mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
CQA OMR 4.16 cherry-pick
This commit is contained in:
Steven Smith
@@ -21,7 +21,7 @@
|
||||
:openshift-networking: Red Hat OpenShift Networking
|
||||
:product-registry: OpenShift image registry
|
||||
:kebab: image:kebab.png[title="Options menu"]
|
||||
:rhq-short: Red Hat Quay
|
||||
:rhq-short: Red{nbsp}Hat Quay
|
||||
:SMProductName: Red Hat OpenShift Service Mesh
|
||||
:pipelines-title: Red Hat OpenShift Pipelines
|
||||
:sts-first: Security Token Service (STS)
|
||||
|
||||
@@ -183,10 +183,10 @@ endif::[]
|
||||
:SMProductVersion1x: 1.1.18.2
|
||||
// Windows containers
|
||||
:productwinc: Red{nbsp}Hat OpenShift support for Windows Containers
|
||||
// Red Hat Quay Container Security Operator
|
||||
:rhq-cso: Red Hat Quay Container Security Operator
|
||||
// Red Hat Quay
|
||||
:quay: Red Hat Quay
|
||||
// {quay} Container Security Operator
|
||||
:rhq-cso: Red{nbsp}Hat Quay Container Security Operator
|
||||
// {quay}
|
||||
:quay: Red{nbsp}Hat Quay
|
||||
:sno: single-node OpenShift
|
||||
:sno-caps: Single-node OpenShift
|
||||
:sno-okd: single-node OKD
|
||||
|
||||
@@ -184,8 +184,8 @@ content, including Helm charts.
|
||||
If you want your own, private container registry, {product-title} itself
|
||||
includes a private container registry that is installed with {product-title}
|
||||
and runs on its cluster. Red Hat also offers a private version of the Quay.io
|
||||
registry called link:https://access.redhat.com/products/red-hat-quay[Red Hat Quay].
|
||||
Red Hat Quay includes geo replication, Git build triggers, Clair image scanning,
|
||||
registry called link:https://access.redhat.com/products/red-hat-quay[{quay}].
|
||||
{quay} includes geo replication, Git build triggers, Clair image scanning,
|
||||
and many other features.
|
||||
|
||||
All of the registries mentioned here can require credentials to download images
|
||||
|
||||
@@ -44,7 +44,7 @@ include::modules/ztp-configuring-the-cluster-for-a-disconnected-environment.adoc
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
|
||||
* xref:../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the OpenShift Container Platform image repository]
|
||||
* xref:../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the {product-title} image repository]
|
||||
|
||||
include::modules/ztp-configuring-the-hub-cluster-to-use-unauthenticated-registries.adoc[leveloffset=+1]
|
||||
|
||||
|
||||
@@ -20,7 +20,7 @@ include::snippets/technology-preview.adoc[]
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
If you use {quay}, use version 3.6 or later with the oc-mirror plugin. See the documentation on link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[Deploying the Red Hat Quay Operator on OpenShift Container Platform (Red Hat Quay documentation)]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support.
|
||||
If you use {quay}, use version 3.6 or later with the oc-mirror plugin. See the documentation on link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[Deploying the {quay} Operator on OpenShift Container Platform ({quay} documentation)]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support.
|
||||
====
|
||||
|
||||
[Optional]
|
||||
|
||||
@@ -12,7 +12,7 @@ If you already have a container image registry, such as Red Hat Quay, you can sk
|
||||
|
||||
[IMPORTANT]
|
||||
====
|
||||
The _mirror registry for Red Hat OpenShift_ is not intended to be a substitute for a production deployment of {quay}.
|
||||
The _mirror registry for Red{nbsp}Hat OpenShift_ is not intended to be a substitute for a production deployment of {quay}.
|
||||
====
|
||||
|
||||
[id="prerequisites_installing-mirroring-creating-registry"]
|
||||
@@ -42,6 +42,10 @@ include::modules/mirror-registry-ssl-cert-replace.adoc[leveloffset=+1]
|
||||
include::modules/mirror-registry-uninstall.adoc[leveloffset=+1]
|
||||
include::modules/mirror-registry-flags.adoc[leveloffset=+1]
|
||||
include::modules/mirror-registry-release-notes.adoc[leveloffset=+1]
|
||||
include::modules/mirror-registry-release-notes-2-0.adoc[leveloffset=+2]
|
||||
include::modules/mirror-registry-release-notes-1-3.adoc[leveloffset=+2]
|
||||
include::modules/mirror-registry-release-notes-1-2.adoc[leveloffset=+2]
|
||||
include::modules/mirror-registry-release-notes-1-1.adoc[leveloffset=+2]
|
||||
include::modules/mirror-registry-troubleshooting.adoc[leveloffset=+1]
|
||||
|
||||
[id="additional-resources_installing-mirroring-creating-registry"]
|
||||
@@ -49,10 +53,10 @@ include::modules/mirror-registry-troubleshooting.adoc[leveloffset=+1]
|
||||
|
||||
* link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/garbage-collection#doc-wrapper[{quay} garbage collection]
|
||||
|
||||
* link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/using-ssl-to-protect-quay[Using SSL to protect connections to {quay}]
|
||||
* link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html-single/securing_red_hat_quay/index[Securing {quay}]
|
||||
|
||||
* link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/using-ssl-to-protect-quay#configuring_the_system_to_trust_the_certificate_authority[Configuring the system to trust the certificate authority]
|
||||
* link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html-single/securing_red_hat_quay/index#configuring-system-trust-ca[Configuring the system to trust the certificate authority]
|
||||
|
||||
* xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the OpenShift Container Platform image repository]
|
||||
* xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the {product-title} image repository]
|
||||
|
||||
* xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#olm-mirror-catalog_installing-mirroring-installation-images[Mirroring Operator catalogs for use with disconnected clusters]
|
||||
|
||||
@@ -32,14 +32,14 @@ include::modules/installation-about-mirror-registry.adoc[leveloffset=+1]
|
||||
[id="prerequisites_installing-mirroring-disconnected"]
|
||||
== Prerequisites
|
||||
|
||||
* You must have a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2] in the location that will host the {product-title} cluster, such as Red Hat Quay.
|
||||
* You must have a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2] in the location that will host the {product-title} cluster, such as {quay}.
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
If you use Red Hat Quay, you must use version 3.6 or later with the oc-mirror plugin. If you have an entitlement to Red Hat Quay, see the documentation on deploying Red Hat Quay link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html/proof_of_concept_-_deploying_red_hat_quay/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Red Hat Quay Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support.
|
||||
If you use {quay}, you must use version 3.6 or later with the oc-mirror plugin. If you have an entitlement to {quay}, see the documentation on deploying {quay} link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html/proof_of_concept_-_deploying_red_hat_quay/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the {quay} Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support.
|
||||
====
|
||||
+
|
||||
If you do not already have an existing solution for a container image registry, subscribers of {product-title} are provided a xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift]. The _mirror registry for Red Hat OpenShift_ is included with your subscription and is a small-scale container registry that can be used to mirror the required container images of {product-title} in disconnected installations.
|
||||
If you do not already have an existing solution for a container image registry, subscribers of {product-title} are provided a xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift]. The _mirror registry for Red{nbsp}Hat OpenShift_ is included with your subscription and is a small-scale container registry that can be used to mirror the required container images of {product-title} in disconnected installations.
|
||||
|
||||
[id="mirroring-preparing-your-hosts"]
|
||||
== Preparing your mirror hosts
|
||||
|
||||
@@ -26,15 +26,15 @@ to a mirror host, use the xref:../../installing/disconnected_install/installing-
|
||||
* You must have a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2] in the location that will host the {product-title} cluster, such as one of the following registries:
|
||||
+
|
||||
--
|
||||
** link:https://www.redhat.com/en/technologies/cloud-computing/quay[Red Hat Quay]
|
||||
** link:https://www.redhat.com/en/technologies/cloud-computing/quay[{quay}]
|
||||
** link:https://jfrog.com/artifactory/[JFrog Artifactory]
|
||||
** link:https://www.sonatype.com/products/repository-oss?topnav=true[Sonatype Nexus Repository]
|
||||
** link:https://goharbor.io/[Harbor]
|
||||
--
|
||||
+
|
||||
If you have an entitlement to Red Hat Quay, see the documentation on deploying Red Hat Quay link:https://docs.redhat.com/en/documentation/red_hat_quay/3.9/html/deploy_red_hat_quay_for_proof-of-concept_non-production_purposes/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Red Hat Quay Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support.
|
||||
If you have an entitlement to {quay}, see the documentation on deploying {quay} link:https://docs.redhat.com/en/documentation/red_hat_quay/3.9/html/deploy_red_hat_quay_for_proof-of-concept_non-production_purposes/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the {quay} Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support.
|
||||
|
||||
* If you do not already have an existing solution for a container image registry, subscribers of {product-title} are provided a xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift]. The _mirror registry for Red Hat OpenShift_ is included with your subscription and is a small-scale container registry that can be used to mirror the required container images of {product-title} in disconnected installations.
|
||||
* If you do not already have an existing solution for a container image registry, subscribers of {product-title} are provided a xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift]. The _mirror registry for Red{nbsp}Hat OpenShift_ is included with your subscription and is a small-scale container registry that can be used to mirror the required container images of {product-title} in disconnected installations.
|
||||
|
||||
include::modules/installation-about-mirror-registry.adoc[leveloffset=+1]
|
||||
|
||||
|
||||
@@ -23,7 +23,7 @@ If your Nutanix environment uses an internal CA to issue certificates, you must
|
||||
====
|
||||
Use 2048-bit certificates. The installation fails if you use 4096-bit certificates with Prism Central 2022.x.
|
||||
====
|
||||
* You have a container image registry, such as Red Hat Quay. If you do not already have a registry, you can create a mirror registry using xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[_mirror registry for Red Hat OpenShift_].
|
||||
* You have a container image registry, such as {quay}. If you do not already have a registry, you can create a mirror registry using xref:../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[_mirror registry for Red{nbsp}Hat OpenShift_].
|
||||
* You have used the xref:../../installing/disconnected_install/installing-mirroring-disconnected.adoc#installing-mirroring-disconnected[oc-mirror OpenShift CLI (oc) plugin] to mirror all of the required {product-title} content and other images, including the Nutanix CSI Operator, to your mirror registry.
|
||||
+
|
||||
[IMPORTANT]
|
||||
|
||||
@@ -93,9 +93,9 @@ cluster-wide management of those critical components.
|
||||
Operator Lifecycle Manager (OLM) and the OperatorHub provide facilities for
|
||||
storing and distributing Operators to people developing and deploying applications.
|
||||
|
||||
The Red Hat Quay Container Registry is a Quay.io container registry that serves
|
||||
The {quay} Container Registry is a Quay.io container registry that serves
|
||||
most of the container images and Operators to {product-title} clusters.
|
||||
Quay.io is a public registry version of Red Hat Quay that stores millions of images
|
||||
Quay.io is a public registry version of {quay} that stores millions of images
|
||||
and tags.
|
||||
|
||||
Other enhancements to Kubernetes in {product-title} include improvements in
|
||||
|
||||
@@ -34,7 +34,7 @@ endif::openshift-rosa,openshift-dedicated[]
|
||||
. Configure mirrored repositories, by either:
|
||||
+
|
||||
--
|
||||
* Setting up a mirrored repository with Red Hat Quay, as described in link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/repo-mirroring-in-red-hat-quay[Red Hat Quay Repository Mirroring]. Using Red Hat Quay allows you to copy images from one repository to another and also automatically sync those repositories repeatedly over time.
|
||||
* Setting up a mirrored repository with {quay}, as described in link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/manage_red_hat_quay/repo-mirroring-in-red-hat-quay[{quay} Repository Mirroring]. Using {quay} allows you to copy images from one repository to another and also automatically sync those repositories repeatedly over time.
|
||||
|
||||
* Using a tool such as `skopeo` to copy images manually from the source repository to the mirrored repository.
|
||||
+
|
||||
|
||||
@@ -16,7 +16,7 @@ To qualify as an infrastructure node and use the included entitlement, only comp
|
||||
* The HAProxy-based Ingress Controller
|
||||
* The cluster metrics collection, or monitoring service, including components for monitoring user-defined projects
|
||||
* Cluster aggregated logging
|
||||
* Red Hat Quay
|
||||
* {quay}
|
||||
* {rh-storage-first}
|
||||
* Red Hat Advanced Cluster Management for Kubernetes
|
||||
* Red Hat Advanced Cluster Security for Kubernetes
|
||||
|
||||
@@ -18,12 +18,12 @@ endif::[]
|
||||
= About the mirror registry
|
||||
|
||||
ifndef::oc-mirror[]
|
||||
You can mirror the images that are required for {product-title} installation and subsequent product updates to a container mirror registry such as Red Hat Quay, JFrog Artifactory, Sonatype Nexus Repository, or Harbor. If you do not have access to a large-scale container registry, you can use the _mirror registry for Red Hat OpenShift_, a small-scale container registry included with {product-title} subscriptions.
|
||||
You can mirror the images that are required for {product-title} installation and subsequent product updates to a container mirror registry such as {quay}, JFrog Artifactory, Sonatype Nexus Repository, or Harbor. If you do not have access to a large-scale container registry, you can use the _mirror registry for Red{nbsp}Hat OpenShift_, a small-scale container registry included with {product-title} subscriptions.
|
||||
|
||||
You can use any container registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2], such as Red Hat Quay, the _mirror registry for Red Hat OpenShift_, Artifactory, Sonatype Nexus Repository, or Harbor. Regardless of your chosen registry, the procedure to mirror content from Red Hat hosted sites on the internet to an isolated image registry is the same. After you mirror the content, you configure each cluster to retrieve this content from your mirror registry.
|
||||
You can use any container registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2], such as {quay}, the _mirror registry for Red{nbsp}Hat OpenShift_, Artifactory, Sonatype Nexus Repository, or Harbor. Regardless of your chosen registry, the procedure to mirror content from Red Hat hosted sites on the internet to an isolated image registry is the same. After you mirror the content, you configure each cluster to retrieve this content from your mirror registry.
|
||||
endif::[]
|
||||
ifdef::oc-mirror[]
|
||||
You can mirror the images that are required for {product-title} installation and subsequent product updates to a container mirror registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2], such as Red Hat Quay. If you do not have access to a large-scale container registry, you can use the _mirror registry for Red Hat OpenShift_, which is a small-scale container registry included with {product-title} subscriptions.
|
||||
You can mirror the images that are required for {product-title} installation and subsequent product updates to a container mirror registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2], such as {quay}. If you do not have access to a large-scale container registry, you can use the _mirror registry for Red{nbsp}Hat OpenShift_, which is a small-scale container registry included with {product-title} subscriptions.
|
||||
|
||||
Regardless of your chosen registry, the procedure to mirror content from Red Hat hosted sites on the internet to an isolated image registry is the same. After you mirror the content, you configure each cluster to retrieve this content from your mirror registry.
|
||||
endif::[]
|
||||
@@ -33,7 +33,7 @@ endif::[]
|
||||
The {product-registry} cannot be used as the target registry because it does not support pushing without a tag, which is required during the mirroring process.
|
||||
====
|
||||
|
||||
If choosing a container registry that is not the _mirror registry for Red Hat OpenShift_, it must be reachable by every machine in the clusters that you provision. If the registry is unreachable, installation, updating, or normal operations such as workload relocation might fail. For that reason, you must run mirror registries in a highly available way, and the mirror registries must at least match the production availability of your {product-title} clusters.
|
||||
If choosing a container registry that is not the _mirror registry for Red{nbsp}Hat OpenShift_, it must be reachable by every machine in the clusters that you provision. If the registry is unreachable, installation, updating, or normal operations such as workload relocation might fail. For that reason, you must run mirror registries in a highly available way, and the mirror registries must at least match the production availability of your {product-title} clusters.
|
||||
|
||||
When you populate your mirror registry with {product-title} images, you can follow two scenarios. If you have a host that can access both the internet and your mirror registry, but not your cluster nodes, you can directly mirror the content from that machine. This process is referred to as _connected mirroring_. If you have no such host, you must mirror the images to a file system and then bring that host or removable media into your restricted environment. This process is referred to as _disconnected mirroring_.
|
||||
|
||||
|
||||
@@ -32,7 +32,7 @@ endif::restricted[]
|
||||
The following procedure creates a simple registry that stores data in the
|
||||
`/opt/registry` folder and runs in a `podman` container. You can use a different
|
||||
registry solution, such as
|
||||
link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#repo-mirroring-in-red-hat-quay[Red Hat Quay].
|
||||
link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#repo-mirroring-in-red-hat-quay[{quay}].
|
||||
Review the following procedure to ensure that your registry functions
|
||||
correctly.
|
||||
====
|
||||
|
||||
@@ -13,7 +13,7 @@ You can use the oc-mirror OpenShift CLI (oc) plugin with {microshift-short} to f
|
||||
{microshift-short} uses the generally available version (1) of the oc-mirror plugin. Do not use the following procedures with the Technical Preview version (2) of oc-mirror plugin.
|
||||
====
|
||||
|
||||
You can mirror the container images required by the desired Operators locally or to a container mirror registry that supports link:https://docs.docker.com/registry/[Docker v2-2], such as Red Hat Quay. The procedure to mirror content from Red Hat-hosted registries connected to the internet to a disconnected image registry is the same, independent of the registry you choose. After you mirror the contents of your catalog, configure each cluster to retrieve this content from your mirror registry.
|
||||
You can mirror the container images required by the desired Operators locally or to a container mirror registry that supports link:https://docs.docker.com/registry/[Docker v2-2], such as {quay}. The procedure to mirror content from Red Hat-hosted registries connected to the internet to a disconnected image registry is the same, independent of the registry you choose. After you mirror the contents of your catalog, configure each cluster to retrieve this content from your mirror registry.
|
||||
|
||||
[id="microshift-populate-mirror-registry-connectivity_{context}"]
|
||||
== Connectivity considerations when populating a mirror registry
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
[id="mirror-registry-flags_{context}"]
|
||||
= Mirror registry for Red Hat OpenShift flags
|
||||
|
||||
The following flags are available for the _mirror registry for Red Hat OpenShift_:
|
||||
The following flags are available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
[options="header",cols="1,3"]
|
||||
|===
|
||||
@@ -24,8 +24,8 @@ The following flags are available for the _mirror registry for Red Hat OpenShift
|
||||
| `--sslKey` | The path to the SSL/TLS private key used for HTTPS communication. Defaults to `{quayRoot}/quay-config` and is auto-generated if left unspecified.
|
||||
| `--targetHostname`, `-H` | The hostname of the target you want to install Quay to. Defaults to `$HOST`, for example, a local host, if left unspecified.
|
||||
| `--targetUsername`, `-u` | The user on the target host which will be used for SSH. Defaults to `$USER`, for example, the current user if left unspecified.
|
||||
| `--verbose`, `-v` | Shows debug logs and Ansible playbook outputs.
|
||||
| `--version` | Shows the version for the _mirror registry for Red Hat OpenShift_.
|
||||
| `--verbose`, `-v` | Shows debug logs and Ansible Playbook outputs.
|
||||
| `--version` | Shows the version for the _mirror registry for Red{nbsp}Hat OpenShift_.
|
||||
|===
|
||||
[.small]
|
||||
1. `--quayHostname` must be modified if the public DNS name of your system is different from the local hostname. Additionally, the `--quayHostname` flag does not support installation with an IP address. Installation with a hostname is required.
|
||||
|
||||
@@ -2,35 +2,36 @@
|
||||
//
|
||||
// * installing/disconnected_install/installing-mirroring-installation-images.adoc
|
||||
|
||||
:_mod-docs-content-type: CONCEPT
|
||||
[id="mirror-registry-introduction_{context}"]
|
||||
= Mirror registry for Red Hat OpenShift introduction
|
||||
|
||||
For disconnected deployments of {product-title}, a container registry is required to carry out the installation of the clusters. To run a production-grade registry service on such a cluster, you must create a separate registry deployment to install the first cluster. The _mirror registry for Red Hat OpenShift_ addresses this need and is included in every OpenShift subscription. It is available for download on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page.
|
||||
For disconnected deployments of {product-title}, a container registry is required to carry out the installation of the clusters. To run a production-grade registry service on such a cluster, you must create a separate registry deployment to install the first cluster. The _mirror registry for Red{nbsp}Hat OpenShift_ addresses this need and is included in every OpenShift subscription. It is available for download on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page.
|
||||
|
||||
The _mirror registry for Red Hat OpenShift_ allows users to install a small-scale version of Red Hat Quay and its required components using the `mirror-registry` command-line interface (CLI) tool. The _mirror registry for Red Hat OpenShift_ is deployed automatically with preconfigured local storage and a local database. It also includes auto-generated user credentials and access permissions with a single set of inputs and no additional configuration choices to get started.
|
||||
The _mirror registry for Red{nbsp}Hat OpenShift_ allows users to install a small-scale version of {quay} and its required components by using the `mirror-registry` command-line interface (CLI) tool. The _mirror registry for Red{nbsp}Hat OpenShift_ is deployed automatically with pre-configured local storage and a local database. It also includes auto-generated user credentials and access permissions with a single set of inputs and no additional configuration choices to get started.
|
||||
|
||||
The _mirror registry for Red Hat OpenShift_ provides a pre-determined network configuration and reports deployed component credentials and access URLs upon success. A limited set of optional configuration inputs like fully qualified domain name (FQDN) services, superuser name and password, and custom TLS certificates are also provided. This provides users with a container registry so that they can easily create an offline mirror of all {product-title} release content when running {product-title} in restricted network environments.
|
||||
The _mirror registry for Red{nbsp}Hat OpenShift_ provides a pre-determined network configuration and reports deployed component credentials and access URLs upon success. A limited set of optional configuration inputs such as fully qualified domain name (FQDN) services, superuser name and password, and custom TLS certificates are also provided. This provides users with a container registry so that they can easily create an offline mirror of all {product-title} release content when running {product-title} in restricted network environments.
|
||||
|
||||
Use of the _mirror registry for Red Hat OpenShift_ is optional if another container registry is already available in the install environment.
|
||||
Use of the _mirror registry for Red{nbsp}Hat OpenShift_ is optional if another container registry is already available in the install environment.
|
||||
|
||||
[id="mirror-registry-limitations_{context}"]
|
||||
== Mirror registry for Red Hat OpenShift limitations
|
||||
|
||||
The following limitations apply to the _mirror registry for Red Hat OpenShift_:
|
||||
The following limitations apply to the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* The _mirror registry for Red Hat OpenShift_ is not a highly-available registry and only local file system storage is supported. It is not intended to replace {quay} or the internal image registry for {product-title}.
|
||||
* The _mirror registry for Red{nbsp}Hat OpenShift_ is not a highly-available registry and only local file system storage is supported. It is not intended to replace {quay} or the internal image registry for {product-title}.
|
||||
|
||||
* The _mirror registry for Red Hat OpenShift_ is not intended to be a substitute for a production deployment of {quay}.
|
||||
* The _mirror registry for Red{nbsp}Hat OpenShift_ is not intended to be a substitute for a production deployment of {quay}.
|
||||
|
||||
* The _mirror registry for Red Hat OpenShift_ is only supported for hosting images that are required to install a disconnected {product-title} cluster, such as Release images or Red Hat Operator images. It uses local storage on your {op-system-base-full} machine, and storage supported by {op-system-base} is supported by the _mirror registry for Red Hat OpenShift_.
|
||||
* The _mirror registry for Red{nbsp}Hat OpenShift_ is only supported for hosting images that are required to install a disconnected {product-title} cluster, such as Release images or Red Hat Operator images. It uses local storage on your {op-system-base-full} machine, and storage supported by {op-system-base} is supported by the _mirror registry for Red{nbsp}Hat OpenShift_.
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
Because the _mirror registry for Red Hat OpenShift_ uses local storage, you should remain aware of the storage usage consumed when mirroring images and use {quay}'s garbage collection feature to mitigate potential issues. For more information about this feature, see "{quay} garbage collection".
|
||||
Because the _mirror registry for Red{nbsp}Hat OpenShift_ uses local storage, you should remain aware of the storage usage consumed when mirroring images and use {quay}'s garbage collection feature to mitigate potential issues. For more information about this feature, see "{quay} garbage collection".
|
||||
====
|
||||
|
||||
* Support for Red Hat product images that are pushed to the _mirror registry for Red Hat OpenShift_ for bootstrapping purposes are covered by valid subscriptions for each respective product. A list of exceptions to further enable the bootstrap experience can be found on the link:https://www.redhat.com/en/resources/self-managed-openshift-sizing-subscription-guide[Self-managed Red Hat OpenShift sizing and subscription guide].
|
||||
* Support for Red Hat product images that are pushed to the _mirror registry for Red{nbsp}Hat OpenShift_ for bootstrapping purposes are covered by valid subscriptions for each respective product. A list of exceptions to further enable the bootstrap experience can be found on the link:https://www.redhat.com/en/resources/self-managed-openshift-sizing-subscription-guide[Self-managed Red Hat OpenShift sizing and subscription guide].
|
||||
|
||||
* Content built by customers should not be hosted by the _mirror registry for Red Hat OpenShift_.
|
||||
* Content built by customers should not be hosted by the _mirror registry for Red{nbsp}Hat OpenShift_.
|
||||
|
||||
* Using the _mirror registry for Red Hat OpenShift_ with more than one cluster is discouraged because multiple clusters can create a single point of failure when updating your cluster fleet. It is advised to leverage the _mirror registry for Red Hat OpenShift_ to install a cluster that can host a production-grade, highly-available registry such as {quay}, which can serve {product-title} content to other clusters.
|
||||
* Using the _mirror registry for Red{nbsp}Hat OpenShift_ with more than one cluster is discouraged because multiple clusters can create a single point of failure when updating your cluster fleet. Instead, use the _mirror registry for Red{nbsp}Hat OpenShift_ to install a cluster that can host a production-grade, highly-available registry such as {quay}, which can serve {product-title} content to other clusters.
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
[id="mirror-registry-localhost-update_{context}"]
|
||||
= Updating mirror registry for Red Hat OpenShift from a local host
|
||||
|
||||
This procedure explains how to update the _mirror registry for Red Hat OpenShift_ from a local host using the `upgrade` command. Updating to the latest version ensures new features, bug fixes, and security vulnerability fixes.
|
||||
This procedure explains how to update the _mirror registry for Red{nbsp}Hat OpenShift_ from a local host using the `upgrade` command. Updating to the latest version ensures new features, bug fixes, and security vulnerability fixes.
|
||||
|
||||
[IMPORTANT]
|
||||
====
|
||||
@@ -21,11 +21,11 @@ When upgrading from version 1 to version 2, be aware of the following constraint
|
||||
|
||||
.Prerequisites
|
||||
|
||||
* You have installed the _mirror registry for Red Hat OpenShift_ on a local host.
|
||||
* You have installed the _mirror registry for Red{nbsp}Hat OpenShift_ on a local host.
|
||||
|
||||
.Procedure
|
||||
|
||||
* If you are upgrading the _mirror registry for Red Hat OpenShift_ from 1.3 -> 2.y, and your installation directory is the default at `/etc/quay-install`, you can enter the following command:
|
||||
* If you are upgrading the _mirror registry for Red{nbsp}Hat OpenShift_ from 1.3 -> 2.y, and your installation directory is the default at `/etc/quay-install`, you can enter the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
@@ -34,9 +34,9 @@ $ sudo ./mirror-registry upgrade -v
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
* _mirror registry for Red Hat OpenShift_ migrates Podman volumes for Quay storage, Postgres data, and `/etc/quay-install` data to the new `$HOME/quay-install` location. This allows you to use _mirror registry for Red Hat OpenShift_ without the `--quayRoot` flag during future upgrades.
|
||||
* _mirror registry for Red{nbsp}Hat OpenShift_ migrates Podman volumes for {quay} storage, Postgres data, and `/etc/quay-install` data to the new `$HOME/quay-install` location. This allows you to use _mirror registry for Red{nbsp}Hat OpenShift_ without the `--quayRoot` flag during future upgrades.
|
||||
|
||||
* Users who upgrade _mirror registry for Red Hat OpenShift_ with the `./mirror-registry upgrade -v` flag must include the same credentials used when creating their mirror registry. For example, if you installed the _mirror registry for Red Hat OpenShift_ with `--quayHostname <host_example_com>` and `--quayRoot <example_directory_name>`, you must include that string to properly upgrade the mirror registry.
|
||||
* Users who upgrade _mirror registry for Red{nbsp}Hat OpenShift_ with the `./mirror-registry upgrade -v` flag must include the same credentials used when creating their mirror registry. For example, if you installed the _mirror registry for Red{nbsp}Hat OpenShift_ with `--quayHostname <host_example_com>` and `--quayRoot <example_directory_name>`, you must include that string to properly upgrade the mirror registry.
|
||||
====
|
||||
|
||||
* If you are upgrading _the mirror registry for Red Hat OpenShift_ from 1.3 -> 2.y and you used a custom quay configuration and storage directory in your 1.y deployment, you must pass in the `--quayRoot` and `--quayStorage` flags. For example:
|
||||
@@ -46,9 +46,25 @@ $ sudo ./mirror-registry upgrade -v
|
||||
$ sudo ./mirror-registry upgrade --quayHostname <host_example_com> --quayRoot <example_directory_name> --quayStorage <example_directory_name>/quay-storage -v
|
||||
----
|
||||
|
||||
* If you are upgrading the _mirror registry for Red Hat OpenShift_ from 1.3 -> 2.y and want to specify a custom SQLite storage path, you must pass in the `--sqliteStorage` flag, for example:
|
||||
* If you are upgrading the _mirror registry for Red{nbsp}Hat OpenShift_ from 1.3 -> 2.y and want to specify a custom SQLite storage path, you must pass in the `--sqliteStorage` flag, for example:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ sudo ./mirror-registry upgrade --sqliteStorage <example_directory_name>/sqlite-storage -v
|
||||
----
|
||||
|
||||
.Verification
|
||||
|
||||
. Ensure that _mirror registry for Red{nbsp}Hat OpenShift_ has been updated by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ podman ps
|
||||
----
|
||||
+
|
||||
.Example output
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
registry.redhat.io/quay/quay-rhel8:v3.12.10
|
||||
----
|
||||
@@ -6,18 +6,18 @@
|
||||
[id="mirror-registry-localhost_{context}"]
|
||||
= Mirroring on a local host with mirror registry for Red Hat OpenShift
|
||||
|
||||
This procedure explains how to install the _mirror registry for Red Hat OpenShift_ on a local host using the `mirror-registry` installer tool. By doing so, users can create a local host registry running on port 443 for the purpose of storing a mirror of {product-title} images.
|
||||
This procedure explains how to install the _mirror registry for Red{nbsp}Hat OpenShift_ on a local host using the `mirror-registry` installer tool. By doing so, users can create a local host registry running on port 443 for the purpose of storing a mirror of {product-title} images.
|
||||
|
||||
[NOTE]
|
||||
====
|
||||
Installing the _mirror registry for Red Hat OpenShift_ using the `mirror-registry` CLI tool makes several changes to your machine. After installation, a `$HOME/quay-install` directory is created, which has installation files, local storage, and the configuration bundle. Trusted SSH keys are generated in case the deployment target is the local host, and systemd files on the host machine are set up to ensure that container runtimes are persistent. Additionally, an initial user named `init` is created with an automatically generated password. All access credentials are printed at the end of the install routine.
|
||||
Installing the _mirror registry for Red{nbsp}Hat OpenShift_ using the `mirror-registry` CLI tool makes several changes to your machine. After installation, a `$HOME/quay-install` directory is created, which has installation files, local storage, and the configuration bundle. Trusted SSH keys are generated in case the deployment target is the local host, and systemd files on the host machine are set up to ensure that container runtimes are persistent. Additionally, an initial user named `init` is created with an automatically generated password. All access credentials are printed at the end of the install routine.
|
||||
====
|
||||
|
||||
.Procedure
|
||||
|
||||
. Download the `mirror-registry.tar.gz` package for the latest version of the _mirror registry for Red Hat OpenShift_ found on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page.
|
||||
. Download the `mirror-registry.tar.gz` package for the latest version of the _mirror registry for Red{nbsp}Hat OpenShift_ found on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page.
|
||||
|
||||
. Install the _mirror registry for Red Hat OpenShift_ on your local host with your current user account by using the `mirror-registry` tool. For a full list of available flags, see "mirror registry for Red Hat OpenShift flags".
|
||||
. Install the _mirror registry for Red{nbsp}Hat OpenShift_ on your local host with your current user account by using the `mirror-registry` tool. For a full list of available flags, see "mirror registry for Red Hat OpenShift flags".
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
@@ -26,7 +26,7 @@ $ ./mirror-registry install \
|
||||
--quayRoot <example_directory_name>
|
||||
----
|
||||
|
||||
. Use the user name and password generated during installation to log into the registry by running the following command:
|
||||
. Use the username and password generated during installation to log in to the registry by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
@@ -35,7 +35,7 @@ $ podman login -u init \
|
||||
<host_example_com>:8443> \
|
||||
--tls-verify=false <1>
|
||||
----
|
||||
<1> You can avoid running `--tls-verify=false` by configuring your system to trust the generated rootCA certificates. See "Using SSL to protect connections to Red Hat Quay" and "Configuring the system to trust the certificate authority" for more information.
|
||||
<1> You can avoid running `--tls-verify=false` by configuring your system to trust the generated rootCA certificates. See "Securing {quay}" and "Configuring the system to trust the certificate authority" for more information.
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
@@ -46,5 +46,5 @@ You can also log in by accessing the UI at `\https://<host.example.com>:8443` af
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
If there are issues with images stored by the _mirror registry for Red Hat OpenShift_ due to storage layer problems, you can remirror the {product-title} images, or reinstall mirror registry on more stable storage.
|
||||
If there are issues with images stored by the _mirror registry for Red{nbsp}Hat OpenShift_ due to storage layer problems, you can remirror the {product-title} images, or reinstall mirror registry on more stable storage.
|
||||
====
|
||||
|
||||
9
modules/mirror-registry-release-notes-1-1.adoc
Normal file
9
modules/mirror-registry-release-notes-1-1.adoc
Normal file
@@ -0,0 +1,9 @@
|
||||
// module included in the following assembly:
|
||||
//
|
||||
// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
|
||||
|
||||
:_mod-docs-content-type: REFERENCE
|
||||
[id="mirror-registry-release-notes-1-1_{context}"]
|
||||
= Mirror registry for Red{nbsp}Hat OpenShift 1.1 release notes
|
||||
|
||||
To view the _mirror registry for Red{nbsp}Hat OpenShift_ 1.1 release notes, see link:https://docs.openshift.com/container-platform/4.15/installing/disconnected_install/installing-mirroring-creating-registry.html#mirror-registry-release-notes-1-1_installing-mirroring-creating-registry[Mirror registry for Red Hat OpenShift 1.1 release notes].
|
||||
9
modules/mirror-registry-release-notes-1-2.adoc
Normal file
9
modules/mirror-registry-release-notes-1-2.adoc
Normal file
@@ -0,0 +1,9 @@
|
||||
// module included in the following assembly:
|
||||
//
|
||||
// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
|
||||
|
||||
:_mod-docs-content-type: REFERENCE
|
||||
[id="mirror-registry-release-notes-1-2_{context}"]
|
||||
= Mirror registry for Red{nbsp}Hat OpenShift 1.2 release notes
|
||||
|
||||
To view the _mirror registry for Red{nbsp}Hat OpenShift_ 1.2 release notes, see link:https://docs.openshift.com/container-platform/4.15/installing/disconnected_install/installing-mirroring-creating-registry.html#mirror-registry-release-notes-1-2_installing-mirroring-creating-registry[Mirror registry for Red{nbsp}Hat OpenShift 1.2 release notes].
|
||||
9
modules/mirror-registry-release-notes-1-3.adoc
Normal file
9
modules/mirror-registry-release-notes-1-3.adoc
Normal file
@@ -0,0 +1,9 @@
|
||||
// module included in the following assembly:
|
||||
//
|
||||
// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
|
||||
|
||||
:_mod-docs-content-type: REFERENCE
|
||||
[id="mirror-registry-release-notes-1-3_{context}"]
|
||||
= Mirror registry for Red{nbsp}Hat OpenShift 1.3 release notes
|
||||
|
||||
To view the _mirror registry for Red{nbsp}Hat OpenShift_ 1.3 release notes, see link:https://docs.openshift.com/container-platform/4.19/installing/disconnected_install/installing-mirroring-creating-registry.html#mirror-registry-release-notes-1-3_installing-mirroring-creating-registry[Mirror registry for Red{nbsp}Hat OpenShift 1.3 release notes].
|
||||
107
modules/mirror-registry-release-notes-2-0.adoc
Normal file
107
modules/mirror-registry-release-notes-2-0.adoc
Normal file
@@ -0,0 +1,107 @@
|
||||
// module included in the following assembly:
|
||||
//
|
||||
// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
|
||||
|
||||
:_mod-docs-content-type: REFERENCE
|
||||
[id="mirror-registry-release-notes-2-0_{context}"]
|
||||
= Mirror registry for Red{nbsp}Hat OpenShift 2.0 release notes
|
||||
|
||||
The following sections provide details for each 2.0 release of the mirror registry for Red{nbsp}Hat OpenShift.
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-7_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 2.0.7
|
||||
|
||||
Issued: 14 July 2025
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.10.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2025:9645[RHBA-2025:9645 - mirror registry for Red{nbsp}Hat OpenShift 2.0.7]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-6_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 2.0.6
|
||||
|
||||
Issued: 28 April 2025
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.8.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2025:4251[RHBA-2025:4251 - mirror registry for Red{nbsp}Hat OpenShift 2.0.6]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-5_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 2.0.5
|
||||
|
||||
Issued: 13 January 2025
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.5.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2025:0298[RHBA-2025:0298 - mirror registry for Red{nbsp}Hat OpenShift 2.0.5]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-4_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 2.0.4
|
||||
|
||||
Issued: 06 January 2025
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.4.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2025:0033[RHBA-2025:0033 - mirror registry for Red{nbsp}Hat OpenShift 2.0.4]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-3_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 2.0.3
|
||||
|
||||
Issued: 25 November 2024
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.3.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2024:10181[RHBA-2024:10181 - mirror registry for Red{nbsp}Hat OpenShift 2.0.3]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-2_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 2.0.2
|
||||
|
||||
Issued: 31 October 2024
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.2.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2024:8370[RHBA-2024:8370 - mirror registry for Red{nbsp}Hat OpenShift 2.0.2]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-1_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 2.0.1
|
||||
|
||||
Issued: 26 September 2024
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.1.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2024:7070[RHBA-2024:7070 - mirror registry for Red{nbsp}Hat OpenShift 2.0.1]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-0_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 2.0.0
|
||||
|
||||
Issued: 03 September 2024
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.0.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2024:5277[RHBA-2024:5277 - mirror registry for Red{nbsp}Hat OpenShift 2.0.0]
|
||||
|
||||
The following new features are available with _mirror registry for Red{nbsp}Hat OpenShift_ 2.0.0:
|
||||
|
||||
* With the release of _mirror registry for Red{nbsp}Hat OpenShift_, the internal database has been upgraded from PostgreSQL to SQLite. As a result, data is now stored on the `sqlite-storage` Podman volume by default, and the overall tarball size is reduced by 300 MB.
|
||||
+
|
||||
New installations use SQLite by default. Before upgrading to version 2.0, see "Updating mirror registry for Red Hat OpenShift from a local host" or "Updating mirror registry for Red Hat OpenShift from a remote host" depending on your environment.
|
||||
|
||||
* A new feature flag, `--sqliteStorage` has been added. With this flag, you can manually set the location where SQLite database data is saved.
|
||||
|
||||
* _Mirror registry for Red{nbsp}Hat OpenShift_ is now available on {ibm-power-title} and {ibm-z-title} architectures (`s390x` and `ppc64le`).
|
||||
@@ -2,128 +2,10 @@
|
||||
//
|
||||
// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
|
||||
|
||||
:_mod-docs-content-type: REFERENCE
|
||||
[id="mirror-registry-release-notes_{context}"]
|
||||
= Mirror registry for Red{nbsp}Hat OpenShift release notes
|
||||
|
||||
The _mirror registry for Red{nbsp}Hat OpenShift_ is a small and streamlined container registry that you can use as a target for mirroring the required container images of {product-title} for disconnected installations.
|
||||
|
||||
These release notes track the development of the _mirror registry for Red{nbsp}Hat OpenShift_ in {product-title}.
|
||||
|
||||
[id="mirror-registry-release-notes-2-0_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 2.0 release notes
|
||||
|
||||
The following sections provide details for each 2.0 release of the mirror registry for Red{nbsp}Hat OpenShift.
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-7_{context}"]
|
||||
=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.7
|
||||
|
||||
Issued: 14 July 2025
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.10.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2025:9645[RHBA-2025:9645 - mirror registry for Red{nbsp}Hat OpenShift 2.0.7]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-6_{context}"]
|
||||
=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.6
|
||||
|
||||
Issued: 28 April 2025
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.8.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2025:4251[RHBA-2025:4251 - mirror registry for Red{nbsp}Hat OpenShift 2.0.6]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-5_{context}"]
|
||||
=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.5
|
||||
|
||||
Issued: 13 January 2025
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.5.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2025:0298[RHBA-2025:0298 - mirror registry for Red{nbsp}Hat OpenShift 2.0.5]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-4_{context}"]
|
||||
=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.4
|
||||
|
||||
Issued: 06 January 2025
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.4.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2025:0033[RHBA-2025:0033 - mirror registry for Red{nbsp}Hat OpenShift 2.0.4]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-3_{context}"]
|
||||
=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.3
|
||||
|
||||
Issued: 25 November 2024
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.3.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2024:10181[RHBA-2024:10181 - mirror registry for Red{nbsp}Hat OpenShift 2.0.3]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-2_{context}"]
|
||||
=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.2
|
||||
|
||||
Issued: 31 October 2024
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.2.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2024:8370[RHBA-2024:8370 - mirror registry for Red{nbsp}Hat OpenShift 2.0.2]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-1_{context}"]
|
||||
=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.1
|
||||
|
||||
Issued: 26 September 2024
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.1.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2024:7070[RHBA-2024:7070 - mirror registry for Red{nbsp}Hat OpenShift 2.0.1]
|
||||
|
||||
[id="mirror-registry-for-openshift-2-0-0_{context}"]
|
||||
=== Mirror registry for Red{nbsp}Hat OpenShift 2.0.0
|
||||
|
||||
Issued: 03 September 2024
|
||||
|
||||
_Mirror registry for Red{nbsp}Hat OpenShift_ is now available with Red{nbsp}Hat Quay 3.12.0.
|
||||
|
||||
The following advisory is available for the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
|
||||
* link:https://access.redhat.com/errata/RHBA-2024:5277[RHBA-2024:5277 - mirror registry for Red{nbsp}Hat OpenShift 2.0.0]
|
||||
|
||||
[id="mirror-registry-new-features-2-0_{context}"]
|
||||
==== New features
|
||||
|
||||
* With the release of _mirror registry for Red{nbsp}Hat OpenShift_, the internal database has been upgraded from PostgreSQL to SQLite. As a result, data is now stored on the `sqlite-storage` Podman volume by default, and the overall tarball size is reduced by 300 MB.
|
||||
+
|
||||
New installations use SQLite by default. Before upgrading to version 2.0, see "Updating mirror registry for Red Hat OpenShift from a local host" or "Updating mirror registry for Red Hat OpenShift from a remote host" depending on your environment.
|
||||
|
||||
* A new feature flag, `--sqliteStorage` has been added. With this flag, you can manually set the location where SQLite database data is saved.
|
||||
|
||||
* _Mirror registry for Red{nbsp}Hat OpenShift_ is now available on {ibm-power-title} and {ibm-z-title} architectures (`s390x` and `ppc64le`).
|
||||
|
||||
[id="mirror-registry-release-notes-1-3_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 1.3 release notes
|
||||
|
||||
To view the _mirror registry for Red{nbsp}Hat OpenShift_ 1.3 release notes, see link:https://docs.openshift.com/container-platform/4.16/installing/disconnected_install/installing-mirroring-creating-registry.html#mirror-registry-release-notes-1-3_installing-mirroring-creating-registry[Mirror registry for Red{nbsp}Hat OpenShift 1.3 release notes].
|
||||
|
||||
[id="mirror-registry-release-notes-1-2_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 1.2 release notes
|
||||
|
||||
To view the _mirror registry for Red{nbsp}Hat OpenShift_ 1.2 release notes, see link:https://docs.openshift.com/container-platform/4.15/installing/disconnected_install/installing-mirroring-creating-registry.html#mirror-registry-release-notes-1-2_installing-mirroring-creating-registry[Mirror registry for Red{nbsp}Hat OpenShift 1.2 release notes].
|
||||
|
||||
[id="mirror-registry-release-notes-1-1_{context}"]
|
||||
== Mirror registry for Red{nbsp}Hat OpenShift 1.1 release notes
|
||||
|
||||
To view the _mirror registry for Red{nbsp}Hat OpenShift_ 1.1 release notes, see link:https://docs.openshift.com/container-platform/4.15/installing/disconnected_install/installing-mirroring-creating-registry.html#mirror-registry-release-notes-1-1_installing-mirroring-creating-registry[Mirror registry for Red Hat OpenShift 1.1 release notes].
|
||||
These release notes track the development of the _mirror registry for Red{nbsp}Hat OpenShift_ in {product-title}.
|
||||
@@ -6,7 +6,7 @@
|
||||
[id="mirror-registry-remote-host-update_{context}"]
|
||||
= Updating mirror registry for Red Hat OpenShift from a remote host
|
||||
|
||||
This procedure explains how to update the _mirror registry for Red Hat OpenShift_ from a remote host using the `upgrade` command. Updating to the latest version ensures bug fixes and security vulnerability fixes.
|
||||
This procedure explains how to update the _mirror registry for Red{nbsp}Hat OpenShift_ from a remote host by using the `upgrade` command. Updating to the latest version ensures bug fixes and security vulnerability fixes.
|
||||
|
||||
[IMPORTANT]
|
||||
====
|
||||
@@ -21,11 +21,11 @@ When upgrading from version 1 to version 2, be aware of the following constraint
|
||||
|
||||
.Prerequisites
|
||||
|
||||
* You have installed the _mirror registry for Red Hat OpenShift_ on a remote host.
|
||||
* You have installed the _mirror registry for Red{nbsp}Hat OpenShift_ on a remote host.
|
||||
|
||||
.Procedure
|
||||
|
||||
* To upgrade the _mirror registry for Red Hat OpenShift_ from a remote host, enter the following command:
|
||||
* To upgrade the _mirror registry for Red{nbsp}Hat OpenShift_ from a remote host, enter the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
@@ -34,12 +34,28 @@ $ ./mirror-registry upgrade -v --targetHostname <remote_host_url> --targetUserna
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
Users who upgrade the _mirror registry for Red Hat OpenShift_ with the `./mirror-registry upgrade -v` flag must include the same credentials used when creating their mirror registry. For example, if you installed the _mirror registry for Red Hat OpenShift_ with `--quayHostname <host_example_com>` and `--quayRoot <example_directory_name>`, you must include that string to properly upgrade the mirror registry.
|
||||
Users who upgrade the _mirror registry for Red{nbsp}Hat OpenShift_ with the `./mirror-registry upgrade -v` flag must include the same credentials used when creating their mirror registry. For example, if you installed the _mirror registry for Red{nbsp}Hat OpenShift_ with `--quayHostname <host_example_com>` and `--quayRoot <example_directory_name>`, you must include that string to properly upgrade the mirror registry.
|
||||
====
|
||||
|
||||
* If you are upgrading the _mirror registry for Red Hat OpenShift_ from 1.3 -> 2.y and want to specify a custom SQLite storage path, you must pass in the `--sqliteStorage` flag, for example:
|
||||
* If you are upgrading the _mirror registry for Red{nbsp}Hat OpenShift_ from 1.3 -> 2.y and want to specify a custom SQLite storage path, you must pass in the `--sqliteStorage` flag, for example:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ ./mirror-registry upgrade -v --targetHostname <remote_host_url> --targetUsername <user_name> -k ~/.ssh/my_ssh_key --sqliteStorage <example_directory_name>/quay-storage
|
||||
----
|
||||
|
||||
.Verification
|
||||
|
||||
. Ensure that _mirror registry for Red{nbsp}Hat OpenShift_ has been updated by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ podman ps
|
||||
----
|
||||
+
|
||||
.Example output
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
registry.redhat.io/quay/quay-rhel8:v3.12.10
|
||||
----
|
||||
@@ -6,18 +6,18 @@
|
||||
[id="mirror-registry-remote_{context}"]
|
||||
= Mirroring on a remote host with mirror registry for Red Hat OpenShift
|
||||
|
||||
This procedure explains how to install the _mirror registry for Red Hat OpenShift_ on a remote host using the `mirror-registry` tool. By doing so, users can create a registry to hold a mirror of {product-title} images.
|
||||
This procedure explains how to install the _mirror registry for Red{nbsp}Hat OpenShift_ on a remote host by using the `mirror-registry` tool. By doing so, users can create a registry to hold a mirror of {product-title} images.
|
||||
|
||||
[NOTE]
|
||||
====
|
||||
Installing the _mirror registry for Red Hat OpenShift_ using the `mirror-registry` CLI tool makes several changes to your machine. After installation, a `$HOME/quay-install` directory is created, which has installation files, local storage, and the configuration bundle. Trusted SSH keys are generated in case the deployment target is the local host, and systemd files on the host machine are set up to ensure that container runtimes are persistent. Additionally, an initial user named `init` is created with an automatically generated password. All access credentials are printed at the end of the install routine.
|
||||
Installing the _mirror registry for Red{nbsp}Hat OpenShift_ using the `mirror-registry` CLI tool makes several changes to your machine. After installation, a `$HOME/quay-install` directory is created, which has installation files, local storage, and the configuration bundle. Trusted SSH keys are generated in case the deployment target is the local host, and systemd files on the host machine are set up to ensure that container runtimes are persistent. Additionally, an initial user named `init` is created with an automatically generated password. All access credentials are printed at the end of the install routine.
|
||||
====
|
||||
|
||||
.Procedure
|
||||
|
||||
. Download the `mirror-registry.tar.gz` package for the latest version of the _mirror registry for Red Hat OpenShift_ found on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page.
|
||||
. Download the `mirror-registry.tar.gz` package for the latest version of the _mirror registry for Red{nbsp}Hat OpenShift_ found on the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page.
|
||||
|
||||
. Install the _mirror registry for Red Hat OpenShift_ on your local host with your current user account by using the `mirror-registry` tool. For a full list of available flags, see "mirror registry for Red Hat OpenShift flags".
|
||||
. Install the _mirror registry for Red{nbsp}Hat OpenShift_ on your local host with your current user account by using the `mirror-registry` tool. For a full list of available flags, see "mirror registry for Red Hat OpenShift flags".
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
@@ -38,16 +38,16 @@ $ podman login -u init \
|
||||
<host_example_com>:8443> \
|
||||
--tls-verify=false <1>
|
||||
----
|
||||
<1> You can avoid running `--tls-verify=false` by configuring your system to trust the generated rootCA certificates. See "Using SSL to protect connections to Red Hat Quay" and "Configuring the system to trust the certificate authority" for more information.
|
||||
<1> You can avoid running `--tls-verify=false` by configuring your system to trust the generated rootCA certificates. See "Using SSL to protect connections to {quay}" and "Configuring the system to trust the certificate authority" for more information.
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
You can also log in by accessing the UI at `\https://<host.example.com>:8443` after installation.
|
||||
====
|
||||
|
||||
. You can mirror {product-title} images after logging in. Depending on your needs, see either the "Mirroring the OpenShift Container Platform image repository" or the "Mirroring Operator catalogs for use with disconnected clusters" sections of this document.
|
||||
. You can mirror {product-title} images after logging in. Depending on your needs, see either the "Mirroring the {product-title} image repository" or the "Mirroring Operator catalogs for use with disconnected clusters" sections of this document.
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
If there are issues with images stored by the _mirror registry for Red Hat OpenShift_ due to storage layer problems, you can remirror the {product-title} images, or reinstall mirror registry on more stable storage.
|
||||
If there are issues with images stored by the _mirror registry for Red{nbsp}Hat OpenShift_ due to storage layer problems, you can remirror the {product-title} images, or reinstall mirror registry on more stable storage.
|
||||
====
|
||||
|
||||
@@ -6,21 +6,21 @@
|
||||
[id="mirror-registry-ssl-cert-replace_{context}"]
|
||||
= Replacing mirror registry for Red Hat OpenShift SSL/TLS certificates
|
||||
|
||||
In some cases, you might want to update your SSL/TLS certificates for the _mirror registry for Red Hat OpenShift_. This is useful in the following scenarios:
|
||||
In some cases, you might want to update your SSL/TLS certificates for the _mirror registry for Red{nbsp}Hat OpenShift_. This is useful in the following scenarios:
|
||||
|
||||
* If you are replacing the current _mirror registry for Red Hat OpenShift_ certificate.
|
||||
* If you are using the same certificate as the previous _mirror registry for Red Hat OpenShift_ installation.
|
||||
* If you are periodically updating the _mirror registry for Red Hat OpenShift_ certificate.
|
||||
* If you are replacing the current _mirror registry for Red{nbsp}Hat OpenShift_ certificate.
|
||||
* If you are using the same certificate as the previous _mirror registry for Red{nbsp}Hat OpenShift_ installation.
|
||||
* If you are periodically updating the _mirror registry for Red{nbsp}Hat OpenShift_ certificate.
|
||||
|
||||
Use the following procedure to replace _mirror registry for Red Hat OpenShift_ SSL/TLS certificates.
|
||||
Use the following procedure to replace _mirror registry for Red{nbsp}Hat OpenShift_ SSL/TLS certificates.
|
||||
|
||||
.Prerequisites
|
||||
|
||||
* You have downloaded the `./mirror-registry` binary from the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page.
|
||||
* You have downloaded and installed the `./mirror-registry` binary from the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page.
|
||||
|
||||
.Procedure
|
||||
|
||||
. Enter the following command to install the _mirror registry for Red Hat OpenShift_:
|
||||
. Enter the following command to install the _mirror registry for Red{nbsp}Hat OpenShift_:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
@@ -29,9 +29,9 @@ $ ./mirror-registry install \
|
||||
--quayRoot <example_directory_name>
|
||||
----
|
||||
+
|
||||
This installs the _mirror registry for Red Hat OpenShift_ to the `$HOME/quay-install` directory.
|
||||
This installs the _mirror registry for Red{nbsp}Hat OpenShift_ to the `$HOME/quay-install` directory.
|
||||
|
||||
. Prepare a new certificate authority (CA) bundle and generate new `ssl.key` and `ssl.crt` key files. For more information, see link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/proof_of_concept_-_deploying_red_hat_quay/advanced-quay-poc-deployment#introduction-using-ssl[Using SSL/TLS to protect connections to {quay}].
|
||||
. Prepare a new certificate authority (CA) bundle and generate new `ssl.key` and `ssl.crt` key files. For more information, see link:https://docs.redhat.com/en/documentation/red_hat_quay/3.15/html-single/securing_red_hat_quay/index#ssl-tls-quay-overview[Configuring SSL and TLS for {quay}].
|
||||
|
||||
. Assign `/$HOME/quay-install` an environment variable, for example, `QUAY`, by entering the following command:
|
||||
+
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
[id="mirror-registry-troubleshooting_{context}"]
|
||||
= Troubleshooting mirror registry for Red Hat OpenShift
|
||||
|
||||
To assist in troubleshooting _mirror registry for Red Hat OpenShift_, you can gather logs of systemd services installed by the mirror registry. The following services are installed:
|
||||
To assist in troubleshooting _mirror registry for Red{nbsp}Hat OpenShift_, you can gather logs of systemd services installed by the mirror registry. The following services are installed:
|
||||
|
||||
* quay-app.service
|
||||
* quay-postgres.service
|
||||
@@ -15,18 +15,18 @@ To assist in troubleshooting _mirror registry for Red Hat OpenShift_, you can ga
|
||||
|
||||
.Prerequisites
|
||||
|
||||
* You have installed _mirror registry for Red Hat OpenShift_.
|
||||
* You have installed _mirror registry for Red{nbsp}Hat OpenShift_.
|
||||
|
||||
.Procedure
|
||||
|
||||
* If you installed _mirror registry for Red Hat OpenShift_ with root privileges, you can get the status information of its systemd services by entering the following command:
|
||||
* If you installed _mirror registry for Red{nbsp}Hat OpenShift_ with root privileges, you can get the status information of its systemd services by entering the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ sudo systemctl status <service>
|
||||
----
|
||||
|
||||
* If you installed _mirror registry for Red Hat OpenShift_ as a standard user, you can get the status information of its systemd services by entering the following command:
|
||||
* If you installed _mirror registry for Red{nbsp}Hat OpenShift_ as a standard user, you can get the status information of its systemd services by entering the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
|
||||
@@ -2,10 +2,19 @@
|
||||
//
|
||||
// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
|
||||
|
||||
:_mod-docs-content-type: PROCEDURE
|
||||
[id="uninstalling-mirror-registry_{context}"]
|
||||
= Uninstalling the mirror registry for Red Hat OpenShift
|
||||
|
||||
* You can uninstall the _mirror registry for Red Hat OpenShift_ from your local host by running the following command:
|
||||
Use the following procedure to uninstall the _mirror registry for Red{nbsp}Hat OpenShift_ from your local host.
|
||||
|
||||
.Prerequisites
|
||||
|
||||
* You have installed _mirror registry for Red{nbsp}Hat OpenShift_ on a local .host.
|
||||
|
||||
.Porcedure
|
||||
|
||||
* Uninstall the _mirror registry for Red{nbsp}Hat OpenShift_ from your local host by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
@@ -15,6 +24,6 @@ $ ./mirror-registry uninstall -v \
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
* Deleting the _mirror registry for Red Hat OpenShift_ will prompt the user before deletion. You can use `--autoApprove` to skip this prompt.
|
||||
* Users who install the _mirror registry for Red Hat OpenShift_ with the `--quayRoot` flag must include the `--quayRoot` flag when uninstalling. For example, if you installed the _mirror registry for Red Hat OpenShift_ with `--quayRoot example_directory_name`, you must include that string to properly uninstall the mirror registry.
|
||||
* Deleting the _mirror registry for Red{nbsp}Hat OpenShift_ will prompt the user before deletion. You can use `--autoApprove` to skip this prompt.
|
||||
* Users who install the _mirror registry for Red{nbsp}Hat OpenShift_ with the `--quayRoot` flag must include the `--quayRoot` flag when uninstalling. For example, if you installed the _mirror registry for Red{nbsp}Hat OpenShift_ with `--quayRoot example_directory_name`, you must include that string to properly uninstall the mirror registry.
|
||||
====
|
||||
|
||||
@@ -13,11 +13,11 @@ After you create applications in your project and deploy them, use the *Develope
|
||||
* Drilldown into severity to obtain the details, such as count of vulnerabilities, count of fixable vulnerabilities, and number of affected pods for each vulnerable image
|
||||
|
||||
.Prerequisites
|
||||
* You have installed the Red Hat Quay Container Security operator from the Operator Hub.
|
||||
* You have installed the {quay} Container Security operator from the Operator Hub.
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
The Red Hat Quay Container Security operator detects vulnerabilities by scanning the images that are in the quay registry.
|
||||
The {quay} Container Security operator detects vulnerabilities by scanning the images that are in the quay registry.
|
||||
====
|
||||
|
||||
.Procedure
|
||||
|
||||
@@ -84,7 +84,7 @@ $ oc adm catalog mirror \
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
Red Hat Quay does not support nested repositories. As a result, running the `oc adm catalog mirror` command will fail with a `401` unauthorized error. As a workaround, you can use the `--max-components=2` option when running the `oc adm catalog mirror` command to disable the creation of nested repositories. For more information on this workaround, see the link:https://access.redhat.com/solutions/5440741[Unauthorized error thrown while using catalog mirror command with Quay registry] Knowledgebase Solution.
|
||||
{quay} does not support nested repositories. As a result, running the `oc adm catalog mirror` command will fail with a `401` unauthorized error. As a workaround, you can use the `--max-components=2` option when running the `oc adm catalog mirror` command to disable the creation of nested repositories. For more information on this workaround, see the link:https://access.redhat.com/solutions/5440741[Unauthorized error thrown while using catalog mirror command with Quay registry] Knowledgebase Solution.
|
||||
====
|
||||
|
||||
. Run the `oc adm catalog mirror` command again. Use the newly mirrored index image as the source and the same mirror registry target used in the previous step:
|
||||
|
||||
@@ -63,7 +63,7 @@ wrote mirroring manifests to manifests-{index-image}-1614211642 <2>
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
Red Hat Quay does not support nested repositories. As a result, running the `oc adm catalog mirror` command will fail with a `401` unauthorized error. As a workaround, you can use the `--max-components=2` option when running the `oc adm catalog mirror` command to disable the creation of nested repositories. For more information on this workaround, see the link:https://access.redhat.com/solutions/5440741[Unauthorized error thrown while using catalog mirror command with Quay registry] Knowledgebase Solution.
|
||||
{quay} does not support nested repositories. As a result, running the `oc adm catalog mirror` command will fail with a `401` unauthorized error. As a workaround, you can use the `--max-components=2` option when running the `oc adm catalog mirror` command to disable the creation of nested repositories. For more information on this workaround, see the link:https://access.redhat.com/solutions/5440741[Unauthorized error thrown while using catalog mirror command with Quay registry] Knowledgebase Solution.
|
||||
====
|
||||
--
|
||||
|
||||
|
||||
@@ -34,7 +34,7 @@ Operators are both the fundamental unit of the {product-title} code base and a c
|
||||
|
||||
Operator Lifecycle Manager (OLM) and the OperatorHub provide facilities for storing and distributing Operators to people developing and deploying applications.
|
||||
|
||||
The Red Hat Quay Container Registry is a Quay.io container registry that serves most of the container images and Operators to {product-title} clusters. Quay.io is a public registry version of Red Hat Quay that stores millions of images and tags.
|
||||
The {quay} Container Registry is a Quay.io container registry that serves most of the container images and Operators to {product-title} clusters. Quay.io is a public registry version of {quay} that stores millions of images and tags.
|
||||
|
||||
Other enhancements to Kubernetes in {product-title} include improvements in software defined networking (SDN), authentication, log aggregation, monitoring, and routing. {product-title} also offers a comprehensive web console and the custom OpenShift CLI (`oc`) interface.
|
||||
|
||||
|
||||
@@ -33,7 +33,7 @@ public registry::
|
||||
A registry is a server that implements the container image registry API. A public registry is a registry that serves its contently publicly.
|
||||
|
||||
Quay.io::
|
||||
A public Red Hat Quay Container Registry instance provided and maintained by Red Hat, that serves most of the container images and Operators to {product-title} clusters.
|
||||
A public {quay} Container Registry instance provided and maintained by Red Hat, that serves most of the container images and Operators to {product-title} clusters.
|
||||
|
||||
{product-registry}::
|
||||
{product-registry} is the registry provided by {product-title} to manage images.
|
||||
|
||||
@@ -3,25 +3,25 @@
|
||||
// * registry/index.adoc
|
||||
|
||||
[id="registry-quay-overview_{context}"]
|
||||
= Red Hat Quay registries
|
||||
= {quay} registries
|
||||
|
||||
If you need an enterprise-quality container image registry, Red Hat Quay is
|
||||
If you need an enterprise-quality container image registry, {quay} is
|
||||
available both as a hosted service and as software you can install in your own
|
||||
data center or cloud environment. Advanced features in Red Hat Quay
|
||||
data center or cloud environment. Advanced features in {quay}
|
||||
include geo-replication, image scanning, and the ability to roll back images.
|
||||
|
||||
Visit the link:https://quay.io[Quay.io] site to set up your own hosted Quay registry account. After
|
||||
that, follow the Quay Tutorial to log in to the Quay registry and start managing
|
||||
your images.
|
||||
|
||||
You can access your Red Hat Quay registry from {product-title} like any remote
|
||||
You can access your {quay} registry from {product-title} like any remote
|
||||
container image registry.
|
||||
|
||||
//[role="_additional-resources"]
|
||||
//.Additional resources
|
||||
//* link:https://quay.io[Quay.io]
|
||||
//* link:https://quay.io/tutorial/[Quay Tutorial]
|
||||
//* See link:https://access.redhat.com/documentation/en-us/red_hat_quay/2.9/html-single/getting_started_with_red_hat_quay/[Getting Started with Red Hat Quay]
|
||||
//for information about setting up your own Red Hat Quay registry.
|
||||
//* See link:https://access.redhat.com/documentation/en-us/red_hat_quay/2.9/html-single/getting_started_with_red_hat_quay/[Getting Started with {quay}]
|
||||
//for information about setting up your own {quay} registry.
|
||||
//* To learn how to set up credentials to access
|
||||
//Red Hat Quay as a secured registry, refer to Allowing Pods to Reference Images from Other Secured Registries.
|
||||
//{quay} as a secured registry, refer to Allowing Pods to Reference Images from Other Secured Registries.
|
||||
|
||||
@@ -20,14 +20,14 @@ known vulnerabilities.
|
||||
== Scanning OpenShift images
|
||||
|
||||
For the container images that are running in {product-title}
|
||||
and are pulled from Red Hat Quay registries, you can use an Operator to list the
|
||||
and are pulled from {quay} registries, you can use an Operator to list the
|
||||
vulnerabilities of those images. The
|
||||
link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/red_hat_quay_operator_features/container-security-operator-setup[{rhq-cso}]
|
||||
can be added to {product-title} to provide vulnerability reporting
|
||||
for images added to selected namespaces.
|
||||
|
||||
Container image scanning for Red Hat Quay is performed by the
|
||||
Container image scanning for {quay} is performed by the
|
||||
link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/vulnerability_reporting_with_clair_on_red_hat_quay/index[Clair].
|
||||
In Red Hat Quay, Clair can search for and report vulnerabilities in
|
||||
In {quay}, Clair can search for and report vulnerabilities in
|
||||
images built from {op-system-base}, CentOS, Oracle, Alpine, Debian, and Ubuntu
|
||||
operating system software.
|
||||
|
||||
@@ -12,7 +12,7 @@ You can install the {rhq-cso} from the {product-title} web console Operator Hub,
|
||||
|
||||
* You have installed the `oc` CLI.
|
||||
* You have administrator privileges to the {product-title} cluster.
|
||||
* You have containers that come from a Red Hat Quay or Quay.io registry running on your cluster.
|
||||
* You have containers that come from a {quay} or Quay.io registry running on your cluster.
|
||||
|
||||
.Procedure
|
||||
|
||||
|
||||
@@ -11,4 +11,4 @@ images. The OpenShift Container Registry provides role-based access controls
|
||||
that allow you to manage who can pull and push which container images.
|
||||
|
||||
{product-title} also supports integration with other private registries that you might
|
||||
already be using, such as Red Hat Quay.
|
||||
already be using, such as {quay}.
|
||||
|
||||
@@ -3,44 +3,44 @@
|
||||
// * security/container_security/security-registries.adoc
|
||||
|
||||
[id="security-registries-quay_{context}"]
|
||||
= Storing containers using Red Hat Quay
|
||||
link:https://access.redhat.com/products/red-hat-quay[Red Hat Quay] is an
|
||||
= Storing containers using {quay}
|
||||
link:https://access.redhat.com/products/red-hat-quay[{quay}] is an
|
||||
enterprise-quality container registry product from Red Hat.
|
||||
Development for Red Hat Quay is done through the upstream
|
||||
Development for {quay} is done through the upstream
|
||||
link:https://docs.projectquay.io/welcome.html[Project Quay].
|
||||
Red Hat Quay is available to deploy on-premise or through the hosted
|
||||
version of Red Hat Quay at link:https://quay.io[Quay.io].
|
||||
{quay} is available to deploy on-premise or through the hosted
|
||||
version of {quay} at link:https://quay.io[Quay.io].
|
||||
|
||||
Security-related features of Red Hat Quay include:
|
||||
Security-related features of {quay} include:
|
||||
|
||||
* *Time machine*: Allows images with older tags to expire after a set
|
||||
period of time or based on a user-selected expiration time.
|
||||
|
||||
* *link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#repo-mirroring-in-red-hat-quay[Repository mirroring]*: Lets you mirror
|
||||
other registries for security reasons, such hosting a public repository
|
||||
on Red Hat Quay behind a company firewall, or for performance reasons, to
|
||||
on {quay} behind a company firewall, or for performance reasons, to
|
||||
keep registries closer to where they are used.
|
||||
|
||||
* *Action log storage*: Save Red Hat Quay logging output to link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#proc_manage-log-storage[Elasticsearch storage or Splunk] to allow for later search and analysis.
|
||||
* *Action log storage*: Save {quay} logging output to link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#proc_manage-log-storage[Elasticsearch storage or Splunk] to allow for later search and analysis.
|
||||
|
||||
* *link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/vulnerability_reporting_with_clair_on_red_hat_quay/index[Clair]*: Scan images against a variety of Linux
|
||||
vulnerability databases, based on the origins of each container image.
|
||||
|
||||
* *Internal authentication*: Use the default local database to handle RBAC
|
||||
authentication to Red Hat Quay or choose from LDAP, Keystone (OpenStack),
|
||||
authentication to {quay} or choose from LDAP, Keystone (OpenStack),
|
||||
JWT Custom Authentication, or External Application Token authentication.
|
||||
|
||||
* *External authorization (OAuth)*: Allow authorization to Red Hat Quay
|
||||
* *External authorization (OAuth)*: Allow authorization to {quay}
|
||||
from GitHub, GitHub Enterprise, or Google Authentication.
|
||||
|
||||
* *Access settings*: Generate tokens to allow access to Red Hat Quay
|
||||
* *Access settings*: Generate tokens to allow access to {quay}
|
||||
from docker, rkt, anonymous access, user-created accounts, encrypted
|
||||
client passwords, or prefix username autocompletion.
|
||||
|
||||
Ongoing integration of Red Hat Quay with {product-title} continues,
|
||||
Ongoing integration of {quay} with {product-title} continues,
|
||||
with several {product-title} Operators of particular interest.
|
||||
The link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/red_hat_quay_operator_features/index#quay-bridge-operator[Quay Bridge Operator]
|
||||
lets you replace the internal {product-registry} with Red Hat Quay.
|
||||
lets you replace the internal {product-registry} with {quay}.
|
||||
The link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/red_hat_quay_operator_features/index#container-security-operator-setup[{rhq-cso}]
|
||||
lets you check vulnerabilities of images running in {product-title} that were
|
||||
pulled from Red Hat Quay registries.
|
||||
pulled from {quay} registries.
|
||||
|
||||
@@ -16,4 +16,4 @@ From the Customer Portal, you can find help in various ways:
|
||||
To identify issues with your deployment, you can use the debugging tool or check the health endpoint of your deployment.
|
||||
After you have debugged or obtained health information about your deployment, you can search the Red{nbsp}Hat Knowledgebase for a solution or file a support ticket.
|
||||
|
||||
//If you have a suggestion for improving this documentation or have found an error, submit a Jira issue to the ProjectQuay project. Provide specific details, such as the section name and Red Hat Quay version.
|
||||
//If you have a suggestion for improving this documentation or have found an error, submit a Jira issue to the ProjectQuay project. Provide specific details, such as the section name and {quay} version.
|
||||
@@ -28,7 +28,7 @@ You can use the {product-title} web console to create an OpenShift Update Servic
|
||||
. Enter the local pullspec in the *Graph Data Image* field to the graph data container image created in "Creating the OpenShift Update Service graph data container image", for example, `registry.example.com/openshift/graph-data:latest`.
|
||||
//TODO: Add xref to preceding step when allowed.
|
||||
|
||||
. In the *Releases* field, enter the registry and repository created to contain the release images in "Mirroring the OpenShift Container Platform image repository", for example, `registry.example.com/ocp4/openshift4-release-images`.
|
||||
. In the *Releases* field, enter the registry and repository created to contain the release images in "Mirroring the {product-title} image repository", for example, `registry.example.com/ocp4/openshift4-release-images`.
|
||||
//TODO: Add xref to preceding step when allowed.
|
||||
|
||||
. Enter `2` in the *Replicas* field.
|
||||
|
||||
@@ -12,7 +12,7 @@ The size of a container disk is limited by the maximum layer size of the registr
|
||||
|
||||
[NOTE]
|
||||
====
|
||||
For link:https://access.redhat.com/documentation/en-us/red_hat_quay/[Red Hat Quay], you can change the maximum layer size by editing the YAML configuration file that is created when Red Hat Quay is first deployed.
|
||||
For link:https://access.redhat.com/documentation/en-us/red_hat_quay/[{quay}], you can change the maximum layer size by editing the YAML configuration file that is created when {quay} is first deployed.
|
||||
====
|
||||
|
||||
.Prerequisites
|
||||
|
||||
@@ -18,7 +18,7 @@ A mirror registry can also be used with a {product-title} cluster in a disconnec
|
||||
|
||||
Using a mirror registry requires the following general steps:
|
||||
|
||||
* Create the mirror registry, using a tool such as Red Hat Quay.
|
||||
* Create the mirror registry, using a tool such as {quay}.
|
||||
* Create a container image registry credentials file.
|
||||
* Copy the images from your online image repository to your mirror registry.
|
||||
|
||||
|
||||
@@ -12,7 +12,7 @@ You can configure the hub cluster to use a disconnected mirror registry for a di
|
||||
|
||||
* You have a disconnected hub cluster installation with {rh-rhacm-first} {rh-rhacm-version} installed.
|
||||
|
||||
* You have hosted the `rootfs` and `iso` images on an HTTP server. See the _Additional resources_ section for guidance about _Mirroring the OpenShift Container Platform image repository_.
|
||||
* You have hosted the `rootfs` and `iso` images on an HTTP server. See the _Additional resources_ section for guidance about _Mirroring the {product-title} image repository_.
|
||||
|
||||
[WARNING]
|
||||
====
|
||||
@@ -52,7 +52,7 @@ data:
|
||||
<1> The `ConfigMap` namespace must be set to `multicluster-engine`.
|
||||
<2> The mirror registry’s certificate that is used when creating the mirror registry.
|
||||
<3> The configuration file for the mirror registry. The mirror registry configuration adds mirror information to the `/etc/containers/registries.conf` file in the discovery image. The mirror information is stored in the `imageContentSources` section of the `install-config.yaml` file when the information is passed to the installation program. The Assisted Service pod that runs on the hub cluster fetches the container images from the configured mirror registry.
|
||||
<4> The URL of the mirror registry. You must use the URL from the `imageContentSources` section by running the `oc adm release mirror` command when you configure the mirror registry. For more information, see the _Mirroring the OpenShift Container Platform image repository_ section.
|
||||
<4> The URL of the mirror registry. You must use the URL from the `imageContentSources` section by running the `oc adm release mirror` command when you configure the mirror registry. For more information, see the _Mirroring the {product-title} image repository_ section.
|
||||
<5> The registries defined in the `registries.conf` file must be scoped by repository, not by registry. In this example, both the `quay.io/example-repository` and the `mirror1.registry.corp.com:5000/example-repository` repositories are scoped by the `example-repository` repository.
|
||||
|
||||
+
|
||||
|
||||
@@ -8,7 +8,7 @@ toc::[]
|
||||
|
||||
Use the following topics to discover the different Source-to-Image (S2I), database, and other container images that are available for {product-title} users.
|
||||
|
||||
Red Hat official container images are provided in the Red Hat Registry at link:https://registry.redhat.io[registry.redhat.io]. {product-title}'s supported S2I, database, and Jenkins images are provided in the `openshift4` repository in the Red Hat Quay Registry. For example, `quay.io/openshift-release-dev/ocp-v4.0-<address>` is the name of the OpenShift Application Platform image.
|
||||
Red Hat official container images are provided in the Red Hat Registry at link:https://registry.redhat.io[registry.redhat.io]. {product-title}'s supported S2I, database, and Jenkins images are provided in the `openshift4` repository in the {quay} Registry. For example, `quay.io/openshift-release-dev/ocp-v4.0-<address>` is the name of the OpenShift Application Platform image.
|
||||
|
||||
The xPaaS middleware images are provided in their respective product repositories on the Red Hat Registry but suffixed with a `-openshift`. For example, `registry.redhat.io/jboss-eap-6/eap64-openshift` is the name of the JBoss EAP image.
|
||||
|
||||
|
||||
@@ -26,7 +26,7 @@ include::modules/installation-about-mirror-registry.adoc[leveloffset=+1]
|
||||
* An installed mirror registry, which is a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2/[Docker v2-2] in the location that will host the {product-title} cluster, such as one of the following registries:
|
||||
+
|
||||
--
|
||||
** link:https://www.redhat.com/en/technologies/cloud-computing/quay[Red Hat Quay]
|
||||
** link:https://www.redhat.com/en/technologies/cloud-computing/quay[{quay}]
|
||||
|
||||
** link:https://jfrog.com/artifactory/[JFrog Artifactory]
|
||||
|
||||
@@ -35,9 +35,9 @@ include::modules/installation-about-mirror-registry.adoc[leveloffset=+1]
|
||||
** link:https://goharbor.io/[Harbor]
|
||||
--
|
||||
+
|
||||
If you have an subscription to Red Hat Quay, see the documentation on deploying Red Hat Quay link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploy_red_hat_quay_for_proof-of-concept_non-production_purposes/[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Quay Operator].
|
||||
If you have an subscription to {quay}, see the documentation on deploying {quay} link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploy_red_hat_quay_for_proof-of-concept_non-production_purposes/[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Quay Operator].
|
||||
|
||||
* The mirror repository must be configured to share images. For example, a Red Hat Quay repository requires link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/use_red_hat_quay/index#user-org-intro_use-quay[Organizations] in order to share images.
|
||||
* The mirror repository must be configured to share images. For example, a {quay} repository requires link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/use_red_hat_quay/index#user-org-intro_use-quay[Organizations] in order to share images.
|
||||
|
||||
* Access to the internet to obtain the necessary container images.
|
||||
|
||||
|
||||
@@ -23,7 +23,7 @@ include::modules/registry-quay-overview.adoc[leveloffset=+1]
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
|
||||
* link:https://access.redhat.com/documentation/en-us/red_hat_quay/[Red Hat Quay product documentation]
|
||||
* link:https://access.redhat.com/documentation/en-us/red_hat_quay/[{quay} product documentation]
|
||||
|
||||
include::modules/registry-authentication-enabled-registry-overview.adoc[leveloffset=+1]
|
||||
|
||||
|
||||
@@ -235,7 +235,7 @@ Manage machines, provide services to users, and follow monitoring and logging re
|
||||
|
||||
- **Manage machines**: Manage xref:../machine_management/index.adoc#machine-mgmt-intro-managing-compute_overview-of-machine-management[compute] and xref:../machine_management/index.adoc#machine-mgmt-intro-managing-control-plane_overview-of-machine-management[control plane] machines in your cluster with machine sets, by xref:../machine_management/deploying-machine-health-checks.adoc#deploying-machine-health-checks[deploying health checks], and xref:../machine_management/applying-autoscaling.adoc#applying-autoscaling[applying autoscaling].
|
||||
|
||||
- **xref:../registry/index.adoc#registry-overview[Manage container registries]**: Each {product-title} cluster includes a built-in container registry for storing its images. You can also configure a separate link:https://access.redhat.com/documentation/en-us/red_hat_quay/[Red Hat Quay] registry to use with {product-title}. The link:https://quay.io[Quay.io] website provides a public container registry that stores {product-title} containers and Operators.
|
||||
- **xref:../registry/index.adoc#registry-overview[Manage container registries]**: Each {product-title} cluster includes a built-in container registry for storing its images. You can also configure a separate link:https://access.redhat.com/documentation/en-us/red_hat_quay/[{quay}] registry to use with {product-title}. The link:https://quay.io[Quay.io] website provides a public container registry that stores {product-title} containers and Operators.
|
||||
|
||||
- **xref:../authentication/understanding-authentication.adoc#understanding-authentication[Manage users and groups]**: Add users and groups with different levels of permissions to use or modify clusters.
|
||||
|
||||
|
||||
@@ -20,11 +20,11 @@ while the Red Hat Ecosystem Catalog offers detailed descriptions
|
||||
and health checks for those images.
|
||||
To manage your own registry, you could purchase a container
|
||||
registry such as
|
||||
link:https://access.redhat.com/products/red-hat-quay[Red Hat Quay].
|
||||
link:https://access.redhat.com/products/red-hat-quay[{quay}].
|
||||
|
||||
From a security standpoint, some registries provide special features to
|
||||
check and improve the health of your containers.
|
||||
For example, Red Hat Quay offers container vulnerability scanning
|
||||
For example, {quay} offers container vulnerability scanning
|
||||
with Clair security scanner, build triggers to automatically rebuild
|
||||
images when source code changes in GitHub and other locations, and
|
||||
the ability to use role-based access control (RBAC) to
|
||||
|
||||
@@ -15,7 +15,7 @@ used in active pods on the cluster. The {rhq-cso}:
|
||||
vulnerability information, provided an image's registry is running image
|
||||
scanning (such as
|
||||
link:https://quay.io[Quay.io] or a
|
||||
link:https://access.redhat.com/products/red-hat-quay[Red Hat Quay] registry with Clair scanning)
|
||||
link:https://access.redhat.com/products/red-hat-quay[{quay}] registry with Clair scanning)
|
||||
* Exposes vulnerabilities via the `ImageManifestVuln` object in the Kubernetes API
|
||||
|
||||
Using the instructions here, the {rhq-cso} is installed in the `openshift-operators`
|
||||
|
||||
@@ -31,7 +31,7 @@ include::modules/lvms-installing-logical-volume-manager-operator-disconnected-en
|
||||
|
||||
* xref:../../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[Creating a mirror registry with mirror registry for Red Hat OpenShift]
|
||||
|
||||
* xref:../../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the OpenShift Container Platform image repository]
|
||||
* xref:../../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-mirror-repository_installing-mirroring-installation-images[Mirroring the {product-title} image repository]
|
||||
|
||||
* xref:../../../installing/disconnected_install/installing-mirroring-disconnected.adoc#oc-mirror-creating-image-set-config_installing-mirroring-disconnected[Creating the image set configuration]
|
||||
|
||||
|
||||
@@ -68,14 +68,14 @@ You can use the `oc adm release mirror` command to mirror images to your mirror
|
||||
[id="prerequisites_updating-mirroring-disconnected"]
|
||||
=== Prerequisites
|
||||
|
||||
* You must have a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2] in the location that will host the {product-title} cluster, such as Red Hat Quay.
|
||||
* You must have a container image registry that supports link:https://docs.docker.com/registry/spec/manifest-v2-2[Docker v2-2] in the location that will host the {product-title} cluster, such as {quay}.
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
If you use Red Hat Quay, you must use version 3.6 or later with the oc-mirror plugin. If you have an entitlement to Red Hat Quay, see the documentation on deploying Red Hat Quay link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html/proof_of_concept_-_deploying_red_hat_quay/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Quay Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support.
|
||||
If you use {quay}, you must use version 3.6 or later with the oc-mirror plugin. If you have an entitlement to {quay}, see the documentation on deploying {quay} link:https://docs.redhat.com/en/documentation/red_hat_quay/3/html/proof_of_concept_-_deploying_red_hat_quay/index[for proof-of-concept purposes] or link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/deploying_the_red_hat_quay_operator_on_openshift_container_platform/index[by using the Quay Operator]. If you need additional assistance selecting and installing a registry, contact your sales representative or Red Hat Support.
|
||||
====
|
||||
+
|
||||
If you do not have an existing solution for a container image registry, the xref:../../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift] is included in {product-title} subscriptions. The _mirror registry for Red Hat OpenShift_ is a small-scale container registry that you can use to mirror {product-title} container images in disconnected installations and updates.
|
||||
If you do not have an existing solution for a container image registry, the xref:../../../installing/disconnected_install/installing-mirroring-creating-registry.adoc#installing-mirroring-creating-registry[mirror registry for Red Hat OpenShift] is included in {product-title} subscriptions. The _mirror registry for Red{nbsp}Hat OpenShift_ is a small-scale container registry that you can use to mirror {product-title} container images in disconnected installations and updates.
|
||||
|
||||
[id="updating-restricted-network-mirror-host"]
|
||||
=== Preparing your mirror host
|
||||
|
||||
@@ -234,7 +234,7 @@ Manage machines, provide services to users, and follow monitoring and logging re
|
||||
|
||||
- **Manage machines**: Manage xref:../machine_management/index.adoc#machine-mgmt-intro-managing-compute_overview-of-machine-management[compute] and xref:../machine_management/index.adoc#machine-mgmt-intro-managing-control-plane_overview-of-machine-management[control plane] machines in your cluster with machine sets, by xref:../machine_management/deploying-machine-health-checks.adoc#deploying-machine-health-checks[deploying health checks], and xref:../machine_management/applying-autoscaling.adoc#applying-autoscaling[applying autoscaling].
|
||||
|
||||
- **xref:../registry/index.adoc#registry-overview[Manage container registries]**: Each {product-title} cluster includes a built-in container registry for storing its images. You can also configure a separate link:https://access.redhat.com/documentation/en-us/red_hat_quay/[Red Hat Quay] registry to use with {product-title}. The link:https://quay.io[Quay.io] website provides a public container registry that stores {product-title} containers and Operators.
|
||||
- **xref:../registry/index.adoc#registry-overview[Manage container registries]**: Each {product-title} cluster includes a built-in container registry for storing its images. You can also configure a separate link:https://access.redhat.com/documentation/en-us/red_hat_quay/[{quay}] registry to use with {product-title}. The link:https://quay.io[Quay.io] website provides a public container registry that stores {product-title} containers and Operators.
|
||||
|
||||
- **xref:../authentication/understanding-authentication.adoc#understanding-authentication[Manage users and groups]**: Add users and groups with different levels of permissions to use or modify clusters.
|
||||
|
||||
|
||||
@@ -185,7 +185,7 @@ Red Hat Middleware Bundles that include OpenShift embedded in them only contain
|
||||
for this support.
|
||||
|
||||
=== Quay Integration compatible
|
||||
{oke} is compatible and supported with a Red Hat Quay purchase.
|
||||
{oke} is compatible and supported with a {quay} purchase.
|
||||
|
||||
=== OpenShift Virtualization
|
||||
{oke} includes support for the Red Hat product offerings derived from
|
||||
@@ -324,7 +324,7 @@ s| Feature s| {oke} s| {product-title} s| Operator name
|
||||
| IDE Integrations | Not included | Included | N/A
|
||||
| {osc} | Not included | Not included | {osc-operator}
|
||||
| Windows Machine Config Operator | Community Windows Machine Config Operator included - no subscription required | Red Hat Windows Machine Config Operator included - Requires separate subscription | Windows Machine Config Operator
|
||||
| Red Hat Quay | Not Included - Requires separate subscription | Not Included - Requires separate subscription | Quay Operator
|
||||
| {quay} | Not Included - Requires separate subscription | Not Included - Requires separate subscription | Quay Operator
|
||||
| Red Hat Advanced Cluster Management | Not Included - Requires separate subscription | Not Included - Requires separate subscription | Advanced Cluster Management for Kubernetes
|
||||
| Red Hat Advanced Cluster Security | Not Included - Requires separate subscription | Not Included - Requires separate subscription | N/A
|
||||
| {rh-storage} | Not Included - Requires separate subscription | Not Included - Requires separate subscription | {rh-storage}
|
||||
|
||||
Reference in New Issue
Block a user