×

Configuring the Image Registry Operator to trust Swift storage

You must configure the Image Registry Operator to trust Red Hat OpenStack Platform (RHOSP) Swift storage.

Procedure
  • From a command line, enter the following command to change the value of the spec.disableRedirect field in the config.imageregistry object to true:

    $ oc patch configs.imageregistry.operator.openshift.io cluster --type merge --patch '{"spec":{"disableRedirect":true}}'

Configuring a secret for the Image Registry Operator

In addition to the configs.imageregistry.operator.openshift.io and ConfigMap resources, configuration is provided to the Operator by a separate secret resource located within the openshift-image-registry namespace.

The image-registry-private-configuration-user secret provides credentials needed for storage access and management. It overrides the default credentials used by the Operator, if default credentials were found.

For Swift on Red Hat OpenStack Platform (RHOSP) storage, the secret is expected to contain the following two keys:

  • REGISTRY_STORAGE_SWIFT_USER

  • REGISTRY_STORAGE_SWIFT_PASSWORD

Procedure
  • Create an OpenShift Container Platform secret that contains the required keys.

    $ oc create secret generic image-registry-private-configuration-user --from-literal=REGISTRY_STORAGE_SWIFT_USER=<username> --from-literal=REGISTRY_STORAGE_SWIFT_PASSWORD=<password> -n openshift-image-registry

Registry storage for RHOSP with user-provisioned infrastructure

If the Registry Operator cannot create a Swift bucket, you must set up the storage medium manually and configure the settings in the registry custom resource (CR).

Prerequisites
  • A cluster on Red Hat OpenStack Platform (RHOSP) with user-provisioned infrastructure.

  • To configure registry storage for RHOSP, you need to provide Registry Operator cloud credentials.

  • For Swift on RHOSP storage, the secret is expected to contain the following two keys:

    • REGISTRY_STORAGE_SWIFT_USER

    • REGISTRY_STORAGE_SWIFT_PASSWORD

Procedure
  • Fill in the storage configuration in configs.imageregistry.operator.openshift.io/cluster:

    $ oc edit configs.imageregistry.operator.openshift.io/cluster
    Example configuration
    # ...
    storage:
      swift:
        container: <container-id>
    # ...

Image Registry Operator configuration parameters for RHOSP Swift

The following configuration parameters are available for Red Hat OpenStack Platform (RHOSP) Swift registry storage.

Parameter Description

authURL

Defines the URL for obtaining the authentication token. This value is optional.

authVersion

Specifies the Auth version of RHOSP, for example, authVersion: "3". This value is optional.

container

Defines the name of a Swift container for storing registry data. This value is optional.

domain

Specifies the RHOSP domain name for the Identity v3 API. This value is optional.

domainID

Specifies the RHOSP domain ID for the Identity v3 API. This value is optional.

tenant

Defines the RHOSP tenant name to be used by the registry. This value is optional.

tenantID

Defines the RHOSP tenant ID to be used by the registry. This value is optional.

regionName

Defines the RHOSP region in which the container exists. This value is optional.