CentOS Stream 9
Sponsored Link

OKD 4 : Configure Image Registry : NFS
2022/08/08
 
After building OKD 4 Cluster like this tutorials, Image Registry is not configured yet.
So Configure Image Registry to pull container images.
On this example, it shows to configure Image Registry which uses NFS.
OKD 4 Cluster is based on the environment like follows.
--------------+----------------+-----------------+--------------
              |10.0.0.25       |                 |10.0.0.24
+-------------+-------------+  |  +--------------+-------------+
|   [mgr.okd4.srv.world]    |  |  | [bootstrap.okd4.srv.world] |
|        Manager Node       |  |  |       Bootstrap Node       |
|           DNS             |  |  |                            |
|          Nginx            |  |  |                            |
+---------------------------+  |  +----------------------------+
                               |
--------------+----------------+-----------------+--------------
              |10.0.0.40       |                 |10.0.0.41
+-------------+-------------+  |  +--------------+-------------+
| [master-0.okd4.srv.world] |  |  |  [master-1.okd4.srv.world] |
|      Control Plane#1      |  |  |      Control Plane#2       | 
|                           |  |  |                            |
|                           |  |  |                            |
+---------------------------+  |  +----------------------------+
                               |
--------------+----------------+
              |10.0.0.42
+-------------+-------------+
| [master-2.okd4.srv.world] |
|      Control Plane#3      |
|                           |
|                           |
+---------------------------+

[1]
NFS server is required to be running on your local network, refer to here.
On this example, it uses [nfs.srv.world (10.0.0.35)] as an NFS Server.
[2] Configure NFS share setting on NFS Server.
# create a directory for share : any place you like

[root@nfs ~]#
mkdir /home/registry

[root@nfs ~]#
chmod 775 /home/registry

[root@nfs ~]#
vi /etc/exports
# set NFS share

/home/registry 10.0.0.0/24(rw,no_wdelay,no_root_squash,insecure,fsid=0)
[root@nfs ~]#
exportfs -ar

[3] On Manager Node, Configure Image Registry.
[root@mgr ~]#
oc get pods -n openshift-image-registry

NAME                                               READY   STATUS    RESTARTS   AGE
cluster-image-registry-operator-6754c97c5b-fgwjb   1/1     Running   3          23h
node-ca-h8lsg                                      1/1     Running   2          23h
node-ca-kj29h                                      1/1     Running   2          23h
node-ca-x7v4p                                      1/1     Running   2          23h

[root@mgr ~]#
oc patch configs.imageregistry.operator.openshift.io cluster --type merge --patch '{"spec":{"managementState":"Managed"}}'

config.imageregistry.operator.openshift.io/cluster patched
[root@mgr ~]#
vi registry-pv.yml
apiVersion: v1
kind: PersistentVolume
metadata:
  name: registry-pv
spec:
  capacity:
    storage: 100Gi
  accessModes:
    - ReadWriteOnce
    - ReadWriteMany
  persistentVolumeReclaimPolicy:
    Retain
  nfs:
    path: /home/registry
    server: 10.0.0.35
    readOnly: false

[root@mgr ~]#
oc apply -f registry-pv.yml

persistentvolume/registry-pv created
[root@mgr ~]#
oc get pv

NAME          CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM   STORAGECLASS   REASON   AGE
registry-pv   100Gi      RWO,RWX        Retain           Available                                   2s

[root@mgr ~]#
oc edit configs.imageregistry.operator.openshift.io
.....
.....
spec:
  httpSecret: 995b1118ab61a40dea98e6a3ced685ebfe43ed3870807dc941320aa191fefe6b499
5ec52cb5832c8d2310db5043c4701127384c7f59389091da9c9dfed28a1a7b
  logLevel: Normal
  managementState: Managed
  observedConfig: null
  operatorLogLevel: Normal
  proxy: {}
  replicas: 1
  requests:
    read:
      maxWaitInQueue: 0s
    write:
      maxWaitInQueue: 0s
  rolloutStrategy: RollingUpdate
  # line 29 : change like follows
  storage:
    pvc:
      claim:
.....
.....

# after some minutes later, [image-registry] pod starts

[root@mgr ~]#
oc get pods -n openshift-image-registry

NAME                                               READY   STATUS    RESTARTS   AGE
cluster-image-registry-operator-6754c97c5b-k7gjg   1/1     Running   1          119m
image-registry-c8664dbcd-wlzp7                     1/1     Running   0          49s
node-ca-ccvkb                                      1/1     Running   0          63m
node-ca-nv8ws                                      1/1     Running   0          83m
node-ca-rf8l7                                      1/1     Running   0          83m

[root@mgr ~]#
oc get pvc -n openshift-image-registry

NAME                     STATUS   VOLUME        CAPACITY   ACCESS MODES   STORAGECLASS   AGE
image-registry-storage   Bound    registry-pv   100Gi      RWO,RWX                       8m32s
[4] Projects and other user resources are saved under the directory like follows.
[root@nfs ~]#
ll /home/registry/docker/registry/v2/repositories/

total 0
drwxr-xr-x. 3 1000340000 root 18 Aug  8 16:17 openshift
drwxr-xr-x. 3 1000340000 root 38 Aug  8 16:21 test-project

[root@nfs ~]#
ll /home/registry/docker/registry/v2/repositories/test-project

total 0
drwxr-xr-x. 5 1000340000 root 55 Aug  8 16:22 rails-postgresql-example
Matched Content