Configuring the registry for OpenStack user-provisioned infrastructure
You can configure the registry of a cluster that runs on your own OpenStack infrastructure.
Configuring the Image Registry Operator to trust Swift storage
You must configure the Image Registry Operator to trust OpenStack Swift storage.
Procedure
From a command line, enter the following command to change the value of the
spec.disableRedirect
field in theconfig.imageregistry
object totrue
:$ oc patch configs.imageregistry.operator.openshift.io cluster --type merge --patch '{"spec":{"disableRedirect":true}}'
Configuring a secret for the Image Registry Operator
In addition to the configs.imageregistry.operator.openshift.io
and ConfigMap resources, configuration is provided to the Operator by a separate secret resource located within the openshift-image-registry
namespace.
The image-registry-private-configuration-user
secret provides credentials needed for storage access and management. It overrides the default credentials used by the Operator, if default credentials were found.
For Swift on OpenStack storage, the secret is expected to contain the following two keys:
REGISTRY_STORAGE_SWIFT_USER
REGISTRY_STORAGE_SWIFT_PASSWORD
Procedure
Create an OKD secret that contains the required keys.
$ oc create secret generic image-registry-private-configuration-user --from-literal=REGISTRY_STORAGE_SWIFT_USER=<username> --from-literal=REGISTRY_STORAGE_SWIFT_PASSWORD=<password> -n openshift-image-registry
Registry storage for OpenStack with user-provisioned infrastructure
If the Registry Operator cannot create a Swift bucket, you must set up the storage medium manually and configure the settings in the registry custom resource (CR).
Prerequisites
A cluster on OpenStack with user-provisioned infrastructure.
To configure registry storage for OpenStack, you need to provide Registry Operator cloud credentials.
For Swift on OpenStack storage, the secret is expected to contain the following two keys:
REGISTRY_STORAGE_SWIFT_USER
REGISTRY_STORAGE_SWIFT_PASSWORD
Procedure
Fill in the storage configuration in
configs.imageregistry.operator.openshift.io/cluster
:$ oc edit configs.imageregistry.operator.openshift.io/cluster
Example configuration
# ...
storage:
swift:
container: <container-id>
# ...
Image Registry Operator configuration parameters for OpenStack Swift
The following configuration parameters are available for OpenStack Swift registry storage.
Parameter | Description |
---|---|
| Defines the URL for obtaining the authentication token. This value is optional. |
| Specifies the Auth version of OpenStack, for example, |
| Defines the name of a Swift container for storing registry data. This value is optional. |
| Specifies the OpenStack domain name for the Identity v3 API. This value is optional. |
| Specifies the OpenStack domain ID for the Identity v3 API. This value is optional. |
| Defines the OpenStack tenant name to be used by the registry. This value is optional. |
| Defines the OpenStack tenant ID to be used by the registry. This value is optional. |
| Defines the OpenStack region in which the container exists. This value is optional. |