Chapter 2. Preparing Red Hat Enterprise Linux for a Red Hat Quay proof of concept deployment
Use the following procedures to configure Red Hat Enterprise Linux (RHEL) for a Red Hat Quay proof of concept deployment.
2.1. Install and register the RHEL server
Use the following procedure to configure the Red Hat Enterprise Linux (RHEL) server for a Red Hat Quay proof of concept deployment.
Procedure
- Install the latest RHEL 9 server. You can do a minimal, shell-access only install, or Server plus GUI if you want a desktop.
- Register and subscribe your RHEL server system as described in How to register and subscribe a RHEL system to the Red Hat Customer Portal using Red Hat Subscription-Manager
Enter the following commands to register your system and list available subscriptions. Choose an available RHEL server subscription, attach to its pool ID, and upgrade to the latest software:
# subscription-manager register --username=<user_name> --password=<password> # subscription-manager refresh # subscription-manager list --available # subscription-manager attach --pool=<pool_id> # yum update -y
2.2. Registry authentication
Use the following procedure to authenticate your registry for a Red Hat Quay proof of concept.
Procedure
Set up authentication to
registry.redhat.io
by following the Red Hat Container Registry Authentication procedure. Setting up authentication allows you to pull theQuay
container.NoteThis differs from earlier versions of Red Hat Quay, when the images were hosted on Quay.io.
Enter the following command to log in to the registry:
$ sudo podman login registry.redhat.io
You are prompted to enter your
username
andpassword
.
2.3. Firewall configuration
If you have a firewall running on your system, you might have to add rules that allow access to Red Hat Quay. Use the following procedure to configure your firewall for a proof of concept deployment.
Procedure
The commands required depend on the ports that you have mapped on your system, for example:
# firewall-cmd --permanent --add-port=80/tcp \ && firewall-cmd --permanent --add-port=443/tcp \ && firewall-cmd --permanent --add-port=5432/tcp \ && firewall-cmd --permanent --add-port=5433/tcp \ && firewall-cmd --permanent --add-port=6379/tcp \ && firewall-cmd --reload
2.4. IP addressing and naming services
There are several ways to configure the component containers in Red Hat Quay so that they can communicate with each other, for example:
- Using a naming service. If you want your deployment to survive container restarts, which typically result in changed IP addresses, you can implement a naming service. For example, the dnsname plugin is used to allow containers to resolve each other by name.
-
Using the host network. You can use the
podman run
command with the--net=host
option and then use container ports on the host when specifying the addresses in the configuration. This option is susceptible to port conflicts when two containers want to use the same port. This method is not recommended. - Configuring port mapping. You can use port mappings to expose ports on the host and then use these ports in combination with the host IP address or host name.
This document uses port mapping and assumes a static IP address for your host system.
Component | Port mapping | Address |
---|---|---|
Quay |
| http://quay-server.example.com |
Postgres for Quay |
| quay-server.example.com:5432 |
Redis |
| quay-server.example.com:6379 |
Postgres for Clair V4 |
| quay-server.example.com:5433 |
Clair V4 |
| http://quay-server.example.com:8081 |