Description

Config is the configuration object for a registry instance managed by the registry operator

Type

object

Required
  • metadata

  • spec

Specification

Property Type Description

.apiVersion

string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

.kind

string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

.metadata

ObjectMeta meta/v1

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

.spec

object

ImageRegistrySpec defines the specs for the running registry.

.status

object

ImageRegistryStatus reports image registry operational status.

.spec
Description

ImageRegistrySpec defines the specs for the running registry.

Type

object

Required
  • logging

  • managementState

  • replicas

Property Type Description

defaultRoute

boolean

defaultRoute indicates whether an external facing route for the registry should be created using the default generated hostname.

disableRedirect

boolean

disableRedirect controls whether to route all data through the Registry, rather than redirecting to the backend.

httpSecret

string

httpSecret is the value needed by the registry to secure uploads, generated by default.

logging

integer

logging determines the level of logging enabled in the registry.

managementState

string

managementState indicates whether the registry instance represented by this config instance is under operator management or not. Valid values are Managed, Unmanaged, and Removed.

nodeSelector

object (string)

nodeSelector defines the node selection constraints for the registry pod.

proxy

object

proxy defines the proxy to be used when calling master api, upstream registries, etc.

readOnly

boolean

readOnly indicates whether the registry instance should reject attempts to push new images or delete existing ones.

replicas

integer

replicas determines the number of registry instances to run.

requests

object

requests controls how many parallel requests a given registry instance will handle before queuing additional requests.

resources

object

resources defines the resource requests+limits for the registry pod.

rolloutStrategy

string

rolloutStrategy defines rollout strategy for the image registry deployment.

routes

array

routes defines additional external facing routes which should be created for the registry.

routes[]

object

ImageRegistryConfigRoute holds information on external route access to image registry.

storage

object

storage details for configuring registry storage, e.g. S3 bucket coordinates.

tolerations

array

tolerations defines the tolerations for the registry pod.

tolerations[]

object

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

.spec.proxy
Description

proxy defines the proxy to be used when calling master api, upstream registries, etc.

Type

object

Property Type Description

http

string

http defines the proxy to be used by the image registry when accessing HTTP endpoints.

https

string

https defines the proxy to be used by the image registry when accessing HTTPS endpoints.

noProxy

string

noProxy defines a comma-separated list of host names that shouldn’t go through any proxy.

.spec.requests
Description

requests controls how many parallel requests a given registry instance will handle before queuing additional requests.

Type

object

Property Type Description

read

object

read defines limits for image registry’s reads.

write

object

write defines limits for image registry’s writes.

.spec.requests.read
Description

read defines limits for image registry's reads.

Type

object

Property Type Description

maxInQueue

integer

maxInQueue sets the maximum queued api requests to the registry.

maxRunning

integer

maxRunning sets the maximum in flight api requests to the registry.

maxWaitInQueue

string

maxWaitInQueue sets the maximum time a request can wait in the queue before being rejected.

.spec.requests.write
Description

write defines limits for image registry's writes.

Type

object

Property Type Description

maxInQueue

integer

maxInQueue sets the maximum queued api requests to the registry.

maxRunning

integer

maxRunning sets the maximum in flight api requests to the registry.

maxWaitInQueue

string

maxWaitInQueue sets the maximum time a request can wait in the queue before being rejected.

.spec.resources
Description

resources defines the resource requests+limits for the registry pod.

Type

object

Property Type Description

limits

object (string)

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

requests

object (string)

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

.spec.routes
Description

routes defines additional external facing routes which should be created for the registry.

Type

array

.spec.routes[]
Description

ImageRegistryConfigRoute holds information on external route access to image registry.

Type

object

Required
  • name

Property Type Description

hostname

string

hostname for the route.

name

string

name of the route to be created.

secretName

string

secretName points to secret containing the certificates to be used by the route.

.spec.storage
Description

storage details for configuring registry storage, e.g. S3 bucket coordinates.

Type

object

Property Type Description

azure

object

azure represents configuration that uses Azure Blob Storage.

emptyDir

object

emptyDir represents ephemeral storage on the pod’s host node. WARNING: this storage cannot be used with more than 1 replica and is not suitable for production use. When the pod is removed from a node for any reason, the data in the emptyDir is deleted forever.

gcs

object

gcs represents configuration that uses Google Cloud Storage.

pvc

object

pvc represents configuration that uses a PersistentVolumeClaim.

s3

object

s3 represents configuration that uses Amazon Simple Storage Service.

swift

object

swift represents configuration that uses OpenStack Object Storage.

.spec.storage.azure
Description

azure represents configuration that uses Azure Blob Storage.

Type

object

Property Type Description

accountName

string

accountName defines the account to be used by the registry.

container

string

container defines Azure’s container to be used by registry.

.spec.storage.emptyDir
Description

emptyDir represents ephemeral storage on the pod's host node. WARNING: this storage cannot be used with more than 1 replica and is not suitable for production use. When the pod is removed from a node for any reason, the data in the emptyDir is deleted forever.

Type

object

.spec.storage.gcs
Description

gcs represents configuration that uses Google Cloud Storage.

Type

object

Property Type Description

bucket

string

bucket is the bucket name in which you want to store the registry’s data. Optional, will be generated if not provided.

keyID

string

keyID is the KMS key ID to use for encryption. Optional, buckets are encrypted by default on GCP. This allows for the use of a custom encryption key.

projectID

string

projectID is the Project ID of the GCP project that this bucket should be associated with.

region

string

region is the GCS location in which your bucket exists. Optional, will be set based on the installed GCS Region.

.spec.storage.pvc
Description

pvc represents configuration that uses a PersistentVolumeClaim.

Type

object

Property Type Description

claim

string

claim defines the Persisent Volume Claim’s name to be used.

.spec.storage.s3
Description

s3 represents configuration that uses Amazon Simple Storage Service.

Type

object

Property Type Description

bucket

string

bucket is the bucket name in which you want to store the registry’s data. Optional, will be generated if not provided.

cloudFront

object

cloudFront configures Amazon Cloudfront as the storage middleware in a registry.

encrypt

boolean

encrypt specifies whether the registry stores the image in encrypted format or not. Optional, defaults to false.

keyID

string

keyID is the KMS key ID to use for encryption. Optional, Encrypt must be true, or this parameter is ignored.

region

string

region is the AWS region in which your bucket exists. Optional, will be set based on the installed AWS Region.

regionEndpoint

string

regionEndpoint is the endpoint for S3 compatible storage services. Optional, defaults based on the Region that is provided.

.spec.storage.s3.cloudFront
Description

cloudFront configures Amazon Cloudfront as the storage middleware in a registry.

Type

object

Required
  • baseURL

  • keypairID

  • privateKey

Property Type Description

baseURL

string

baseURL contains the SCHEME://HOST[/PATH] at which Cloudfront is served.

duration

string

duration is the duration of the Cloudfront session.

keypairID

string

keypairID is key pair ID provided by AWS.

privateKey

object

privateKey points to secret containing the private key, provided by AWS.

.spec.storage.s3.cloudFront.privateKey
Description

privateKey points to secret containing the private key, provided by AWS.

Type

object

Required
  • key

Property Type Description

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

optional

boolean

Specify whether the Secret or its key must be defined

.spec.storage.swift
Description

swift represents configuration that uses OpenStack Object Storage.

Type

object

Property Type Description

authURL

string

authURL defines the URL for obtaining an authentication token.

authVersion

string

authVersion specifies the OpenStack Auth’s version.

container

string

container defines the name of Swift container where to store the registry’s data.

domain

string

domain specifies Openstack’s domain name for Identity v3 API.

domainID

string

domainID specifies Openstack’s domain id for Identity v3 API.

regionName

string

regionName defines Openstack’s region in which container exists.

tenant

string

tenant defines Openstack tenant name to be used by registry.

tenantID

string

tenant defines Openstack tenant id to be used by registry.

.spec.tolerations
Description

tolerations defines the tolerations for the registry pod.

Type

array

.spec.tolerations[]
Description

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Type

object

Property Type Description

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

.status
Description

ImageRegistryStatus reports image registry operational status.

Type

object

Required
  • storage

  • storageManaged

Property Type Description

conditions

array

conditions is a list of conditions and their status

conditions[]

object

OperatorCondition is just the standard condition fields.

generations

array

generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.

generations[]

object

GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made.

observedGeneration

integer

observedGeneration is the last generation change you’ve dealt with

readyReplicas

integer

readyReplicas indicates how many replicas are ready and at the desired state

storage

object

storage indicates the current applied storage configuration of the registry.

storageManaged

boolean

storageManaged is a boolean which denotes whether or not we created the registry storage medium (such as an S3 bucket).

version

string

version is the level this availability applies to

.status.conditions
Description

conditions is a list of conditions and their status

Type

array

.status.conditions[]
Description

OperatorCondition is just the standard condition fields.

Type

object

Property Type Description

lastTransitionTime

string

message

string

reason

string

status

string

type

string

.status.generations
Description

generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.

Type

array

.status.generations[]
Description

GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made.

Type

object

Property Type Description

group

string

group is the group of the thing you’re tracking

hash

string

hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps

lastGeneration

integer

lastGeneration is the last generation of the workload controller involved

name

string

name is the name of the thing you’re tracking

namespace

string

namespace is where the thing you’re tracking is

resource

string

resource is the resource type of the thing you’re tracking

.status.storage
Description

storage indicates the current applied storage configuration of the registry.

Type

object

Property Type Description

azure

object

azure represents configuration that uses Azure Blob Storage.

emptyDir

object

emptyDir represents ephemeral storage on the pod’s host node. WARNING: this storage cannot be used with more than 1 replica and is not suitable for production use. When the pod is removed from a node for any reason, the data in the emptyDir is deleted forever.

gcs

object

gcs represents configuration that uses Google Cloud Storage.

pvc

object

pvc represents configuration that uses a PersistentVolumeClaim.

s3

object

s3 represents configuration that uses Amazon Simple Storage Service.

swift

object

swift represents configuration that uses OpenStack Object Storage.

.status.storage.azure
Description

azure represents configuration that uses Azure Blob Storage.

Type

object

Property Type Description

accountName

string

accountName defines the account to be used by the registry.

container

string

container defines Azure’s container to be used by registry.

.status.storage.emptyDir
Description

emptyDir represents ephemeral storage on the pod's host node. WARNING: this storage cannot be used with more than 1 replica and is not suitable for production use. When the pod is removed from a node for any reason, the data in the emptyDir is deleted forever.

Type

object

.status.storage.gcs
Description

gcs represents configuration that uses Google Cloud Storage.

Type

object

Property Type Description

bucket

string

bucket is the bucket name in which you want to store the registry’s data. Optional, will be generated if not provided.

keyID

string

keyID is the KMS key ID to use for encryption. Optional, buckets are encrypted by default on GCP. This allows for the use of a custom encryption key.

projectID

string

projectID is the Project ID of the GCP project that this bucket should be associated with.

region

string

region is the GCS location in which your bucket exists. Optional, will be set based on the installed GCS Region.

.status.storage.pvc
Description

pvc represents configuration that uses a PersistentVolumeClaim.

Type

object

Property Type Description

claim

string

claim defines the Persisent Volume Claim’s name to be used.

.status.storage.s3
Description

s3 represents configuration that uses Amazon Simple Storage Service.

Type

object

Property Type Description

bucket

string

bucket is the bucket name in which you want to store the registry’s data. Optional, will be generated if not provided.

cloudFront

object

cloudFront configures Amazon Cloudfront as the storage middleware in a registry.

encrypt

boolean

encrypt specifies whether the registry stores the image in encrypted format or not. Optional, defaults to false.

keyID

string

keyID is the KMS key ID to use for encryption. Optional, Encrypt must be true, or this parameter is ignored.

region

string

region is the AWS region in which your bucket exists. Optional, will be set based on the installed AWS Region.

regionEndpoint

string

regionEndpoint is the endpoint for S3 compatible storage services. Optional, defaults based on the Region that is provided.

.status.storage.s3.cloudFront
Description

cloudFront configures Amazon Cloudfront as the storage middleware in a registry.

Type

object

Required
  • baseURL

  • keypairID

  • privateKey

Property Type Description

baseURL

string

baseURL contains the SCHEME://HOST[/PATH] at which Cloudfront is served.

duration

string

duration is the duration of the Cloudfront session.

keypairID

string

keypairID is key pair ID provided by AWS.

privateKey

object

privateKey points to secret containing the private key, provided by AWS.

.status.storage.s3.cloudFront.privateKey
Description

privateKey points to secret containing the private key, provided by AWS.

Type

object

Required
  • key

Property Type Description

key

string

The key of the secret to select from. Must be a valid secret key.

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

optional

boolean

Specify whether the Secret or its key must be defined

.status.storage.swift
Description

swift represents configuration that uses OpenStack Object Storage.

Type

object

Property Type Description

authURL

string

authURL defines the URL for obtaining an authentication token.

authVersion

string

authVersion specifies the OpenStack Auth’s version.

container

string

container defines the name of Swift container where to store the registry’s data.

domain

string

domain specifies Openstack’s domain name for Identity v3 API.

domainID

string

domainID specifies Openstack’s domain id for Identity v3 API.

regionName

string

regionName defines Openstack’s region in which container exists.

tenant

string

tenant defines Openstack tenant name to be used by registry.

tenantID

string

tenant defines Openstack tenant id to be used by registry.