing-mirroring-creating-registry.adoc @@ -6,13 +6,13 @@ include::_attributes/common-attributes.adoc[] toc::[] -The _mirror registry for Red Hat OpenShift_ is a small and streamlined container registry that you can use as a target for mirroring the required container images of {product-title} for disconnected installations. +The _mirror registry for Red{nbsp}Hat OpenShift_ is a small and streamlined container registry that you can use as a target for mirroring the required container images of {product-title} for disconnected installations. -If you already have a container image registry, such as Red Hat Quay, you can skip this section and go straight to xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the OpenShift Container Platform image repository]. +If you already have a container image registry, such as link:https://www.redhat.com/en/technologies/cloud-computing/quay[{quay}], you can skip this section and go straight to xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the {product-title} image repository]. [IMPORTANT] ==== -The _mirror registry for Red Hat OpenShift_ is not intended to be a substitute for a production deployment of {quay}. +The _mirror registry for Red{nbsp}Hat OpenShift_ is not intended to be a substitute for a production deployment of {quay}. ==== [id="prerequisites_installing-mirroring-creating-registry"] @@ -42,6 +42,10 @@ include::modules/mirror-registry-ssl-cert-replace.adoc[leveloffset=+1] include::modules/mirror-registry-uninstall.adoc[leveloffset=+1] include::modules/mirror-registry-flags.adoc[leveloffset=+1] include::modules/mirror-registry-release-notes.adoc[leveloffset=+1] +include::modules/mirror-registry-release-notes-2-0.adoc[leveloffset=+2] +include::modules/mirror-registry-release-notes-1-3.adoc[leveloffset=+2] +include::modules/mirror-registry-release-notes-1-2.adoc[leveloffset=+2] +include::modules/mirror-registry-release-notes-1-1.adoc[leveloffset=+2] include::modules/mirror-registry-troubleshooting.adoc[leveloffset=+1] [id="additional-resources_installing-mirroring-creating-registry"] @@ -49,10 +53,10 @@ include::modules/mirror-registry-troubleshooting.adoc[leveloffset=+1] * link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/garbage-collection#doc-wrapper[{quay} garbage collection] -* link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/using-ssl-to-protect-quay[Using SSL to protect connections to {quay}] +* link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html-single/securing_red_hat_quay/index[Securing {quay}] -* link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/using-ssl-to-protect-quay#configuring_the_system_to_trust_the_certificate_authority[Configuring the system to trust the certificate authority] +* link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html-single/securing_red_hat_quay/index#configuring-system-trust-ca[Configuring the system to trust the certificate authority] -* xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the OpenShift Container Platform image repository] +* xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the {product-title} image repository] * xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#olm-mirror-catalog_installing-mirroring-installation-images[Mirroring Operator catalogs for use with disconnected clusters] diff --git a/installing/disconnected_install/installing-mirroring-disconnected.adoc b/installing/disconnected_install/installing-mirroring-disconnected.adoc index 61bfe225e0..6e03188e1c 100644 --- a/installing/disconnected_install/installing-mirroring-disconnected.adoc +++ b/installing/disconnected_install/installing-mirroring-disconnected.adoc @@ -36,14 +36,14 @@ include::modules/installation-about-mirror-registry.adoc[leveloffset=+1] [id="prerequisites_installing-mirroring-disconnected"] == Prerequisites -* You must have a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2] in the location that will host the {product-title} cluster, such as Red Hat Quay. +* You must have a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2] in the location that will host the {product-title} cluster, such as {quay}. + [NOTE] ==== -If you use Red Hat Quay, you must use version 3.6 or later with the oc-mirror plugin. If you have an entitlement to Red Hat Quay, see the documentation on deploying Red Hat Quay link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html/proof_of_concept_-_deploying_red_hat_quay/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Red Hat Quay Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support. +If you use {quay}, you must use version 3.6 or later with the oc-mirror plugin. If you have an entitlement to {quay}, see the documentation on deploying {quay} link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html/proof_of_concept_-_deploying_red_hat_quay/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the {quay} Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support. ==== + -If you do not already have an existing solution for a container image registry, subscribers of {product-title} are provided a xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift]. The _mirror registry for Red Hat OpenShift_ is included with your subscription and is a small-scale container registry that can be used to mirror the required container images of {product-title} in disconnected installations. +If you do not already have an existing solution for a container image registry, subscribers of {product-title} are provided a xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift]. The _mirror registry for Red{nbsp}Hat OpenShift_ is included with your subscription and is a small-scale container registry that can be used to mirror the required container images of {product-title} in disconnected installations. [id="mirroring-preparing-your-hosts"] == Preparing your mirror hosts diff --git a/installing/disconnected_install/installing-mirroring-installation-images.adoc b/installing/disconnected_install/installing-mirroring-installation-images.adoc index 15e3dfc356..791195d3e6 100644 --- a/installing/disconnected_install/installing-mirroring-installation-images.adoc +++ b/installing/disconnected_install/installing-mirroring-installation-images.adoc @@ -26,15 +26,15 @@ to a mirror host, use the xref:../../installing/disconnected_install/installing- * You must have a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2] in the location that will host the {product-title} cluster, such as one of the following registries: + -- -** link:https://www.redhat.com/en/technologies/cloud-computing/quay[Red Hat Quay] +** link:https://www.redhat.com/en/technologies/cloud-computing/quay[{quay}] ** link:https://jfrog.com/artifactory/[JFrog Artifactory] ** link:https://www.sonatype.com/products/repository-oss?topnav=true[Sonatype Nexus Repository] ** link:https://goharbor.io/[Harbor] -- + -If you have an entitlement to Red Hat Quay, see the documentation on deploying Red Hat Quay link:https://docs.redhat.com/en/documentation/red_hat_quay/3.9/html/deploy_red_hat_quay_for_proof-of-concept_non-production_purposes/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Red Hat Quay Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support. +If you have an entitlement to {quay}, see the documentation on deploying {quay} link:https://docs.redhat.com/en/documentation/red_hat_quay/3.9/html/deploy_red_hat_quay_for_proof-of-concept_non-production_purposes/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the {quay} Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support. -* If you do not already have an existing solution for a container image registry, subscribers of {product-title} are provided a xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift]. The _mirror registry for Red Hat OpenShift_ is included with your subscription and is a small-scale container registry that can be used to mirror the required container images of {product-title} in disconnected installations. +* If you do not already have an existing solution for a container image registry, subscribers of {product-title} are provided a xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift]. The _mirror registry for Red{nbsp}Hat OpenShift_ is included with your subscription and is a small-scale container registry that can be used to mirror the required container images of {product-title} in disconnected installations. include::modules/installation-about-mirror-registry.adoc[leveloffset=+1] diff --git a/installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc b/installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc index 68069779f6..ab6927455c 100644 --- a/installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc +++ b/installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc @@ -23,7 +23,7 @@ If your Nutanix environment uses an internal CA to issue certificates, you must ==== Use 2048-bit certificates. The installation fails if you use 4096-bit certificates with Prism Central 2022.x. ==== -* You have a container image registry, such as Red Hat Quay. If you do not already have a registry, you can create a mirror registry using xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[_mirror registry for Red Hat OpenShift_]. +* You have a container image registry, such as {quay}. If you do not already have a registry, you can create a mirror registry using xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[_mirror registry for Red{nbsp}Hat OpenShift_]. * You have used the xref:../../installing/disconnected_install/installing-mirroring-disconnected.adoc#installing-mirroring-disconnected[oc-mirror OpenShift CLI (oc) plugin] to mirror all of the required {product-title} content and other images, including the Nutanix CSI Operator, to your mirror registry. + [IMPORTANT] diff --git a/modules/architecture-platform-benefits.adoc b/modules/architecture-platform-benefits.adoc index 1b6ac104a6..45eb914970 100644 --- a/modules/architecture-platform-benefits.adoc +++ b/modules/architecture-platform-benefits.adoc @@ -74,9 +74,9 @@ cluster-wide management of those critical components. Operator Lifecycle Manager (OLM) and the OperatorHub provide facilities for storing and distributing Operators to people developing and deploying applications. -The Red Hat Quay Container Registry is a Quay.io container registry that serves +The {quay} Container Registry is a Quay.io container registry that serves most of the container images and Operators to {product-title} clusters. -Quay.io is a public registry version of Red Hat Quay that stores millions of images +Quay.io is a public registry version of {quay} that stores millions of images and tags. Other enhancements to Kubernetes in {product-title} include improvements in diff --git a/modules/images-configuration-registry-mirror-configuring.adoc b/modules/images-configuration-registry-mirror-configuring.adoc index 4c80f03d9c..9768f1e079 100644 --- a/modules/images-configuration-registry-mirror-configuring.adoc +++ b/modules/images-configuration-registry-mirror-configuring.adoc @@ -21,7 +21,7 @@ endif::openshift-rosa,openshift-dedicated[] . Configure mirrored repositories, by either: + -* Setting up a mirrored repository with Red Hat Quay, as described in link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/repo-mirroring-in-red-hat-quay[Red Hat Quay Repository Mirroring]. Using Red Hat Quay allows you to copy images from one repository to another and also automatically sync those repositories repeatedly over time. +* Setting up a mirrored repository with {quay}, as described in link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/repo-mirroring-in-red-hat-quay[{quay} Repository Mirroring]. Using {quay} allows you to copy images from one repository to another and also automatically sync those repositories repeatedly over time. * Using a tool such as `skopeo` to copy images manually from the source repository to the mirrored repository. + diff --git a/modules/infrastructure-components.adoc b/modules/infrastructure-components.adoc index a02791fa93..f6b1a7c8f2 100644 --- a/modules/infrastructure-components.adoc +++ b/modules/infrastructure-components.adoc @@ -16,7 +16,7 @@ To qualify as an infrastructure node and use the included entitlement, only comp * The HAProxy-based Ingress Controller * The cluster metrics collection, or monitoring service, including components for monitoring user-defined projects * Cluster aggregated logging -* Red Hat Quay +* {quay} * {rh-storage-first} * Red Hat Advanced Cluster Management for Kubernetes * Red Hat Advanced Cluster Security for Kubernetes diff --git a/modules/installation-about-mirror-registry.adoc b/modules/installation-about-mirror-registry.adoc index d032e02e29..2a487b4cf7 100644 --- a/modules/installation-about-mirror-registry.adoc +++ b/modules/installation-about-mirror-registry.adoc @@ -18,12 +18,12 @@ endif::[] = About the mirror registry ifndef::oc-mirror[] -You can mirror the images that are required for {product-title} installation and subsequent product updates to a container mirror registry such as Red Hat Quay, JFrog Artifactory, Sonatype Nexus Repository, or Harbor. If you do not have access to a large-scale container registry, you can use the _mirror registry for Red Hat OpenShift_, a small-scale container registry included with {product-title} subscriptions. +You can mirror the images that are required for {product-title} installation and subsequent product updates to a container mirror registry such as {quay}, JFrog Artifactory, Sonatype Nexus Repository, or Harbor. If you do not have access to a large-scale container registry, you can use the _mirror registry for Red{nbsp}Hat OpenShift_, a small-scale container registry included with {product-title} subscriptions. -You can use any container registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2], such as Red Hat Quay, the _mirror registry for Red Hat OpenShift_, Artifactory, Sonatype Nexus Repository, or Harbor. Regardless of your chosen registry, the procedure to mirror content from Red Hat hosted sites on the internet to an isolated image registry is the same. After you mirror the content, you configure each cluster to retrieve this content from your mirror registry. +You can use any container registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2], such as {quay}, the _mirror registry for Red{nbsp}Hat OpenShift_, Artifactory, Sonatype Nexus Repository, or Harbor. Regardless of your chosen registry, the procedure to mirror content from Red Hat hosted sites on the internet to an isolated image registry is the same. After you mirror the content, you configure each cluster to retrieve this content from your mirror registry. endif::[] ifdef::oc-mirror[] -You can mirror the images that are required for {product-title} installation and subsequent product updates to a container mirror registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2], such as Red Hat Quay. If you do not have access to a large-scale container registry, you can use the _mirror registry for Red Hat OpenShift_, which is a small-scale container registry included with {product-title} subscriptions. +You can mirror the images that are required for {product-title} installation and subsequent product updates to a container mirror registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2], such as {quay}. If you do not have access to a large-scale container registry, you can use the _mirror registry for Red{nbsp}Hat OpenShift_, which is a small-scale container registry included with {product-title} subscriptions. Regardless of your chosen registry, the procedure to mirror content from Red Hat hosted sites on the internet to an isolated image registry is the same. After you mirror the content, you configure each cluster to retrieve this content from your mirror registry. endif::[] @@ -33,7 +33,7 @@ endif::[] The {product-registry} cannot be used as the target registry because it does not support pushing without a tag, which is required during the mirroring process. ==== -If choosing a container registry that is not the _mirror registry for Red Hat OpenShift_, it must be reachable by every machine in the clusters that you provision. If the registry is unreachable, installation, updating, or normal operations such as workload relocation might fail. For that reason, you must run mirror registries in a highly available way, and the mirror registries must at least match the production availability of your {product-title} clusters. +If choosing a container registry that is not the _mirror registry for Red{nbsp}Hat OpenShift_, it must be reachable by every machine in the clusters that you provision. If the registry is unreachable, installation, updating, or normal operations such as workload relocation might fail. For that reason, you must run mirror registries in a highly available way, and the mirror registries must at least match the production availability of your {product-title} clusters. When you populate your mirror registry with {product-title} images, you can follow two scenarios. If you have a host that can access both the internet and your mirror registry, but not your cluster nodes, you can directly mirror the content from that machine. This process is referred to as _connected mirroring_. If you have no such host, you must mirror the images to a file system and then bring that host or removable media into your restricted environment. This process is referred to as _disconnected mirroring_. diff --git a/modules/installation-creating-mirror-registry.adoc b/modules/installation-creating-mirror-registry.adoc index 73a178178e..c62baf76fc 100644 --- a/modules/installation-creating-mirror-registry.adoc +++ b/modules/installation-creating-mirror-registry.adoc @@ -32,7 +32,7 @@ endif::restricted[] The following procedure creates a simple registry that stores data in the `/opt/registry` folder and runs in a `podman` container. You can use a different registry solution, such as -link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#repo-mirroring-in-red-hat-quay[Red Hat Quay]. +link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#repo-mirroring-in-red-hat-quay[{quay}]. Review the following procedure to ensure that your registry functions correctly. ==== diff --git a/modules/mirror-registry-flags.adoc b/modules/mirror-registry-flags.adoc index 1de8c8d160..78f8e08c45 100644 --- a/modules/mirror-registry-flags.adoc +++ b/modules/mirror-registry-flags.adoc @@ -5,7 +5,7 @@ [id="mirror-registry-flags_{context}"] = Mirror registry for Red Hat OpenShift flags -The following flags are available for the _mirror registry for Red Hat OpenShift_: +The following flags are available for the _mirror registry for Red{nbsp}Hat OpenShift_: [options="header",cols="1,3"] |=== @@ -24,8 +24,8 @@ The following flags are available for the _mirror registry for Red Hat OpenShift | `--sslKey` | The path to the SSL/TLS private key used for HTTPS communication. Defaults to `{quayRoot}/quay-config` and is auto-generated if left unspecified. | `--targetHostname`, `-H` | The hostname of the target you want to install Quay to. Defaults to `$HOST`, for example, a local host, if left unspecified. | `--targetUsername`, `-u` | The user on the target host which will be used for SSH. Defaults to `$USER`, for example, the current user if left unspecified. -| `--verbose`, `-v` | Shows debug logs and Ansible playbook outputs. -| `--version` | Shows the version for the _mirror registry for Red Hat OpenShift_. +| `--verbose`, `-v` | Shows debug logs and Ansible Playbook outputs. +| `--version` | Shows the version for the _mirror registry for Red{nbsp}Hat OpenShift_. |=== [.small] 1. `--quayHostname` must be modified if the public DNS name of your system is different from the local hostname. Additionally, the `--quayHostname` flag does not support installation with an IP address. Installation with a hostname is required. diff --git a/modules/mirror-registry-introduction.adoc b/modules/mirror-registry-introduction.adoc index 365219b348..901ee82960 100644 --- a/modules/mirror-registry-introduction.adoc +++ b/modules/mirror-registry-introduction.adoc @@ -2,35 +2,36 @@ // // * installing/disconnected_install/installing-mirroring-installation-images.adoc +:_mod-docs-content-type: CONCEPT [id="mirror-registry-introduction_{context}"] = Mirror registry for Red Hat OpenShift introduction -For disconnected deployments of {product-title}, a container registry is required to carry out the installation of the clusters. To run a production-grade registry service on such a cluster, you must create a separate registry deployment to install the first cluster. The _mirror registry for Red Hat OpenShift_ addresses this need and is included in every OpenShift subscription. It is available for download on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page. +For disconnected deployments of {product-title}, a container registry is required to carry out the installation of the clusters. To run a production-grade registry service on such a cluster, you must create a separate registry deployment to install the first cluster. The _mirror registry for Red{nbsp}Hat OpenShift_ addresses this need and is included in every OpenShift subscription. It is available for download on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page. -The _mirror registry for Red Hat OpenShift_ allows users to install a small-scale version of Red Hat Quay and its required components using the `mirror-registry` command-line interface (CLI) tool. The _mirror registry for Red Hat OpenShift_ is deployed automatically with preconfigured local storage and a local database. It also includes auto-generated user credentials and access permissions with a single set of inputs and no additional configuration choices to get started. +The _mirror registry for Red{nbsp}Hat OpenShift_ allows users to install a small-scale version of {quay} and its required components by using the `mirror-registry` command-line interface (CLI) tool. The _mirror registry for Red{nbsp}Hat OpenShift_ is deployed automatically with pre-configured local storage and a local database. It also includes auto-generated user credentials and access permissions with a single set of inputs and no additional configuration choices to get started. -The _mirror registry for Red Hat OpenShift_ provides a pre-determined network configuration and reports deployed component credentials and access URLs upon success. A limited set of optional configuration inputs like fully qualified domain name (FQDN) services, superuser name and password, and custom TLS certificates are also provided. This provides users with a container registry so that they can easily create an offline mirror of all {product-title} release content when running {product-title} in restricted network environments. +The _mirror registry for Red{nbsp}Hat OpenShift_ provides a pre-determined network configuration and reports deployed component credentials and access URLs upon success. A limited set of optional configuration inputs such as fully qualified domain name (FQDN) services, superuser name and password, and custom TLS certificates are also provided. This provides users with a container registry so that they can easily create an offline mirror of all {product-title} release content when running {product-title} in restricted network environments. -Use of the _mirror registry for Red Hat OpenShift_ is optional if another container registry is already available in the install environment. +Use of the _mirror registry for Red{nbsp}Hat OpenShift_ is optional if another container registry is already available in the install environment. [id="mirror-registry-limitations_{context}"] == Mirror registry for Red Hat OpenShift limitations -The following limitations apply to the _mirror registry for Red Hat OpenShift_: +The following limitations apply to the _mirror registry for Red{nbsp}Hat OpenShift_: -* The _mirror registry for Red Hat OpenShift_ is not a highly-available registry and only local file system storage is supported. It is not intended to replace {quay} or the internal image registry for {product-title}. +* The _mirror registry for Red{nbsp}Hat OpenShift_ is not a highly-available registry and only local file system storage is supported. It is not intended to replace {quay} or the internal image registry for {product-title}. -* The _mirror registry for Red Hat OpenShift_ is not intended to be a substitute for a production deployment of {quay}. +* The _mirror registry for Red{nbsp}Hat OpenShift_ is not intended to be a substitute for a production deployment of {quay}. -* The _mirror registry for Red Hat OpenShift_ is only supported for hosting images that are required to install a disconnected {product-title} cluster, such as Release images or Red Hat Operator images. It uses local storage on your {op-system-base-full} machine, and storage supported by {op-system-base} is supported by the _mirror registry for Red Hat OpenShift_. +* The _mirror registry for Red{nbsp}Hat OpenShift_ is only supported for hosting images that are required to install a disconnected {product-title} cluster, such as Release images or Red Hat Operator images. It uses local storage on your {op-system-base-full} machine, and storage supported by {op-system-base} is supported by the _mirror registry for Red{nbsp}Hat OpenShift_. + [NOTE] ==== -Because the _mirror registry for Red Hat OpenShift_ uses local storage, you should remain aware of the storage usage consumed when mirroring images and use {quay}'s garbage collection feature to mitigate potential issues. For more information about this feature, see "{quay} garbage collection". +Because the _mirror registry for Red{nbsp}Hat OpenShift_ uses local storage, you should remain aware of the storage usage consumed when mirroring images and use {quay}'s garbage collection feature to mitigate potential issues. For more information about this feature, see "{quay} garbage collection". ==== -* Support for Red Hat product images that are pushed to the _mirror registry for Red Hat OpenShift_ for bootstrapping purposes are covered by valid subscriptions for each respective product. A list of exceptions to further enable the bootstrap experience can be found on the link:https://www.redhat.com/en/resources/self-managed-openshift-sizing-subscription-guide[Self-managed Red Hat OpenShift sizing and subscription guide]. +* Support for Red Hat product images that are pushed to the _mirror registry for Red{nbsp}Hat OpenShift_ for bootstrapping purposes are covered by valid subscriptions for each respective product. A list of exceptions to further enable the bootstrap experience can be found on the link:https://www.redhat.com/en/resources/self-managed-openshift-sizing-subscription-guide[Self-managed Red Hat OpenShift sizing and subscription guide]. -* Content built by customers should not be hosted by the _mirror registry for Red Hat OpenShift_. +* Content built by customers should not be hosted by the _mirror registry for Red{nbsp}Hat OpenShift_. -* Using the _mirror registry for Red Hat OpenShift_ with more than one cluster is discouraged because multiple clusters can create a single point of failure when updating your cluster fleet. It is advised to leverage the _mirror registry for Red Hat OpenShift_ to install a cluster that can host a production-grade, highly-available registry such as {quay}, which can serve {product-title} content to other clusters. +* Using the _mirror registry for Red{nbsp}Hat OpenShift_ with more than one cluster is discouraged because multiple clusters can create a single point of failure when updating your cluster fleet. Instead, use the _mirror registry for Red{nbsp}Hat OpenShift_ to install a cluster that can host a production-grade, highly-available registry such as {quay}, which can serve {product-title} content to other clusters. diff --git a/modules/mirror-registry-localhost-update.adoc b/modules/mirror-registry-localhost-update.adoc index 7971455fac..c75226c9ac 100644 --- a/modules/mirror-registry-localhost-update.adoc +++ b/modules/mirror-registry-localhost-update.adoc @@ -6,7 +6,7 @@ [id="mirror-registry-localhost-update_{context}"] = Updating mirror registry for Red Hat OpenShift from a local host -This procedure explains how to update the _mirror registry for Red Hat OpenShift_ from a local host using the `upgrade` command. Updating to the latest version ensures new features, bug fixes, and security vulnerability fixes. +This procedure explains how to update the _mirror registry for Red{nbsp}Hat OpenShift_ from a local host using the `upgrade` command. Updating to the latest version ensures new features, bug fixes, and security vulnerability fixes. [IMPORTANT] ==== @@ -21,11 +21,11 @@ When upgrading from version 1 to version 2, be aware of the following constraint .Prerequisites -* You have installed the _mirror registry for Red Hat OpenShift_ on a local host. +* You have installed the _mirror registry for Red{nbsp}Hat OpenShift_ on a local host. .Procedure -* If you are upgrading the _mirror registry for Red Hat OpenShift_ from 1.3 -> 2.y, and your installation directory is the default at `/etc/quay-install`, you can enter the following command: +* If you are upgrading the _mirror registry for Red{nbsp}Hat OpenShift_ from 1.3 -> 2.y, and your installation directory is the default at `/etc/quay-install`, you can enter the following command: + [source,terminal] ---- @@ -34,9 +34,9 @@ $ sudo ./mirror-registry upgrade -v + [NOTE] ==== -* _mirror registry for Red Hat OpenShift_ migrates Podman volumes for Quay storage, Postgres data, and `/etc/quay-install` data to the new `$HOME/quay-install` location. This allows you to use _mirror registry for Red Hat OpenShift_ without the `--quayRoot` flag during future upgrades. +* _mirror registry for Red{nbsp}Hat OpenShift_ migrates Podman volumes for {quay} storage, Postgres data, and `/etc/quay-install` data to the new `$HOME/quay-install` location. This allows you to use _mirror registry for Red{nbsp}Hat OpenShift_ without the `--quayRoot` flag during future upgrades. -* Users who upgrade _mirror registry for Red Hat OpenShift_ with the `./mirror-registry upgrade -v` flag must include the same credentials used when creating their mirror registry. For example, if you installed the _mirror registry for Red Hat OpenShift_ with `--quayHostname ` and `--quayRoot `, you must include that string to properly upgrade the mirror registry. +* Users who upgrade _mirror registry for Red{nbsp}Hat OpenShift_ with the `./mirror-registry upgrade -v` flag must include the same credentials used when creating their mirror registry. For example, if you installed the _mirror registry for Red{nbsp}Hat OpenShift_ with `--quayHostname ` and `--quayRoot `, you must include that string to properly upgrade the mirror registry. ==== * If you are upgrading _the mirror registry for Red Hat OpenShift_ from 1.3 -> 2.y and you used a custom quay configuration and storage directory in your 1.y deployment, you must pass in the `--quayRoot` and `--quayStorage` flags. For example: @@ -46,9 +46,25 @@ $ sudo ./mirror-registry upgrade -v $ sudo ./mirror-registry upgrade --quayHostname --quayRoot --quayStorage /quay-storage -v ---- -* If you are upgrading the _mirror registry for Red Hat OpenShift_ from 1.3 -> 2.y and want to specify a custom SQLite storage path, you must pass in the `--sqliteStorage` flag, for example: +* If you are upgrading the _mirror registry for Red{nbsp}Hat OpenShift_ from 1.3 -> 2.y and want to specify a custom SQLite storage path, you must pass in the `--sqliteStorage` flag, for example: + [source,terminal] ---- $ sudo ./mirror-registry upgrade --sqliteStorage /sqlite-storage -v +---- + +.Verification + +. Ensure that _mirror registry for Red{nbsp}Hat OpenShift_ has been updated by running the following command: ++ +[source,terminal] +---- +$ podman ps +---- ++ +.Example output ++ +[source,terminal] +---- +registry.redhat.io/quay/quay-rhel8:v3.12.10 ---- \ No newline at end of file diff --git a/modules/mirror-registry-localhost.adoc b/modules/mirror-registry-localhost.adoc index 8f2406b76f..4c74c46e11 100644 --- a/modules/mirror-registry-localhost.adoc +++ b/modules/mirror-registry-localhost.adoc @@ -6,18 +6,18 @@ [id="mirror-registry-localhost_{context}"] = Mirroring on a local host with mirror registry for Red Hat OpenShift -This procedure explains how to install the _mirror registry for Red Hat OpenShift_ on a local host using the `mirror-registry` installer tool. By doing so, users can create a local host registry running on port 443 for the purpose of storing a mirror of {product-title} images. +This procedure explains how to install the _mirror registry for Red{nbsp}Hat OpenShift_ on a local host using the `mirror-registry` installer tool. By doing so, users can create a local host registry running on port 443 for the purpose of storing a mirror of {product-title} images. [NOTE] ==== -Installing the _mirror registry for Red Hat OpenShift_ using the `mirror-registry` CLI tool makes several changes to your machine. After installation, a `$HOME/quay-install` directory is created, which has installation files, local storage, and the configuration bundle. Trusted SSH keys are generated in case the deployment target is the local host, and systemd files on the host machine are set up to ensure that container runtimes are persistent. Additionally, an initial user named `init` is created with an automatically generated password. All access credentials are printed at the end of the install routine. +Installing the _mirror registry for Red{nbsp}Hat OpenShift_ using the `mirror-registry` CLI tool makes several changes to your machine. After installation, a `$HOME/quay-install` directory is created, which has installation files, local storage, and the configuration bundle. Trusted SSH keys are generated in case the deployment target is the local host, and systemd files on the host machine are set up to ensure that container runtimes are persistent. Additionally, an initial user named `init` is created with an automatically generated password. All access credentials are printed at the end of the install routine. ==== .Procedure -. Download the `mirror-registry.tar.gz` package for the latest version of the _mirror registry for Red Hat OpenShift_ found on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page. +. Download the `mirror-registry.tar.gz` package for the latest version of the _mirror registry for Red{nbsp}Hat OpenShift_ found on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page. -. Install the _mirror registry for Red Hat OpenShift_ on your local host with your current user account by using the `mirror-registry` tool. For a full list of available flags, see "mirror registry for Red Hat OpenShift flags". +. Install the _mirror registry for Red{nbsp}Hat OpenShift_ on your local host with your current user account by using the `mirror-registry` tool. For a full list of available flags, see "mirror registry for Red Hat OpenShift flags". + [source,terminal] ---- @@ -26,7 +26,7 @@ $ ./mirror-registry install \ --quayRoot ---- -. Use the user name and password generated during installation to log into the registry by running the following command: +. Use the username and password generated during installation to log in to the registry by running the following command: + [source,terminal] ---- @@ -35,7 +35,7 @@ $ podman login -u init \ :8443> \ --tls-verify=false <1> ---- -<1> You can avoid running `--tls-verify=false` by configuring your system to trust the generated rootCA certificates. See "Using SSL to protect connections to Red Hat Quay" and "Configuring the system to trust the certificate authority" for more information. +<1> You can avoid running `--tls-verify=false` by configuring your system to trust the generated rootCA certificates. See "Securing {quay}" and "Configuring the system to trust the certificate authority" for more information. + [NOTE] ==== @@ -46,5 +46,5 @@ You can also log in by accessing the UI at `\https://:8443` af + [NOTE] ==== -If there are issues with images stored by the _mirror registry for Red Hat OpenShift_ due to storage layer problems, you can remirror the {product-title} images, or reinstall mirror registry on more stable storage. +If there are issues with images stored by the _mirror registry for Red{nbsp}Hat OpenShift_ due to storage layer problems, you can remirror the {product-title} images, or reinstall mirror registry on more stable storage. ==== diff --git a/modules/mirror-registry-release-notes-1-1.adoc b/modules/mirror-registry-release-notes-1-1.adoc new file mode 100644 index 0000000000..94852c4bff --- /dev/null +++ b/modules/mirror-registry-release-notes-1-1.adoc @@ -0,0 +1,9 @@ +// module included in the following assembly: +// +// * installing/disconnected_install/installing-mirroring-creating-registry.adoc + +:_mod-docs-content-type: REFERENCE +[id="mirror-registry-release-notes-1-1_{context}"] += Mirror registry for Red{nbsp}Hat OpenShift 1.1 release notes + +To view the _mirror registry for Red{nbsp}Hat OpenShift_ 1.1 release notes, see link:https://docs.openshift.com/container-platform/4.15/installing/disconnected_install/installing-mirroring-creating-registry.html#mirror-registry-release-notes-1-1_installing-mirroring-creating-registry[Mirror registry for Red Hat OpenShift 1.1 release notes]. \ No newline at end of file diff --git a/modules/mirror-registry-release-notes-1-2.adoc b/modules/mirror-registry-release-notes-1-2.adoc new file mode 100644 index 0000000000..896f0a8b8f --- /dev/null +++ b/modules/mirror-registry-release-notes-1-2.adoc @@ -0,0 +1,9 @@ +// module included in the following assembly: +// +// * installing/disconnected_install/installing-mirroring-creating-registry.adoc + +:_mod-docs-content-type: REFERENCE +[id="mirror-registry-release-notes-1-2_{context}"] += Mirror registry for Red{nbsp}Hat OpenShift 1.2 release notes + +To view the _mirror registry for Red{nbsp}Hat OpenShift_ 1.2 release notes, see link:https://docs.openshift.com/container-platform/4.15/installing/disconnected_install/installing-mirroring-creating-registry.html#mirror-registry-release-notes-1-2_installing-mirroring-creating-registry[Mirror registry for Red{nbsp}Hat OpenShift 1.2 release notes]. \ No newline at end of file diff --git a/modules/mirror-registry-release-notes-1-3.adoc b/modules/mirror-registry-release-notes-1-3.adoc new file mode 100644 index 0000000000..6c686f6191 --- /dev/null +++ b/modules/mirror-registry-release-notes-1-3.adoc @@ -0,0 +1,9 @@ +// module included in the following assembly: +// +// * installing/disconnected_install/installing-mirroring-creating-registry.adoc + +:_mod-docs-content-type: REFERENCE +[id="mirror-registry-release-notes-1-3_{context}"] += Mirror registry for Red{nbsp}Hat OpenShift 1.3 release notes + +To view the _mirror registry for Red{nbsp}Hat OpenShift_ 1.3 release notes, see link:https://docs.openshift.com/container-platform/4.19/installing/disconnected_install/installing-mirroring-creating-registry.html#mirror-registry-release-notes-1-3_installing-mirroring-creating-registry[Mirror registry for Red{nbsp}Hat OpenShift 1.3 release notes]. \ No newline at end of file diff --git a/modules/mirror-registry-release-notes-2-0.adoc b/modules/mirror-registry-release-notes-2-0.adoc new file mode 100644 index 0000000000..d3c6f9cd0a --- /dev/null +++ b/modules/mirror-registry-release-notes-2-0.adoc @@ -0,0 +1,107 @@ +// module included in the following assembly: +// +// * installing/disconnected_install/installing-mirroring-creating-registry.adoc + +:_mod-docs-content-type: REFERENCE +[id="mirror-registry-release-notes-2-0_{context}"] += Mirror registry for Red{nbsp}Hat OpenShift 2.0 release notes + +The following sections provide details for each 2.0 release of the mirror registry for Red{nbsp}Hat OpenShift. + +[id="mirror-registry-for-openshift-2-0-7_{context}"] +== Mirror registry for Red{nbsp}Hat OpenShift 2.0.7 + +Issued: 14 July 2025 + +_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.10. + +The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: + +* link:https://access.redhat.com/errata/RHBA-2025:9645[RHBA-2025:9645 - mirror registry for Red{nbsp}Hat OpenShift 2.0.7] + +[id="mirror-registry-for-openshift-2-0-6_{context}"] +== Mirror registry for Red{nbsp}Hat OpenShift 2.0.6 + +Issued: 28 April 2025 + +_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.8. + +The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: + +* link:https://access.redhat.com/errata/RHBA-2025:4251[RHBA-2025:4251 - mirror registry for Red{nbsp}Hat OpenShift 2.0.6] + +[id="mirror-registry-for-openshift-2-0-5_{context}"] +== Mirror registry for Red{nbsp}Hat OpenShift 2.0.5 + +Issued: 13 January 2025 + +_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.5. + +The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: + +* link:https://access.redhat.com/errata/RHBA-2025:0298[RHBA-2025:0298 - mirror registry for Red{nbsp}Hat OpenShift 2.0.5] + +[id="mirror-registry-for-openshift-2-0-4_{context}"] +== Mirror registry for Red{nbsp}Hat OpenShift 2.0.4 + +Issued: 06 January 2025 + +_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.4. + +The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: + +* link:https://access.redhat.com/errata/RHBA-2025:0033[RHBA-2025:0033 - mirror registry for Red{nbsp}Hat OpenShift 2.0.4] + +[id="mirror-registry-for-openshift-2-0-3_{context}"] +== Mirror registry for Red{nbsp}Hat OpenShift 2.0.3 + +Issued: 25 November 2024 + +_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.3. + +The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: + +* link:https://access.redhat.com/errata/RHBA-2024:10181[RHBA-2024:10181 - mirror registry for Red{nbsp}Hat OpenShift 2.0.3] + +[id="mirror-registry-for-openshift-2-0-2_{context}"] +== Mirror registry for Red{nbsp}Hat OpenShift 2.0.2 + +Issued: 31 October 2024 + +_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.2. + +The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: + +* link:https://access.redhat.com/errata/RHBA-2024:8370[RHBA-2024:8370 - mirror registry for Red{nbsp}Hat OpenShift 2.0.2] + +[id="mirror-registry-for-openshift-2-0-1_{context}"] +== Mirror registry for Red{nbsp}Hat OpenShift 2.0.1 + +Issued: 26 September 2024 + +_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.1. + +The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: + +* link:https://access.redhat.com/errata/RHBA-2024:7070[RHBA-2024:7070 - mirror registry for Red{nbsp}Hat OpenShift 2.0.1] + +[id="mirror-registry-for-openshift-2-0-0_{context}"] +== Mirror registry for Red{nbsp}Hat OpenShift 2.0.0 + +Issued: 03 September 2024 + +_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.0. + +The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: + +* link:https://access.redhat.com/errata/RHBA-2024:5277[RHBA-2024:5277 - mirror registry for Red{nbsp}Hat OpenShift 2.0.0] + +The following new features are available with _mirror registry for Red{nbsp}Hat OpenShift_ 2.0.0: + +* With the release of _mirror registry for Red{nbsp}Hat OpenShift_, the internal database has been upgraded from PostgreSQL to SQLite. As a result, data is now stored on the `sqlite-storage` Podman volume by default, and the overall tarball size is reduced by 300 MB. ++ +New installations use SQLite by default. Before upgrading to version 2.0, see "Updating mirror registry for Red Hat OpenShift from a local host" or "Updating mirror registry for Red Hat OpenShift from a remote host" depending on your environment. + +* A new feature flag, `--sqliteStorage` has been added. With this flag, you can manually set the location where SQLite database data is saved. + +* _Mirror registry for Red{nbsp}Hat OpenShift_ is now available on {ibm-power-title} and {ibm-z-title} architectures (`s390x` and `ppc64le`). \ No newline at end of file diff --git a/modules/mirror-registry-release-notes.adoc b/modules/mirror-registry-release-notes.adoc index 8432a13023..0e1ad0bc04 100644 --- a/modules/mirror-registry-release-notes.adoc +++ b/modules/mirror-registry-release-notes.adoc @@ -2,421 +2,10 @@ // // * installing/disconnected_install/installing-mirroring-creating-registry.adoc +:_mod-docs-content-type: REFERENCE [id="mirror-registry-release-notes_{context}"] = Mirror registry for Red{nbsp}Hat OpenShift release notes The _mirror registry for Red{nbsp}Hat OpenShift_ is a small and streamlined container registry that you can use as a target for mirroring the required container images of {product-title} for disconnected installations. These release notes track the development of the _mirror registry for Red{nbsp}Hat OpenShift_ in {product-title}. - -[id="mirror-registry-release-notes-2-0_{context}"] -== Mirror registry for Red{nbsp}Hat OpenShift 2.0 release notes - -The following sections provide details for each 2.0 release of the mirror registry for Red{nbsp}Hat OpenShift. - -[id="mirror-registry-for-openshift-2-0-7_{context}"] -=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.7 - -Issued: 14 July 2025 - -_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.10. - -The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2025:9645[RHBA-2025:9645 - mirror registry for Red{nbsp}Hat OpenShift 2.0.7] - -[id="mirror-registry-for-openshift-2-0-6_{context}"] -=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.6 - -Issued: 28 April 2025 - -_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.8. - -The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2025:4251[RHBA-2025:4251 - mirror registry for Red{nbsp}Hat OpenShift 2.0.6] - -[id="mirror-registry-for-openshift-2-0-5_{context}"] -=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.5 - -Issued: 13 January 2025 - -_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.5. - -The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2025:0298[RHBA-2025:0298 - mirror registry for Red{nbsp}Hat OpenShift 2.0.5] - -[id="mirror-registry-for-openshift-2-0-4_{context}"] -=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.4 - -Issued: 06 January 2025 - -_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.4. - -The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2025:0033[RHBA-2025:0033 - mirror registry for Red{nbsp}Hat OpenShift 2.0.4] - -[id="mirror-registry-for-openshift-2-0-3_{context}"] -=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.3 - -Issued: 25 November 2024 - -_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.3. - -The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2024:10181[RHBA-2024:10181 - mirror registry for Red{nbsp}Hat OpenShift 2.0.3] - -[id="mirror-registry-for-openshift-2-0-2_{context}"] -=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.2 - -Issued: 31 October 2024 - -_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.2. - -The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2024:8370[RHBA-2024:8370 - mirror registry for Red{nbsp}Hat OpenShift 2.0.2] - -[id="mirror-registry-for-openshift-2-0-1_{context}"] -=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.1 - -Issued: 26 September 2024 - -_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.1. - -The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2024:7070[RHBA-2024:7070 - mirror registry for Red{nbsp}Hat OpenShift 2.0.1] - -[id="mirror-registry-for-openshift-2-0-0_{context}"] -=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.0 - -Issued: 03 September 2024 - -_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.0. - -The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2024:5277[RHBA-2024:5277 - mirror registry for Red{nbsp}Hat OpenShift 2.0.0] - -[id="mirror-registry-new-features-2-0_{context}"] -==== New features - -* With the release of _mirror registry for Red{nbsp}Hat OpenShift_, the internal database has been upgraded from PostgreSQL to SQLite. As a result, data is now stored on the `sqlite-storage` Podman volume by default, and the overall tarball size is reduced by 300 MB. -+ -New installations use SQLite by default. Before upgrading to version 2.0, see "Updating mirror registry for Red Hat OpenShift from a local host" or "Updating mirror registry for Red Hat OpenShift from a remote host" depending on your environment. - -* A new feature flag, `--sqliteStorage` has been added. With this flag, you can manually set the location where SQLite database data is saved. - -* _Mirror registry for Red{nbsp}Hat OpenShift_ is now available on {ibm-power-title} and {ibm-z-title} architectures (`s390x` and `ppc64le`). - -[id="mirror-registry-release-notes-1-3_{context}"] -== Mirror registry for Red Hat OpenShift 1.3 release notes - -The following sections provide details for each 1.3.z release of the _mirror registry for Red Hat OpenShift_ - -[id="mirror-registry-for-openshift-1-3-11_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.11 - -Issued: 2024-04-23 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.15. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2024:1758[RHBA-2024:1758 - mirror registry for Red Hat OpenShift 1.3.11] - -[id="mirror-registry-for-openshift-1-3-10_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.10 - -Issued: 2023-12-07 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.14. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:7628[RHBA-2023:7628 - mirror registry for Red Hat OpenShift 1.3.10] - -[id="mirror-registry-for-openshift-1-3-9_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.9 - -Issued: 2023-09-19 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.12. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:5241[RHBA-2023:5241 - mirror registry for Red Hat OpenShift 1.3.9] - -[id="mirror-registry-for-openshift-1-3-8_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.8 - -Issued: 2023-08-16 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.11. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:4622[RHBA-2023:4622 - mirror registry for Red Hat OpenShift 1.3.8] - -[id="mirror-registry-for-openshift-1-3-7_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.7 - -Issued: 2023-07-19 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.10. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:4087[RHBA-2023:4087 - mirror registry for Red Hat OpenShift 1.3.7] - -[id="mirror-registry-for-openshift-1-3-6_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.6 - -Issued: 2023-05-30 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.8. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:3302[RHBA-2023:3302 - mirror registry for Red Hat OpenShift 1.3.6] - -[id="mirror-registry-for-openshift-1-3-5_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.5 - -Issued: 2023-05-18 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.7. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:3225[RHBA-2023:3225 - mirror registry for Red Hat OpenShift 1.3.5] - -[id="mirror-registry-for-openshift-1-3-4_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.4 - -Issued: 2023-04-25 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.6. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:1914[RHBA-2023:1914 - mirror registry for Red Hat OpenShift 1.3.4] - -[id="mirror-registry-for-openshift-1-3-3_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.3 - -Issued: 2023-04-05 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.5. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:1528[RHBA-2023:1528 - mirror registry for Red Hat OpenShift 1.3.3] - -[id="mirror-registry-for-openshift-1-3-2_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.2 - -Issued: 2023-03-21 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.4. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:1376[RHBA-2023:1376 - mirror registry for Red Hat OpenShift 1.3.2] - -[id="mirror-registry-for-openshift-1-3-1_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.1 - -Issued: 2023-03-7 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.3. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:1086[RHBA-2023:1086 - mirror registry for Red Hat OpenShift 1.3.1] - -[id="mirror-registry-for-openshift-1-3-0_{context}"] -=== Mirror registry for Red Hat OpenShift 1.3.0 - -Issued: 2023-02-20 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.8.1. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2023:0558[RHBA-2023:0558 - mirror registry for Red Hat OpenShift 1.3.0] - -[id="mirror-registry-new-features-1-3-0_{context}"] -==== New features - -* _Mirror registry for Red Hat OpenShift_ is now supported on {op-system-base-full} 9 installations. - -* IPv6 support is now available on _mirror registry for Red Hat OpenShift_ local host installations. -+ -IPv6 is currently unsupported on _mirror registry for Red Hat OpenShift_ remote host installations. - -* A new feature flag, `--quayStorage`, has been added. By specifying this flag, you can manually set the location for the Quay persistent storage. - -* A new feature flag, `--pgStorage`, has been added. By specifying this flag, you can manually set the location for the Postgres persistent storage. - -* Previously, users were required to have root privileges (`sudo`) to install _mirror registry for Red Hat OpenShift_. With this update, `sudo` is no longer required to install _mirror registry for Red Hat OpenShift_. -+ -When _mirror registry for Red Hat OpenShift_ was installed with `sudo`, an `/etc/quay-install` directory that contained installation files, local storage, and the configuration bundle was created. With the removal of the `sudo` requirement, installation files and the configuration bundle are now installed to `$HOME/quay-install`. Local storage, for example Postgres and Quay, are now stored in named volumes automatically created by Podman. -+ -To override the default directories that these files are stored in, you can use the command line arguments for _mirror registry for Red Hat OpenShift_. For more information about _mirror registry for Red Hat OpenShift_ command line arguments, see "_Mirror registry for Red Hat OpenShift_ flags". - -[id="mirror-registry-bug-fixes-1-3-0_{context}"] -==== Bug fixes - -* Previously, the following error could be returned when attempting to uninstall _mirror registry for Red Hat OpenShift_: `["Error: no container with name or ID \"quay-postgres\" found: no such container"], "stdout": "", "stdout_lines": []***`. With this update, the order that _mirror registry for Red Hat OpenShift_ services are stopped and uninstalled have been changed so that the error no longer occurs when uninstalling _mirror registry for Red Hat OpenShift_. For more information, see link:https://issues.redhat.com/browse/PROJQUAY-4629[*PROJQUAY-4629*]. - -[id="mirror-registry-release-notes-1-2_{context}"] -== Mirror registry for Red Hat OpenShift 1.2 release notes - -The following sections provide details for each 1.2.z release of the _mirror registry for Red Hat OpenShift_ - -[id="mirror-registry-for-openshift-1-2-9_{context}"] -=== Mirror registry for Red Hat OpenShift 1.2.9 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.7.10. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:7369[RHBA-2022:7369 - mirror registry for Red Hat OpenShift 1.2.9] - - -[id="mirror-registry-for-openshift-1-2-8_{context}"] -=== Mirror registry for Red Hat OpenShift 1.2.8 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.7.9. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:7065[RHBA-2022:7065 - mirror registry for Red Hat OpenShift 1.2.8] - - -[id="mirror-registry-for-openshift-1-2-7_{context}"] -=== Mirror registry for Red Hat OpenShift 1.2.7 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.7.8. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:6500[RHBA-2022:6500 - mirror registry for Red Hat OpenShift 1.2.7] - -[id="mirror-registry-bug-fixes-1-2-7_{context}"] -==== Bug fixes - -* Previously, `getFQDN()` relied on the fully-qualified domain name (FQDN) library to determine its FQDN, and the FQDN library tried to read the `/etc/hosts` folder directly. Consequently, on some {op-system-first} installations with uncommon DNS configurations, the FQDN library would fail to install and abort the installation. With this update, _mirror registry for Red Hat OpenShift_ uses `hostname` to determine the FQDN. As a result, the FQDN library does not fail to install. (link:https://issues.redhat.com/browse/PROJQUAY-4139[*PROJQUAY-4139*]) - -[id="mirror-registry-for-openshift-1-2-6_{context}"] -=== Mirror registry for Red Hat OpenShift 1.2.6 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.7.7. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:6278[RHBA-2022:6278 - mirror registry for Red Hat OpenShift 1.2.6] - -[id="mirror-registry-new-features-1-2-6_{context}"] -==== New features - -A new feature flag, `--no-color` (`-c`) has been added. This feature flag allows users to disable color sequences and propagate that to Ansible when running install, uninstall, and upgrade commands. - -[id="mirror-registry-for-openshift-1-2-5_{context}"] -=== Mirror registry for Red Hat OpenShift 1.2.5 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.7.6. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:6071[RHBA-2022:6071 - mirror registry for Red Hat OpenShift 1.2.5] - -[id="mirror-registry-for-openshift-1-2-4_{context}"] -=== Mirror registry for Red Hat OpenShift 1.2.4 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.7.5. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:5884[RHBA-2022:5884 - mirror registry for Red Hat OpenShift 1.2.4] - -[id="mirror-registry-for-openshift-1-2-3_{context}"] -=== Mirror registry for Red Hat OpenShift 1.2.3 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.7.4. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:5649[RHBA-2022:5649 - mirror registry for Red Hat OpenShift 1.2.3] - -[id="mirror-registry-for-openshift-1-2-2_{context}"] -=== Mirror registry for Red Hat OpenShift 1.2.2 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.7.3. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:5501[RHBA-2022:5501 - mirror registry for Red Hat OpenShift 1.2.2] - - -[id="mirror-registry-for-openshift-1-2-1"] -=== Mirror registry for Red Hat OpenShift 1.2.1 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.7.2. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:5200[RHBA-2022:4986 - mirror registry for Red Hat OpenShift 1.2.1] - -[id="mirror-registry-for-openshift-1-2-0_{context}"] -=== Mirror registry for Red Hat OpenShift 1.2.0 - -_Mirror registry for Red Hat OpenShift_ is now available with Red Hat Quay 3.7.1. - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:4986[RHBA-2022:4986 - mirror registry for Red Hat OpenShift 1.2.0] - -[id="mirror-registry-1-2-0-bug-fixes_{context}"] -==== Bug fixes - -* Previously, all components and workers running inside of the Quay pod Operator had log levels set to `DEBUG`. As a result, large traffic logs were created that consumed unnecessary space. With this update, log levels are set to `WARN` by default, which reduces traffic information while emphasizing problem scenarios. (link:https://issues.redhat.com/browse/PROJQUAY-3504[*PROJQUAY-3504*]) - -[id="mirror-registry-release-notes-1-1_{context}"] -== Mirror registry for Red Hat OpenShift 1.1 release notes - -The following section provides details 1.1.0 release of the _mirror registry for Red Hat OpenShift_ - -[id="mirror-registry-for-openshift-1-1-0_{context}"] -=== Mirror registry for Red Hat OpenShift 1.1.0 - -The following advisory is available for the _mirror registry for Red Hat OpenShift_: - -* link:https://access.redhat.com/errata/RHBA-2022:0956[RHBA-2022:0956 - mirror registry for Red Hat OpenShift 1.1.0] - -[id="mirror-registry-1-2-0-new-feature_{context}"] -==== New features - -* A new command, `mirror-registry upgrade` has been added. This command upgrades all container images without interfering with configurations or data. -+ -[NOTE] -==== -If `quayRoot` was previously set to something other than default, it must be passed into the upgrade command. -==== - -[id="mirror-registry-1-1-0-bug-fixes_{context}"] -==== Bug fixes - -* Previously, the absence of `quayHostname` or `targetHostname` did not default to the local hostname. With this update, `quayHostname` and `targetHostname` now default to the local hostname if they are missing. (link:https://issues.redhat.com/browse/PROJQUAY-3079[*PROJQUAY-3079*]) - -* Previously, the command `./mirror-registry --version` returned an `unknown flag` error. Now, running `./mirror-registry --version` returns the current version of the _mirror registry for Red Hat OpenShift_. (link:https://issues.redhat.com/browse/PROJQUAY-3086[*PROJQUAY-3086*]) - -* Previously, users could not set a password during installation, for example, when running `./mirror-registry install --initUser --initPassword --verbose`. With this update, users can set a password during installation. (link:https://issues.redhat.com/browse/PROJQUAY-3149[*PROJQUAY-3149*]) - -* Previously, the _mirror registry for Red Hat OpenShift_ did not recreate pods if they were destroyed. Now, pods are recreated if they are destroyed. (link:https://issues.redhat.com/browse/PROJQUAY-3261[*PROJQUAY-3261*]) - diff --git a/modules/mirror-registry-remote-host-update.adoc b/modules/mirror-registry-remote-host-update.adoc index 857720e816..26837a8515 100644 --- a/modules/mirror-registry-remote-host-update.adoc +++ b/modules/mirror-registry-remote-host-update.adoc @@ -6,7 +6,7 @@ [id="mirror-registry-remote-host-update_{context}"] = Updating mirror registry for Red Hat OpenShift from a remote host -This procedure explains how to update the _mirror registry for Red Hat OpenShift_ from a remote host using the `upgrade` command. Updating to the latest version ensures bug fixes and security vulnerability fixes. +This procedure explains how to update the _mirror registry for Red{nbsp}Hat OpenShift_ from a remote host by using the `upgrade` command. Updating to the latest version ensures bug fixes and security vulnerability fixes. [IMPORTANT] ==== @@ -21,11 +21,11 @@ When upgrading from version 1 to version 2, be aware of the following constraint .Prerequisites -* You have installed the _mirror registry for Red Hat OpenShift_ on a remote host. +* You have installed the _mirror registry for Red{nbsp}Hat OpenShift_ on a remote host. .Procedure -* To upgrade the _mirror registry for Red Hat OpenShift_ from a remote host, enter the following command: +* To upgrade the _mirror registry for Red{nbsp}Hat OpenShift_ from a remote host, enter the following command: + [source,terminal] ---- @@ -34,12 +34,28 @@ $ ./mirror-registry upgrade -v --targetHostname --targetUserna + [NOTE] ==== -Users who upgrade the _mirror registry for Red Hat OpenShift_ with the `./mirror-registry upgrade -v` flag must include the same credentials used when creating their mirror registry. For example, if you installed the _mirror registry for Red Hat OpenShift_ with `--quayHostname ` and `--quayRoot `, you must include that string to properly upgrade the mirror registry. +Users who upgrade the _mirror registry for Red{nbsp}Hat OpenShift_ with the `./mirror-registry upgrade -v` flag must include the same credentials used when creating their mirror registry. For example, if you installed the _mirror registry for Red{nbsp}Hat OpenShift_ with `--quayHostname ` and `--quayRoot `, you must include that string to properly upgrade the mirror registry. ==== -* If you are upgrading the _mirror registry for Red Hat OpenShift_ from 1.3 -> 2.y and want to specify a custom SQLite storage path, you must pass in the `--sqliteStorage` flag, for example: +* If you are upgrading the _mirror registry for Red{nbsp}Hat OpenShift_ from 1.3 -> 2.y and want to specify a custom SQLite storage path, you must pass in the `--sqliteStorage` flag, for example: + [source,terminal] ---- $ ./mirror-registry upgrade -v --targetHostname --targetUsername -k ~/.ssh/my_ssh_key --sqliteStorage /quay-storage +---- + +.Verification + +. Ensure that _mirror registry for Red{nbsp}Hat OpenShift_ has been updated by running the following command: ++ +[source,terminal] +---- +$ podman ps +---- ++ +.Example output ++ +[source,terminal] +---- +registry.redhat.io/quay/quay-rhel8:v3.12.10 ---- \ No newline at end of file diff --git a/modules/mirror-registry-remote.adoc b/modules/mirror-registry-remote.adoc index 50257dc048..a07430e7c3 100644 --- a/modules/mirror-registry-remote.adoc +++ b/modules/mirror-registry-remote.adoc @@ -6,18 +6,18 @@ [id="mirror-registry-remote_{context}"] = Mirroring on a remote host with mirror registry for Red Hat OpenShift -This procedure explains how to install the _mirror registry for Red Hat OpenShift_ on a remote host using the `mirror-registry` tool. By doing so, users can create a registry to hold a mirror of {product-title} images. +This procedure explains how to install the _mirror registry for Red{nbsp}Hat OpenShift_ on a remote host by using the `mirror-registry` tool. By doing so, users can create a registry to hold a mirror of {product-title} images. [NOTE] ==== -Installing the _mirror registry for Red Hat OpenShift_ using the `mirror-registry` CLI tool makes several changes to your machine. After installation, a `$HOME/quay-install` directory is created, which has installation files, local storage, and the configuration bundle. Trusted SSH keys are generated in case the deployment target is the local host, and systemd files on the host machine are set up to ensure that container runtimes are persistent. Additionally, an initial user named `init` is created with an automatically generated password. All access credentials are printed at the end of the install routine. +Installing the _mirror registry for Red{nbsp}Hat OpenShift_ using the `mirror-registry` CLI tool makes several changes to your machine. After installation, a `$HOME/quay-install` directory is created, which has installation files, local storage, and the configuration bundle. Trusted SSH keys are generated in case the deployment target is the local host, and systemd files on the host machine are set up to ensure that container runtimes are persistent. Additionally, an initial user named `init` is created with an automatically generated password. All access credentials are printed at the end of the install routine. ==== .Procedure -. Download the `mirror-registry.tar.gz` package for the latest version of the _mirror registry for Red Hat OpenShift_ found on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page. +. Download the `mirror-registry.tar.gz` package for the latest version of the _mirror registry for Red{nbsp}Hat OpenShift_ found on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page. -. Install the _mirror registry for Red Hat OpenShift_ on your local host with your current user account by using the `mirror-registry` tool. For a full list of available flags, see "mirror registry for Red Hat OpenShift flags". +. Install the _mirror registry for Red{nbsp}Hat OpenShift_ on your local host with your current user account by using the `mirror-registry` tool. For a full list of available flags, see "mirror registry for Red Hat OpenShift flags". + [source,terminal] ---- @@ -38,16 +38,16 @@ $ podman login -u init \ :8443> \ --tls-verify=false <1> ---- -<1> You can avoid running `--tls-verify=false` by configuring your system to trust the generated rootCA certificates. See "Using SSL to protect connections to Red Hat Quay" and "Configuring the system to trust the certificate authority" for more information. +<1> You can avoid running `--tls-verify=false` by configuring your system to trust the generated rootCA certificates. See "Using SSL to protect connections to {quay}" and "Configuring the system to trust the certificate authority" for more information. + [NOTE] ==== You can also log in by accessing the UI at `\https://:8443` after installation. ==== -. You can mirror {product-title} images after logging in. Depending on your needs, see either the "Mirroring the OpenShift Container Platform image repository" or the "Mirroring Operator catalogs for use with disconnected clusters" sections of this document. +. You can mirror {product-title} images after logging in. Depending on your needs, see either the "Mirroring the {product-title} image repository" or the "Mirroring Operator catalogs for use with disconnected clusters" sections of this document. + [NOTE] ==== -If there are issues with images stored by the _mirror registry for Red Hat OpenShift_ due to storage layer problems, you can remirror the {product-title} images, or reinstall mirror registry on more stable storage. +If there are issues with images stored by the _mirror registry for Red{nbsp}Hat OpenShift_ due to storage layer problems, you can remirror the {product-title} images, or reinstall mirror registry on more stable storage. ==== diff --git a/modules/mirror-registry-ssl-cert-replace.adoc b/modules/mirror-registry-ssl-cert-replace.adoc index 019e28e7c3..7c3e7176f1 100644 --- a/modules/mirror-registry-ssl-cert-replace.adoc +++ b/modules/mirror-registry-ssl-cert-replace.adoc @@ -6,21 +6,21 @@ [id="mirror-registry-ssl-cert-replace_{context}"] = Replacing mirror registry for Red Hat OpenShift SSL/TLS certificates -In some cases, you might want to update your SSL/TLS certificates for the _mirror registry for Red Hat OpenShift_. This is useful in the following scenarios: +In some cases, you might want to update your SSL/TLS certificates for the _mirror registry for Red{nbsp}Hat OpenShift_. This is useful in the following scenarios: -* If you are replacing the current _mirror registry for Red Hat OpenShift_ certificate. -* If you are using the same certificate as the previous _mirror registry for Red Hat OpenShift_ installation. -* If you are periodically updating the _mirror registry for Red Hat OpenShift_ certificate. +* If you are replacing the current _mirror registry for Red{nbsp}Hat OpenShift_ certificate. +* If you are using the same certificate as the previous _mirror registry for Red{nbsp}Hat OpenShift_ installation. +* If you are periodically updating the _mirror registry for Red{nbsp}Hat OpenShift_ certificate. -Use the following procedure to replace _mirror registry for Red Hat OpenShift_ SSL/TLS certificates. +Use the following procedure to replace _mirror registry for Red{nbsp}Hat OpenShift_ SSL/TLS certificates. .Prerequisites -* You have downloaded the `./mirror-registry` binary from the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page. +* You have downloaded and installed the `./mirror-registry` binary from the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page. .Procedure -. Enter the following command to install the _mirror registry for Red Hat OpenShift_: +. Enter the following command to install the _mirror registry for Red{nbsp}Hat OpenShift_: + [source,terminal] ---- @@ -29,9 +29,9 @@ $ ./mirror-registry install \ --quayRoot ---- + -This installs the _mirror registry for Red Hat OpenShift_ to the `$HOME/quay-install` directory. +This installs the _mirror registry for Red{nbsp}Hat OpenShift_ to the `$HOME/quay-install` directory. -. Prepare a new certificate authority (CA) bundle and generate new `ssl.key` and `ssl.crt` key files. For more information, see link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/proof_of_concept_-_deploying_red_hat_quay/advanced-quay-poc-deployment#introduction-using-ssl[Using SSL/TLS to protect connections to {quay}]. +. Prepare a new certificate authority (CA) bundle and generate new `ssl.key` and `ssl.crt` key files. For more information, see link:https://docs.redhat.com/en/documentation/red_hat_quay/3.15/html-single/securing_red_hat_quay/index#ssl-tls-quay-overview[Configuring SSL and TLS for {quay}]. . Assign `/$HOME/quay-install` an environment variable, for example, `QUAY`, by entering the following command: + diff --git a/modules/mirror-registry-troubleshooting.adoc b/modules/mirror-registry-troubleshooting.adoc index 188955ba07..16b3e94248 100644 --- a/modules/mirror-registry-troubleshooting.adoc +++ b/modules/mirror-registry-troubleshooting.adoc @@ -6,7 +6,7 @@ [id="mirror-registry-troubleshooting_{context}"] = Troubleshooting mirror registry for Red Hat OpenShift -To assist in troubleshooting _mirror registry for Red Hat OpenShift_, you can gather logs of systemd services installed by the mirror registry. The following services are installed: +To assist in troubleshooting _mirror registry for Red{nbsp}Hat OpenShift_, you can gather logs of systemd services installed by the mirror registry. The following services are installed: * quay-app.service * quay-postgres.service @@ -15,18 +15,18 @@ To assist in troubleshooting _mirror registry for Red Hat OpenShift_, you can ga .Prerequisites -* You have installed _mirror registry for Red Hat OpenShift_. +* You have installed _mirror registry for Red{nbsp}Hat OpenShift_. .Procedure -* If you installed _mirror registry for Red Hat OpenShift_ with root privileges, you can get the status information of its systemd services by entering the following command: +* If you installed _mirror registry for Red{nbsp}Hat OpenShift_ with root privileges, you can get the status information of its systemd services by entering the following command: + [source,terminal] ---- $ sudo systemctl status ---- -* If you installed _mirror registry for Red Hat OpenShift_ as a standard user, you can get the status information of its systemd services by entering the following command: +* If you installed _mirror registry for Red{nbsp}Hat OpenShift_ as a standard user, you can get the status information of its systemd services by entering the following command: + [source,terminal] ---- diff --git a/modules/mirror-registry-uninstall.adoc b/modules/mirror-registry-uninstall.adoc index 8745e4f8ea..e474d58ad5 100644 --- a/modules/mirror-registry-uninstall.adoc +++ b/modules/mirror-registry-uninstall.adoc @@ -2,10 +2,19 @@ // // * installing/disconnected_install/installing-mirroring-creating-registry.adoc +:_mod-docs-content-type: PROCEDURE [id="uninstalling-mirror-registry_{context}"] = Uninstalling the mirror registry for Red Hat OpenShift -* You can uninstall the _mirror registry for Red Hat OpenShift_ from your local host by running the following command: +Use the following procedure to uninstall the _mirror registry for Red{nbsp}Hat OpenShift_ from your local host. + +.Prerequisites + +* You have installed _mirror registry for Red{nbsp}Hat OpenShift_ on a local .host. + +.Porcedure + +* Uninstall the _mirror registry for Red{nbsp}Hat OpenShift_ from your local host by running the following command: + [source,terminal] ---- @@ -15,6 +24,6 @@ $ ./mirror-registry uninstall -v \ + [NOTE] ==== -* Deleting the _mirror registry for Red Hat OpenShift_ will prompt the user before deletion. You can use `--autoApprove` to skip this prompt. -* Users who install the _mirror registry for Red Hat OpenShift_ with the `--quayRoot` flag must include the `--quayRoot` flag when uninstalling. For example, if you installed the _mirror registry for Red Hat OpenShift_ with `--quayRoot example_directory_name`, you must include that string to properly uninstall the mirror registry. +* Deleting the _mirror registry for Red{nbsp}Hat OpenShift_ will prompt the user before deletion. You can use `--autoApprove` to skip this prompt. +* Users who install the _mirror registry for Red{nbsp}Hat OpenShift_ with the `--quayRoot` flag must include the `--quayRoot` flag when uninstalling. For example, if you installed the _mirror registry for Red{nbsp}Hat OpenShift_ with `--quayRoot example_directory_name`, you must include that string to properly uninstall the mirror registry. ==== diff --git a/modules/odc-monitoring-your-app-vulnerabilities.adoc b/modules/odc-monitoring-your-app-vulnerabilities.adoc index 943214faef..d8a5abaf8c 100644 --- a/modules/odc-monitoring-your-app-vulnerabilities.adoc +++ b/modules/odc-monitoring-your-app-vulnerabilities.adoc @@ -13,11 +13,11 @@ After you create applications in your project and deploy them, use the *Develope * Drilldown into severity to obtain the details, such as count of vulnerabilities, count of fixable vulnerabilities, and number of affected pods for each vulnerable image .Prerequisites -* You have installed the Red Hat Quay Container Security operator from the Operator Hub. +* You have installed the {quay} Container Security operator from the Operator Hub. + [NOTE] ==== -The Red Hat Quay Container Security operator detects vulnerabilities by scanning the images that are in the quay registry. +The {quay} Container Security operator detects vulnerabilities by scanning the images that are in the quay registry. ==== .Procedure diff --git a/modules/olm-mirroring-catalog-airgapped.adoc b/modules/olm-mirroring-catalog-airgapped.adoc index 306a740ef0..279fcd1d0b 100644 --- a/modules/olm-mirroring-catalog-airgapped.adoc +++ b/modules/olm-mirroring-catalog-airgapped.adoc @@ -84,7 +84,7 @@ $ oc adm catalog mirror \ + [NOTE] ==== -Red Hat Quay does not support nested repositories. As a result, running the `oc adm catalog mirror` command will fail with a `401` unauthorized error. As a workaround, you can use the `--max-components=2` option when running the `oc adm catalog mirror` command to disable the creation of nested repositories. For more information on this workaround, see the link:https://access.redhat.com/solutions/5440741[Unauthorized error thrown while using catalog mirror command with Quay registry] Knowledgebase Solution. +{quay} does not support nested repositories. As a result, running the `oc adm catalog mirror` command will fail with a `401` unauthorized error. As a workaround, you can use the `--max-components=2` option when running the `oc adm catalog mirror` command to disable the creation of nested repositories. For more information on this workaround, see the link:https://access.redhat.com/solutions/5440741[Unauthorized error thrown while using catalog mirror command with Quay registry] Knowledgebase Solution. ==== . Run the `oc adm catalog mirror` command again. Use the newly mirrored index image as the source and the same mirror registry target used in the previous step: diff --git a/modules/olm-mirroring-catalog-colocated.adoc b/modules/olm-mirroring-catalog-colocated.adoc index 68fbdfe180..6df6f6a36f 100644 --- a/modules/olm-mirroring-catalog-colocated.adoc +++ b/modules/olm-mirroring-catalog-colocated.adoc @@ -63,7 +63,7 @@ wrote mirroring manifests to manifests-{index-image}-1614211642 <2> + [NOTE] ==== -Red Hat Quay does not support nested repositories. As a result, running the `oc adm catalog mirror` command will fail with a `401` unauthorized error. As a workaround, you can use the `--max-components=2` option when running the `oc adm catalog mirror` command to disable the creation of nested repositories. For more information on this workaround, see the link:https://access.redhat.com/solutions/5440741[Unauthorized error thrown while using catalog mirror command with Quay registry] Knowledgebase Solution. +{quay} does not support nested repositories. As a result, running the `oc adm catalog mirror` command will fail with a `401` unauthorized error. As a workaround, you can use the `--max-components=2` option when running the `oc adm catalog mirror` command to disable the creation of nested repositories. For more information on this workaround, see the link:https://access.redhat.com/solutions/5440741[Unauthorized error thrown while using catalog mirror command with Quay registry] Knowledgebase Solution. ==== -- diff --git a/modules/osd-intro.adoc b/modules/osd-intro.adoc index c63e200a19..a35baa7b90 100644 --- a/modules/osd-intro.adoc +++ b/modules/osd-intro.adoc @@ -34,7 +34,7 @@ Operators are both the fundamental unit of the {product-title} code base and a c Operator Lifecycle Manager (OLM) and the OperatorHub provide facilities for storing and distributing Operators to people developing and deploying applications. -The Red Hat Quay Container Registry is a Quay.io container registry that serves most of the container images and Operators to {product-title} clusters. Quay.io is a public registry version of Red Hat Quay that stores millions of images and tags. +The {quay} Container Registry is a Quay.io container registry that serves most of the container images and Operators to {product-title} clusters. Quay.io is a public registry version of {quay} that stores millions of images and tags. Other enhancements to Kubernetes in {product-title} include improvements in software defined networking (SDN), authentication, log aggregation, monitoring, and routing. {product-title} also offers a comprehensive web console and the custom OpenShift CLI (`oc`) interface. diff --git a/modules/registry-common-terms.adoc b/modules/registry-common-terms.adoc index 4bedd0ce71..f8449d124e 100644 --- a/modules/registry-common-terms.adoc +++ b/modules/registry-common-terms.adoc @@ -33,7 +33,7 @@ public registry:: A registry is a server that implements the container image registry API. A public registry is a registry that serves its contently publicly. Quay.io:: -A public Red Hat Quay Container Registry instance provided and maintained by Red Hat, that serves most of the container images and Operators to {product-title} clusters. +A public {quay} Container Registry instance provided and maintained by Red Hat, that serves most of the container images and Operators to {product-title} clusters. {product-registry}:: {product-registry} is the registry provided by {product-title} to manage images. diff --git a/modules/registry-quay-overview.adoc b/modules/registry-quay-overview.adoc index dd4defc616..458bb51dcb 100644 --- a/modules/registry-quay-overview.adoc +++ b/modules/registry-quay-overview.adoc @@ -3,25 +3,25 @@ // * registry/index.adoc [id="registry-quay-overview_{context}"] -= Red Hat Quay registries += {quay} registries -If you need an enterprise-quality container image registry, Red Hat Quay is +If you need an enterprise-quality container image registry, {quay} is available both as a hosted service and as software you can install in your own -data center or cloud environment. Advanced features in Red Hat Quay +data center or cloud environment. Advanced features in {quay} include geo-replication, image scanning, and the ability to roll back images. Visit the link:https://quay.io[Quay.io] site to set up your own hosted Quay registry account. After that, follow the Quay Tutorial to log in to the Quay registry and start managing your images. -You can access your Red Hat Quay registry from {product-title} like any remote +You can access your {quay} registry from {product-title} like any remote container image registry. //[role="_additional-resources"] //.Additional resources //* link:https://quay.io[Quay.io] //* link:https://quay.io/tutorial/[Quay Tutorial] -//* See link:https://access.redhat.com/documentation/en-us/red_hat_quay/2.9/html-single/getting_started_with_red_hat_quay/[Getting Started with Red Hat Quay] -//for information about setting up your own Red Hat Quay registry. +//* See link:https://access.redhat.com/documentation/en-us/red_hat_quay/2.9/html-single/getting_started_with_red_hat_quay/[Getting Started with {quay}] +//for information about setting up your own {quay} registry. //* To learn how to set up credentials to access -//Red Hat Quay as a secured registry, refer to Allowing Pods to Reference Images from Other Secured Registries. +//{quay} as a secured registry, refer to Allowing Pods to Reference Images from Other Secured Registries. diff --git a/modules/security-container-content-scanning.adoc b/modules/security-container-content-scanning.adoc index 14923dacb4..16ce56fd1f 100644 --- a/modules/security-container-content-scanning.adoc +++ b/modules/security-container-content-scanning.adoc @@ -20,14 +20,14 @@ known vulnerabilities. == Scanning OpenShift images For the container images that are running in {product-title} -and are pulled from Red Hat Quay registries, you can use an Operator to list the +and are pulled from {quay} registries, you can use an Operator to list the vulnerabilities of those images. The link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/red_hat_quay_operator_features/container-security-operator-setup[{rhq-cso}] can be added to {product-title} to provide vulnerability reporting for images added to selected namespaces. -Container image scanning for Red Hat Quay is performed by the +Container image scanning for {quay} is performed by the link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/vulnerability_reporting_with_clair_on_red_hat_quay/index[Clair]. -In Red Hat Quay, Clair can search for and report vulnerabilities in +In {quay}, Clair can search for and report vulnerabilities in images built from {op-system-base}, CentOS, Oracle, Alpine, Debian, and Ubuntu operating system software. diff --git a/modules/security-pod-scan-cso.adoc b/modules/security-pod-scan-cso.adoc index 4dfff68023..2bc7419afb 100644 --- a/modules/security-pod-scan-cso.adoc +++ b/modules/security-pod-scan-cso.adoc @@ -12,7 +12,7 @@ You can install the {rhq-cso} from the {product-title} web console Operator Hub, * You have installed the `oc` CLI. * You have administrator privileges to the {product-title} cluster. -* You have containers that come from a Red Hat Quay or Quay.io registry running on your cluster. +* You have containers that come from a {quay} or Quay.io registry running on your cluster. .Procedure diff --git a/modules/security-registries-openshift.adoc b/modules/security-registries-openshift.adoc index 915c0526eb..7cdb0ec206 100644 --- a/modules/security-registries-openshift.adoc +++ b/modules/security-registries-openshift.adoc @@ -11,4 +11,4 @@ images. The OpenShift Container Registry provides role-based access controls that allow you to manage who can pull and push which container images. {product-title} also supports integration with other private registries that you might -already be using, such as Red Hat Quay. +already be using, such as {quay}. diff --git a/modules/security-registries-quay.adoc b/modules/security-registries-quay.adoc index 477dc78f7e..dcd3b208b5 100644 --- a/modules/security-registries-quay.adoc +++ b/modules/security-registries-quay.adoc @@ -3,44 +3,44 @@ // * security/container_security/security-registries.adoc [id="security-registries-quay_{context}"] -= Storing containers using Red Hat Quay -link:https://access.redhat.com/products/red-hat-quay[Red Hat Quay] is an += Storing containers using {quay} +link:https://access.redhat.com/products/red-hat-quay[{quay}] is an enterprise-quality container registry product from Red Hat. -Development for Red Hat Quay is done through the upstream +Development for {quay} is done through the upstream link:https://docs.projectquay.io/welcome.html[Project Quay]. -Red Hat Quay is available to deploy on-premise or through the hosted -version of Red Hat Quay at link:https://quay.io[Quay.io]. +{quay} is available to deploy on-premise or through the hosted +version of {quay} at link:https://quay.io[Quay.io]. -Security-related features of Red Hat Quay include: +Security-related features of {quay} include: * *Time machine*: Allows images with older tags to expire after a set period of time or based on a user-selected expiration time. * *link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#repo-mirroring-in-red-hat-quay[Repository mirroring]*: Lets you mirror other registries for security reasons, such hosting a public repository -on Red Hat Quay behind a company firewall, or for performance reasons, to +on {quay} behind a company firewall, or for performance reasons, to keep registries closer to where they are used. -* *Action log storage*: Save Red Hat Quay logging output to link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#proc_manage-log-storage[Elasticsearch storage or Splunk] to allow for later search and analysis. +* *Action log storage*: Save {quay} logging output to link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#proc_manage-log-storage[Elasticsearch storage or Splunk] to allow for later search and analysis. * *link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/vulnerability_reporting_with_clair_on_red_hat_quay/index[Clair]*: Scan images against a variety of Linux vulnerability databases, based on the origins of each container image. * *Internal authentication*: Use the default local database to handle RBAC -authentication to Red Hat Quay or choose from LDAP, Keystone (OpenStack), +authentication to {quay} or choose from LDAP, Keystone (OpenStack), JWT Custom Authentication, or External Application Token authentication. -* *External authorization (OAuth)*: Allow authorization to Red Hat Quay +* *External authorization (OAuth)*: Allow authorization to {quay} from GitHub, GitHub Enterprise, or Google Authentication. -* *Access settings*: Generate tokens to allow access to Red Hat Quay +* *Access settings*: Generate tokens to allow access to {quay} from docker, rkt, anonymous access, user-created accounts, encrypted client passwords, or prefix username autocompletion. -Ongoing integration of Red Hat Quay with {product-title} continues, +Ongoing integration of {quay} with {product-title} continues, with several {product-title} Operators of particular interest. The link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/red_hat_quay_operator_features/index#quay-bridge-operator[Quay Bridge Operator] -lets you replace the internal {product-registry} with Red Hat Quay. +lets you replace the internal {product-registry} with {quay}. The link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/red_hat_quay_operator_features/index#container-security-operator-setup[{rhq-cso}] lets you check vulnerabilities of images running in {product-title} that were -pulled from Red Hat Quay registries. +pulled from {quay} registries. diff --git a/modules/update-service-create-service-web-console.adoc b/modules/update-service-create-service-web-console.adoc index 0b57059708..588d0d4721 100644 --- a/modules/update-service-create-service-web-console.adoc +++ b/modules/update-service-create-service-web-console.adoc @@ -28,7 +28,7 @@ You can use the {product-title} web console to create an OpenShift Update Servic . Enter the local pullspec in the *Graph Data Image* field to the graph data container image created in "Creating the OpenShift Update Service graph data container image", for example, `registry.example.com/openshift/graph-data:latest`. //TODO: Add xref to preceding step when allowed. -. In the *Releases* field, enter the registry and repository created to contain the release images in "Mirroring the OpenShift Container Platform image repository", for example, `registry.example.com/ocp4/openshift4-release-images`. +. In the *Releases* field, enter the registry and repository created to contain the release images in "Mirroring the {product-title} image repository", for example, `registry.example.com/ocp4/openshift4-release-images`. //TODO: Add xref to preceding step when allowed. . Enter `2` in the *Replicas* field. diff --git a/modules/virt-preparing-container-disk-for-vms.adoc b/modules/virt-preparing-container-disk-for-vms.adoc index 38ce74d19a..edc7231b09 100644 --- a/modules/virt-preparing-container-disk-for-vms.adoc +++ b/modules/virt-preparing-container-disk-for-vms.adoc @@ -12,7 +12,7 @@ The size of a container disk is limited by the maximum layer size of the registr [NOTE] ==== -For link:https://access.redhat.com/documentation/en-us/red_hat_quay/[Red Hat Quay], you can change the maximum layer size by editing the YAML configuration file that is created when Red Hat Quay is first deployed. +For link:https://access.redhat.com/documentation/en-us/red_hat_quay/[{quay}], you can change the maximum layer size by editing the YAML configuration file that is created when {quay} is first deployed. ==== .Prerequisites diff --git a/modules/ztp-configuring-the-cluster-for-a-disconnected-environment.adoc b/modules/ztp-configuring-the-cluster-for-a-disconnected-environment.adoc index 647aef4437..6571b11f06 100644 --- a/modules/ztp-configuring-the-cluster-for-a-disconnected-environment.adoc +++ b/modules/ztp-configuring-the-cluster-for-a-disconnected-environment.adoc @@ -12,7 +12,7 @@ You can configure the hub cluster to use a disconnected mirror registry for a di * You have a disconnected hub cluster installation with {rh-rhacm-first} {rh-rhacm-version} installed. -* You have hosted the `rootfs` and `iso` images on an HTTP server. See the _Additional resources_ section for guidance about _Mirroring the OpenShift Container Platform image repository_. +* You have hosted the `rootfs` and `iso` images on an HTTP server. See the _Additional resources_ section for guidance about _Mirroring the {product-title} image repository_. [WARNING] ==== @@ -52,7 +52,7 @@ data: <1> The `ConfigMap` namespace must be set to `multicluster-engine`. <2> The mirror registry’s certificate that is used when creating the mirror registry. <3> The configuration file for the mirror registry. The mirror registry configuration adds mirror information to the `/etc/containers/registries.conf` file in the discovery image. The mirror information is stored in the `imageContentSources` section of the `install-config.yaml` file when the information is passed to the installation program. The Assisted Service pod that runs on the hub cluster fetches the container images from the configured mirror registry. -<4> The URL of the mirror registry. You must use the URL from the `imageContentSources` section by running the `oc adm release mirror` command when you configure the mirror registry. For more information, see the _Mirroring the OpenShift Container Platform image repository_ section. +<4> The URL of the mirror registry. You must use the URL from the `imageContentSources` section by running the `oc adm release mirror` command when you configure the mirror registry. For more information, see the _Mirroring the {product-title} image repository_ section. <5> The registries defined in the `registries.conf` file must be scoped by repository, not by registry. In this example, both the `quay.io/example-repository` and the `mirror1.registry.corp.com:5000/example-repository` repositories are scoped by the `example-repository` repository. + diff --git a/openshift_images/using_images/using-images-overview.adoc b/openshift_images/using_images/using-images-overview.adoc index 20d0b8fdb4..00cd6bffd1 100644 --- a/openshift_images/using_images/using-images-overview.adoc +++ b/openshift_images/using_images/using-images-overview.adoc @@ -8,7 +8,7 @@ toc::[] Use the following topics to discover the different Source-to-Image (S2I), database, and other container images that are available for {product-title} users. -Red Hat official container images are provided in the Red Hat Registry at link:https://registry.redhat.io[registry.redhat.io]. {product-title}'s supported S2I, database, and Jenkins images are provided in the `openshift4` repository in the Red Hat Quay Registry. For example, `quay.io/openshift-release-dev/ocp-v4.0-
` is the name of the OpenShift Application Platform image. +Red Hat official container images are provided in the Red Hat Registry at link:https://registry.redhat.io[registry.redhat.io]. {product-title}'s supported S2I, database, and Jenkins images are provided in the `openshift4` repository in the {quay} Registry. For example, `quay.io/openshift-release-dev/ocp-v4.0-
` is the name of the OpenShift Application Platform image. The xPaaS middleware images are provided in their respective product repositories on the Red Hat Registry but suffixed with a `-openshift`. For example, `registry.redhat.io/jboss-eap-6/eap64-openshift` is the name of the JBoss EAP image. diff --git a/post_installation_configuration/connected-to-disconnected.adoc b/post_installation_configuration/connected-to-disconnected.adoc index bbde8d5063..0cb48b9544 100644 --- a/post_installation_configuration/connected-to-disconnected.adoc +++ b/post_installation_configuration/connected-to-disconnected.adoc @@ -26,7 +26,7 @@ include::modules/installation-about-mirror-registry.adoc[leveloffset=+1] * An installed mirror registry, which is a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2/[Docker v2-2] in the location that will host the {product-title} cluster, such as one of the following registries: + -- -** link:https://www.redhat.com/en/technologies/cloud-computing/quay[Red Hat Quay] +** link:https://www.redhat.com/en/technologies/cloud-computing/quay[{quay}] ** link:https://jfrog.com/artifactory/[JFrog Artifactory] @@ -35,9 +35,9 @@ include::modules/installation-about-mirror-registry.adoc[leveloffset=+1] ** link:https://goharbor.io/[Harbor] -- + -If you have an subscription to Red Hat Quay, see the documentation on deploying Red Hat Quay link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploy_red_hat_quay_for_proof-of-concept_non-production_purposes/[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Quay Operator]. +If you have an subscription to {quay}, see the documentation on deploying {quay} link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploy_red_hat_quay_for_proof-of-concept_non-production_purposes/[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Quay Operator]. -* The mirror repository must be configured to share images. For example, a Red Hat Quay repository requires link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/use_red_hat_quay/index#user-org-intro_use-quay[Organizations] in order to share images. +* The mirror repository must be configured to share images. For example, a {quay} repository requires link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/use_red_hat_quay/index#user-org-intro_use-quay[Organizations] in order to share images. * Access to the internet to obtain the necessary container images. diff --git a/registry/index.adoc b/registry/index.adoc index 441f0922b1..c149a31f62 100644 --- a/registry/index.adoc +++ b/registry/index.adoc @@ -23,7 +23,7 @@ include::modules/registry-quay-overview.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* link:https://access.redhat.com/documentation/en-us/red_hat_quay/[Red Hat Quay product documentation] +* link:https://access.redhat.com/documentation/en-us/red_hat_quay/[{quay} product documentation] include::modules/registry-authentication-enabled-registry-overview.adoc[leveloffset=+1] diff --git a/security/container_security/security-registries.adoc b/security/container_security/security-registries.adoc index cd44baf0f2..0148b46eae 100644 --- a/security/container_security/security-registries.adoc +++ b/security/container_security/security-registries.adoc @@ -20,11 +20,11 @@ while the Red Hat Ecosystem Catalog offers detailed descriptions and health checks for those images. To manage your own registry, you could purchase a container registry such as -link:https://access.redhat.com/products/red-hat-quay[Red Hat Quay]. +link:https://access.redhat.com/products/red-hat-quay[{quay}]. From a security standpoint, some registries provide special features to check and improve the health of your containers. -For example, Red Hat Quay offers container vulnerability scanning +For example, {quay} offers container vulnerability scanning with Clair security scanner, build triggers to automatically rebuild images when source code changes in GitHub and other locations, and the ability to use role-based access control (RBAC) to diff --git a/security/pod-vulnerability-scan.adoc b/security/pod-vulnerability-scan.adoc index 01bcffcd69..aa2edc9e20 100644 --- a/security/pod-vulnerability-scan.adoc +++ b/security/pod-vulnerability-scan.adoc @@ -15,7 +15,7 @@ used in active pods on the cluster. The {rhq-cso}: vulnerability information, provided an image's registry is running image scanning (such as link:https://quay.io[Quay.io] or a -link:https://access.redhat.com/products/red-hat-quay[Red Hat Quay] registry with Clair scanning) +link:https://access.redhat.com/products/red-hat-quay[{quay}] registry with Clair scanning) * Exposes vulnerabilities via the `ImageManifestVuln` object in the Kubernetes API Using the instructions here, the {rhq-cso} is installed in the `openshift-operators` diff --git a/storage/persistent_storage/persistent_storage_local/persistent-storage-using-lvms.adoc b/storage/persistent_storage/persistent_storage_local/persistent-storage-using-lvms.adoc index 6628ba21e3..dfa698603e 100644 --- a/storage/persistent_storage/persistent_storage_local/persistent-storage-using-lvms.adoc +++ b/storage/persistent_storage/persistent_storage_local/persistent-storage-using-lvms.adoc @@ -33,7 +33,7 @@ include::modules/lvms-installing-logical-volume-manager-operator-disconnected-en * xref:../../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[Creating a mirror registry with mirror registry for Red Hat OpenShift] -* xref:../../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the OpenShift Container Platform image repository] +* xref:../../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the {product-title} image repository] * xref:../../../installing/disconnected_install/installing-mirroring-disconnected.adoc#oc-mirror-creating-image-set-config_installing-mirroring-disconnected[Creating the image set configuration] diff --git a/updating/updating_a_cluster/updating_disconnected_cluster/mirroring-image-repository.adoc b/updating/updating_a_cluster/updating_disconnected_cluster/mirroring-image-repository.adoc index 30268a545a..370b6d6771 100644 --- a/updating/updating_a_cluster/updating_disconnected_cluster/mirroring-image-repository.adoc +++ b/updating/updating_a_cluster/updating_disconnected_cluster/mirroring-image-repository.adoc @@ -68,14 +68,14 @@ You can use the `oc adm release mirror` command to mirror images to your mirror [id="prerequisites_updating-mirroring-disconnected"] === Prerequisites -* You must have a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2] in the location that will host the {product-title} cluster, such as Red Hat Quay. +* You must have a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2] in the location that will host the {product-title} cluster, such as {quay}. + [NOTE] ==== -If you use Red Hat Quay, you must use version 3.6 or later with the oc-mirror plugin. If you have an entitlement to Red Hat Quay, see the documentation on deploying Red Hat Quay link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html/proof_of_concept_-_deploying_red_hat_quay/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Quay Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support. +If you use {quay}, you must use version 3.6 or later with the oc-mirror plugin. If you have an entitlement to {quay}, see the documentation on deploying {quay} link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html/proof_of_concept_-_deploying_red_hat_quay/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Quay Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support. ==== + -If you do not have an existing solution for a container image registry, the xref:../../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift] is included in {product-title} subscriptions. The _mirror registry for Red Hat OpenShift_ is a small-scale container registry that you can use to mirror {product-title} container images in disconnected installations and updates. +If you do not have an existing solution for a container image registry, the xref:../../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift] is included in {product-title} subscriptions. The _mirror registry for Red{nbsp}Hat OpenShift_ is a small-scale container registry that you can use to mirror {product-title} container images in disconnected installations and updates. [id="updating-restricted-network-mirror-host"] === Preparing your mirror host diff --git a/welcome/index.adoc b/welcome/index.adoc index 4425e268b7..7737672f63 100644 --- a/welcome/index.adoc +++ b/welcome/index.adoc @@ -246,7 +246,7 @@ Manage machines, provide services to users, and follow monitoring and logging re - **Manage machines**: Manage xref:../machine_management/index.adoc#machine-mgmt-intro-managing-compute_overview-of-machine-management[compute] and xref:../machine_management/index.adoc#machine-mgmt-intro-managing-control-plane_overview-of-machine-management[control plane] machines in your cluster with machine sets, by xref:../machine_management/deploying-machine-health-checks.adoc#deploying-machine-health-checks[deploying health checks], and xref:../machine_management/applying-autoscaling.adoc#applying-autoscaling[applying autoscaling]. -- **xref:../registry/index.adoc#registry-overview[Manage container registries]**: Each {product-title} cluster includes a built-in container registry for storing its images. You can also configure a separate link:https://access.redhat.com/documentation/en-us/red_hat_quay/[Red Hat Quay] registry to use with {product-title}. The link:https://quay.io[Quay.io] website provides a public container registry that stores {product-title} containers and Operators. +- **xref:../registry/index.adoc#registry-overview[Manage container registries]**: Each {product-title} cluster includes a built-in container registry for storing its images. You can also configure a separate link:https://access.redhat.com/documentation/en-us/red_hat_quay/[{quay}] registry to use with {product-title}. The link:https://quay.io[Quay.io] website provides a public container registry that stores {product-title} containers and Operators. - **xref:../authentication/understanding-authentication.adoc#understanding-authentication[Manage users and groups]**: Add users and groups with different levels of permissions to use or modify clusters. diff --git a/welcome/oke_about.adoc b/welcome/oke_about.adoc index 7fcea97bd8..fc4698e037 100644 --- a/welcome/oke_about.adoc +++ b/welcome/oke_about.adoc @@ -183,7 +183,7 @@ Red Hat Middleware Bundles that include OpenShift embedded in them only contain for this support. === Quay Integration compatible -{oke} is compatible and supported with a Red Hat Quay purchase. +{oke} is compatible and supported with a {quay} purchase. === OpenShift Virtualization {oke} includes support for the Red Hat product offerings derived from @@ -324,7 +324,7 @@ s| Feature s| {oke} s| {product-title} s| Operator name | IDE Integrations | Not included | Included | N/A | {sandboxed-containers-first} | Not included | Not included | {sandboxed-containers-operator} | Windows Machine Config Operator | Community Windows Machine Config Operator included - no subscription required | Red Hat Windows Machine Config Operator included - Requires separate subscription | Windows Machine Config Operator -| Red Hat Quay | Not Included - Requires separate subscription | Not Included - Requires separate subscription | Quay Operator +| {quay} | Not Included - Requires separate subscription | Not Included - Requires separate subscription | Quay Operator | Red Hat Advanced Cluster Management | Not Included - Requires separate subscription | Not Included - Requires separate subscription | Advanced Cluster Management for Kubernetes | Red Hat Advanced Cluster Security | Not Included - Requires separate subscription | Not Included - Requires separate subscription | N/A | {rh-storage} | Not Included - Requires separate subscription | Not Included - Requires separate subscription | {rh-storage}