Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 9. Updating the Registry with Red Hat Openshift Container Storage as the Storage Back-end

OpenShift Container Platform provides an integrated registry with storage using an NFS-backed persistent volume that is automatically setup. Red Hat Openshift Container Storage allows you to replace this with a Gluster persistent volume for registry storage. This provides increased reliability, scalability and failover.

For additional information about OpenShift Container Platform and the docker-registry, see https://access.redhat.com/documentation/en-us/openshift_container_platform/3.11/html/configuring_clusters/setting-up-the-registry.

9.1. Validating the Openshift Container Platform Registry Deployment
Link kopieren

To verify that the registry is properly deployed, execute the following commands:

  1. On the master or client, execute the following command to login as the cluster admin user: 

    # oc login
    Copy to Clipboard Toggle word wrap

    For example: 

    # oc login

Authentication required for https://master.example.com:8443 (openshift)
Username: <cluster-admin-user>
Password: <password>
Login successful.

You have access to the following projects and can switch between them with 'oc project <projectname>':

  * default
    management-infra
    openshift
    openshift-infra

Using project "default".
    Copy to Clipboard Toggle word wrap

    If you are not automatically logged into project default, then switch to it by executing the following command: 

    # oc project default
    Copy to Clipboard Toggle word wrap

  2. To verify that the pod is created, execute the following command: 

    # oc get pods
    Copy to Clipboard Toggle word wrap

    For example: 

    # oc get pods
NAME                       READY     STATUS    RESTARTS   AGE
docker-registry-2-mbu0u    1/1       Running   4          6d
docker-registry-2-spw0o    1/1       Running   3          6d
registry-console-1-rblwo   1/1       Running   3          6d
    Copy to Clipboard Toggle word wrap

  3. To verify that the endpoints are created, execute the following command: 

    # oc get endpoints
    Copy to Clipboard Toggle word wrap

    For example: 

    # oc get endpoints
NAME               ENDPOINTS                                                                  AGE
docker-registry    10.128.0.15:5000,10.129.0.9:5000                                           7d
kubernetes         192.168.234.143:8443,192.168.234.143:8053,192.168.234.143:8053             7d
registry-console   10.128.0.17:9090                                                           7d
router             192.168.234.144:443,192.168.234.145:443,192.168.234.144:1936 + 3 more...   7d
    Copy to Clipboard Toggle word wrap

  4. To verify that the persistent volume is created, execute the following command: 

    # oc get pv
NAME   CAPACITY   ACCESSMODES   RECLAIMPOLICY   STATUS      CLAIM  REASON    AGE
registry-volume           5Gi        RWX           Retain          Bound       default/registry-claim             7d
    Copy to Clipboard Toggle word wrap

  5. To obtain the details of the persistent volume that was created for the NFS registry, execute the following command: 

    # oc describe pv registry-volume
Name:        registry-volume
Labels:        <none>
StorageClass:
Status:        Bound
Claim:        default/registry-claim
Reclaim Policy:    Retain
Access Modes:    RWX
Capacity:    5Gi
Message:
Source:
    Type:    NFS (an NFS mount that lasts the lifetime of a pod)
    Server:    cns30.rh73
    Path:    /exports/registry
    ReadOnly:    false
No events.
    Copy to Clipboard Toggle word wrap

This section provides the steps to create a Red Hat Gluster Storage volume and use it to provide storage for the integrated registry.

Setting up a Red Hat Gluster Storage Persistent Volume

Execute the following commands to create a Red Hat Gluster Storage volume to store the registry data and create a persistent volume.

Note

The commands must be executed in the default project.

  1. Login to the default project: 

    # oc project default
    Copy to Clipboard Toggle word wrap

    For example: 

    # oc project default
Now using project "default" on server "https://cns30.rh73:8443"
    Copy to Clipboard Toggle word wrap

  2. Execute the following command to create the gluster-registry-endpoints.yaml file: 

     oc get endpoints <heketi-db-storage-endpoint-name> -o yaml --namespace=<project-name> >  gluster-registry-endpoints.yaml
    Copy to Clipboard Toggle word wrap
    Note

    You must create an endpoint for each project from which you want to utilize the Red Hat Gluster Storage registry. Hence, you will have a service and an endpoint in both the default project and the new project (storage-project) created in earlier steps.

  3. Edit the gluster-registry-endpoints.yaml file. Change the name to gluster-registry-endpoints and remove all the other metadata, leaving everything else the same. 

    # cat gluster-registry-endpoints.yaml
apiVersion: v1
kind: Endpoints
metadata:
  name: gluster-registry-endpoints
subsets:
  - addresses:
      - ip: 192.168.124.114
      - ip: 192.168.124.52
      - ip: 192.168.124.83
    ports:
      - port: 1
protocol: TCP
    Copy to Clipboard Toggle word wrap

  4. Execute the following command to create the endpoint: 

    # oc create -f gluster-registry-endpoints.yaml
endpoints "gluster-registry-endpoints" created
    Copy to Clipboard Toggle word wrap

  5. To verify the creation of the endpoint, execute the following command: 

    # oc get endpoints
NAME                       ENDPOINTS                                                                 AGE
docker-registry            10.129.0.8:5000,10.130.0.5:5000                                           28d
gluster-registry-endpoints  192.168.124.114:1,192.168.124.52:1,192.168.124.83:1                       10s
kubernetes                 192.168.124.250:8443,192.168.124.250:8053,192.168.124.250:8053            28d
registry-console           10.131.0.6:9090                                                           28d
router                     192.168.124.114:443,192.168.124.83:443,192.168.124.114:1936 + 3 more...   28d
    Copy to Clipboard Toggle word wrap

  6. Execute the following command to create the gluster-registry-service.yaml file: 

     oc get services <heketi-storage-endpoint-name> -o yaml --namespace=<project-name> >  gluster-registry-service.yaml
    Copy to Clipboard Toggle word wrap

  7. Edit the gluster-registry-service.yaml file. Change the name to gluster-registry-service and remove all the other metadata. Also, remove the specific cluster IP addresses: 

    # cat gluster-registry-service.yaml
apiVersion: v1
kind: Service
metadata:
  name: gluster-registry-service
spec:
  ports:
    - port: 1
      protocol: TCP
      targetPort: 1
  sessionAffinity: None
  type: ClusterIP
status:
loadBalancer: {}
    Copy to Clipboard Toggle word wrap

  8. Execute the following command to create the service: 

    # oc create -f gluster-registry-service.yaml
services "gluster-registry-service" created
    Copy to Clipboard Toggle word wrap

  9. Execute the following command to verify if the service are running: 

    # oc get services
NAME                       CLUSTER-IP       EXTERNAL-IP   PORT(S)                   AGE
docker-registry            172.30.197.118   <none>        5000/TCP                  28d
gluster-registry-service   172.30.0.183     <none>        1/TCP                     6s
kubernetes                 172.30.0.1       <none>        443/TCP,53/UDP,53/TCP     29d
registry-console           172.30.146.178   <none>        9000/TCP                  28d
router                     172.30.232.238   <none>        80/TCP,443/TCP,1936/TCP   28d
    Copy to Clipboard Toggle word wrap

  10. Execute the following command to obtain the fsGroup GID of the existing docker-registry pods: 

    # export GID=$(oc get po --selector="docker-registry=default" -o go-template --template='{{printf "%.0f" ((index .items 0).spec.securityContext.fsGroup)}}')
    Copy to Clipboard Toggle word wrap

  11. Execute the following command to create a volume 

    # heketi-cli volume create --size=5 --name=gluster-registry-volume --gid=${GID}
    Copy to Clipboard Toggle word wrap

  12. Create the persistent volume file for the Red Hat Gluster Storage volume: 

    # cat gluster-registry-volume.yaml
kind: PersistentVolume
apiVersion: v1
metadata:
  name: gluster-registry-volume
  labels:
    glusterfs: registry-volume
spec:
  capacity:
    storage: 5Gi
  glusterfs:
    endpoints: gluster-registry-endpoints
    path: gluster-registry-volume
  accessModes:
    - ReadWriteMany
persistentVolumeReclaimPolicy: Retain
    Copy to Clipboard Toggle word wrap

  13. Execute the following command to create the persistent volume: 

    # oc create -f gluster-registry-volume.yaml
    Copy to Clipboard Toggle word wrap

  14. Execute the following command to verify and get the details of the created persistent volume: 

    # oc get pv/gluster-registry-volume
NAME                      CAPACITY   ACCESSMODES   RECLAIMPOLICY   STATUS      CLAIM     REASON    AGE
gluster-registry-volume   5Gi        RWX           Retain          Available                       21m
    Copy to Clipboard Toggle word wrap

  15. Create a new persistent volume claim. Following is a sample Persistent Volume Claim that will be used to replace the existing registry-storage volume claim. 

    # cat gluster-registry-claim.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gluster-registry-claim
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 5Gi
  selector:
    matchLabels:
glusterfs: registry-volume
    Copy to Clipboard Toggle word wrap

  16. Create the persistent volume claim by executing the following command: 

    # oc create -f gluster-registry-claim.yaml
    Copy to Clipboard Toggle word wrap

    For example: 

    # oc create -f gluster-registry-claim.yaml
persistentvolumeclaim "gluster-registry-claim" created
    Copy to Clipboard Toggle word wrap

  17. Execute the following command to verify if the claim is bound: 

    # oc get pvc/gluster-registry-claim
    Copy to Clipboard Toggle word wrap

    For example: 

    # oc get pvc/gluster-registry-claim
NAME                     STATUS    VOLUME                    CAPACITY   ACCESSMODES   AGE
gluster-registry-claim   Bound     gluster-registry-volume   5Gi        RWX           22s
    Copy to Clipboard Toggle word wrap

  18. Make the registry read-only by executing the following command: 

    # oc set env -n default dc/docker-registry 'REGISTRY_STORAGE_MAINTENANCE_READONLY={"enabled":true}'
    Copy to Clipboard Toggle word wrap

    To confirm the value is set to readonly, execute the following command: 

    # oc set env -n default dc/docker-registry --list
    Copy to Clipboard Toggle word wrap

  19. If you want to migrate the data from the old registry to the Red Hat Gluster Storage registry, then execute the following commands:

    Note

    These steps are optional.

    1. Add the Red Hat Gluster Storage registry to the old registry deployment configuration (dc) by executing the following command: 

      # oc set volume dc/docker-registry --add --name=gluster-registry-storage -m /gluster-registry -t pvc --claim-name=gluster-registry-claim
      Copy to Clipboard Toggle word wrap

    2. Save the Registry pod name by executing the following command: 

      # export REGISTRY_POD=$(oc get po --selector="docker-registry=default" -o go-template --template='{{printf "%s" ((index .items 0).metadata.name)}}')
      Copy to Clipboard Toggle word wrap

    3. Copy the data from the old registry directory to the Red Hat Gluster Storage registry directory by executing the following command: 

      # oc rsh -T $REGISTRY_POD cp -aTv /registry/ /gluster-registry/
      Copy to Clipboard Toggle word wrap

    4. Remove the Red Hat Gluster Storage registry from the old dc registry by executing the following command: 

      # oc volume dc/docker-registry --remove --name=gluster-registry-storage
      Copy to Clipboard Toggle word wrap

  20. Replace the existing registry-storage volume with the new gluster-registry-claim PVC: 

    # oc set volume dc/docker-registry --add --name=registry-storage -t pvc --claim-name=gluster-registry-claim --overwrite
    Copy to Clipboard Toggle word wrap

  21. Make the registry read write by executing the following command: 

    # oc set env dc/docker-registry REGISTRY_STORAGE_MAINTENANCE_READONLY-
    Copy to Clipboard Toggle word wrap

    To validate if the setting is set to read write, execute the following command: 

    # oc set env -n default dc/docker-registry --list
    Copy to Clipboard Toggle word wrap

For more information about accessing the registry, see https://access.redhat.com/documentation/en-us/openshift_container_platform/3.11/html/configuring_clusters/setting-up-the-registry#install-config-registry-accessing.

Nach oben
Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2025 Red Hat