openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 21:46:22 +01:00
Code Issues Releases Activity

Updating images-configuration-allowed to correct mco workflow

Browse Source 
Adding/removing registries under `spec.registrySources.allowedRegistries` in `image.config.openshift.io/cluster` updates `/etc/containers/policy.json file` on each node. Changes to the `/etc/containers/policy.json` do not require node drain.
This commit is contained in:
Akshata Jadhav
2024-08-29 14:37:36 +05:30
committed by openshift-cherrypick-robot
parent a0737fa0bf
commit da3fe2bc4d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/images-configuration-allowed.adoc
View File

@@ -59,7 +59,7 @@ status:
Either the `allowedRegistries` parameter or the `blockedRegistries` parameter can be set, but not both.
====
+
The Machine Config Operator (MCO) watches the `image.config.openshift.io/cluster` resource for any changes to the registries. When the MCO detects a change, it drains the nodes, applies the change, and uncordons the nodes. After the nodes return to the `Ready` state, the allowed registries list is used to update the image signature policy in the `/etc/containers/policy.json` file on each node.
The Machine Config Operator (MCO) watches the `image.config.openshift.io/cluster` resource for any changes to the registries. When the MCO detects a change, it triggers a rollout on nodes in machine config pool (MCP). The allowed registries list is used to update the image signature policy in the `/etc/containers/policy.json` file on each node. Changes to the `/etc/containers/policy.json` file do not require the node to drain.
ifndef::openshift-rosa,openshift-dedicated[]
.Verification