홈
제품
Red Hat Quay
3.14
Manage Red Hat Quay
Chapter 18. Migrating a standalone Red Hat Quay deployment to a Red Hat Quay Operator deployment

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 18. Migrating a standalone Red Hat Quay deployment to a Red Hat Quay Operator deployment

The following procedures allow you to back up a standalone Red Hat Quay deployment and migrate it to the Red Hat Quay Operator on OpenShift Container Platform.

18.1. Backing up a standalone deployment of Red Hat Quay
링크 복사

Procedure

Back up the config.yaml of your standalone Red Hat Quay deployment:

mkdir /tmp/quay-backup
cp /path/to/Quay/config/directory/config.yaml /tmp/quay-backup

$ mkdir /tmp/quay-backup
$ cp /path/to/Quay/config/directory/config.yaml /tmp/quay-backup

Copy to Clipboard

Toggle word wrap

Create a backup of the database that your standalone Red Hat Quay deployment is using:

pg_dump -h DB_HOST -p 5432 -d QUAY_DATABASE_NAME -U QUAY_DATABASE_USER -W -O > /tmp/quay-backup/quay-database-backup.sql

$ pg_dump -h DB_HOST -p 5432 -d QUAY_DATABASE_NAME -U QUAY_DATABASE_USER -W -O > /tmp/quay-backup/quay-database-backup.sql

Copy to Clipboard

Toggle word wrap

Install the AWS CLI if you do not have it already.
Create an ~/.aws/ directory:
```
mkdir ~/.aws/
```
```
$ mkdir ~/.aws/
```
Copy to Clipboard Toggle word wrap

Obtain the access_key and secret_key from the config.yaml of your standalone deployment:

grep -i DISTRIBUTED_STORAGE_CONFIG -A10 /tmp/quay-backup/config.yaml

$ grep -i DISTRIBUTED_STORAGE_CONFIG -A10 /tmp/quay-backup/config.yaml

Copy to Clipboard

Toggle word wrap

Example output:

DISTRIBUTED_STORAGE_CONFIG:
    minio-1:
        - RadosGWStorage
        - access_key: ##########
          bucket_name: quay
          hostname: 172.24.10.50
          is_secure: false
          port: "9000"
          secret_key: ##########
          storage_path: /datastorage/registry

DISTRIBUTED_STORAGE_CONFIG:
    minio-1:
        - RadosGWStorage
        - access_key: ##########
          bucket_name: quay
          hostname: 172.24.10.50
          is_secure: false
          port: "9000"
          secret_key: ##########
          storage_path: /datastorage/registry

Copy to Clipboard

Toggle word wrap

Store the access_key and secret_key from the config.yaml file in your ~/.aws directory:
```
touch ~/.aws/credentials
```
```
$ touch ~/.aws/credentials
```
Copy to Clipboard Toggle word wrap

Optional: Check that your access_key and secret_key are stored:

cat > ~/.aws/credentials << EOF
[default]
aws_access_key_id = ACCESS_KEY_FROM_QUAY_CONFIG
aws_secret_access_key = SECRET_KEY_FROM_QUAY_CONFIG
EOF

$ cat > ~/.aws/credentials << EOF
[default]
aws_access_key_id = ACCESS_KEY_FROM_QUAY_CONFIG
aws_secret_access_key = SECRET_KEY_FROM_QUAY_CONFIG
EOF

Copy to Clipboard

Toggle word wrap

Example output:

aws_access_key_id = ACCESS_KEY_FROM_QUAY_CONFIG
aws_secret_access_key = SECRET_KEY_FROM_QUAY_CONFIG

aws_access_key_id = ACCESS_KEY_FROM_QUAY_CONFIG
aws_secret_access_key = SECRET_KEY_FROM_QUAY_CONFIG

Copy to Clipboard

Toggle word wrap

Note

If the aws cli does not automatically collect the access_key and secret_key from the `~/.aws/credentials file, you can, you can configure these by running aws configure and manually inputting the credentials.

In your quay-backup directory, create a bucket_backup directory:
```
mkdir /tmp/quay-backup/bucket-backup
```
```
$ mkdir /tmp/quay-backup/bucket-backup
```
Copy to Clipboard Toggle word wrap
Backup all blobs from the S3 storage:
```
aws s3 sync --no-verify-ssl --endpoint-url https://PUBLIC_S3_ENDPOINT:PORT s3://QUAY_BUCKET/ /tmp/quay-backup/bucket-backup/
```
```
$ aws s3 sync --no-verify-ssl --endpoint-url https://PUBLIC_S3_ENDPOINT:PORT s3://QUAY_BUCKET/ /tmp/quay-backup/bucket-backup/
```
Copy to Clipboard Toggle word wrap
Note
The PUBLIC_S3_ENDPOINT can be read from the Red Hat Quay config.yaml file under hostname in the DISTRIBUTED_STORAGE_CONFIG. If the endpoint is insecure, use http instead of https in the endpoint URL.

Up to this point, you should have a complete backup of all Red Hat Quay data, blobs, the database, and the config.yaml file stored locally. In the following section, you will migrate the standalone deployment backup to Red Hat Quay on OpenShift Container Platform.

18.2. Using backed up standalone content to migrate to OpenShift Container Platform.
링크 복사

Prerequisites

Your standalone Red Hat Quay data, blobs, database, and config.yaml have been backed up.
Red Hat Quay is deployed on OpenShift Container Platform using the Red Hat Quay Operator.
A QuayRegistry with all components set to managed.

Procedure

The procedure in this documents uses the following namespace: quay-enterprise.

Scale down the Red Hat Quay Operator:

oc scale --replicas=0 deployment quay-operator.v3.6.2 -n openshift-operators

$ oc scale --replicas=0 deployment quay-operator.v3.6.2 -n openshift-operators

Copy to Clipboard

Toggle word wrap

Scale down the application and mirror deployments:

oc scale --replicas=0 deployment QUAY_MAIN_APP_DEPLOYMENT QUAY_MIRROR_DEPLOYMENT

$ oc scale --replicas=0 deployment QUAY_MAIN_APP_DEPLOYMENT QUAY_MIRROR_DEPLOYMENT

Copy to Clipboard

Toggle word wrap

Copy the database SQL backup to the Quay PostgreSQL database instance:

oc cp /tmp/user/quay-backup/quay-database-backup.sql quay-enterprise/quayregistry-quay-database-54956cdd54-p7b2w:/var/lib/pgsql/data/userdata

$ oc cp /tmp/user/quay-backup/quay-database-backup.sql quay-enterprise/quayregistry-quay-database-54956cdd54-p7b2w:/var/lib/pgsql/data/userdata

Copy to Clipboard

Toggle word wrap

Obtain the database password from the Operator-created config.yaml file:

oc get deployment quay-quay-app -o json | jq '.spec.template.spec.volumes[].projected.sources' | grep -i config-secret

$ oc get deployment quay-quay-app -o json | jq '.spec.template.spec.volumes[].projected.sources' | grep -i config-secret

Copy to Clipboard

Toggle word wrap

Example output:

      "name": "QUAY_CONFIG_SECRET_NAME"

      "name": "QUAY_CONFIG_SECRET_NAME"

Copy to Clipboard

Toggle word wrap

oc get secret quay-quay-config-secret-9t77hb84tb -o json | jq '.data."config.yaml"' | cut -d '"' -f2 | base64 -d -w0 > /tmp/quay-backup/operator-quay-config-yaml-backup.yaml

$ oc get secret quay-quay-config-secret-9t77hb84tb -o json | jq '.data."config.yaml"' | cut -d '"' -f2 | base64 -d -w0 > /tmp/quay-backup/operator-quay-config-yaml-backup.yaml

Copy to Clipboard

Toggle word wrap

cat /tmp/quay-backup/operator-quay-config-yaml-backup.yaml | grep -i DB_URI

cat /tmp/quay-backup/operator-quay-config-yaml-backup.yaml | grep -i DB_URI

Copy to Clipboard

Toggle word wrap

Example output:

postgresql://QUAY_DATABASE_OWNER:PASSWORD@DATABASE_HOST/QUAY_DATABASE_NAME

postgresql://QUAY_DATABASE_OWNER:PASSWORD@DATABASE_HOST/QUAY_DATABASE_NAME

Copy to Clipboard

Toggle word wrap

Execute a shell inside of the database pod:

oc exec -it quay-postgresql-database-pod -- /bin/bash

# oc exec -it quay-postgresql-database-pod -- /bin/bash

Copy to Clipboard

Toggle word wrap

Enter psql:
```
bash-4.4$ psql
```
```
bash-4.4$ psql
```
Copy to Clipboard Toggle word wrap

Drop the database:

postgres=# DROP DATABASE "example-restore-registry-quay-database";

postgres=# DROP DATABASE "example-restore-registry-quay-database";

Copy to Clipboard

Toggle word wrap

Example output:

DROP DATABASE

DROP DATABASE

Copy to Clipboard

Toggle word wrap

Create a new database and set the owner as the same name:

postgres=# CREATE DATABASE "example-restore-registry-quay-database" OWNER "example-restore-registry-quay-database";

postgres=# CREATE DATABASE "example-restore-registry-quay-database" OWNER "example-restore-registry-quay-database";

Copy to Clipboard

Toggle word wrap

Example output:

CREATE DATABASE

CREATE DATABASE

Copy to Clipboard

Toggle word wrap

Connect to the database:

postgres=# \c "example-restore-registry-quay-database";

postgres=# \c "example-restore-registry-quay-database";

Copy to Clipboard

Toggle word wrap

Example output:

You are now connected to database "example-restore-registry-quay-database" as user "postgres".

You are now connected to database "example-restore-registry-quay-database" as user "postgres".

Copy to Clipboard

Toggle word wrap

Create a pg_trmg extension of your Quay database:
```
example-restore-registry-quay-database=# create extension pg_trgm ;
```
```
example-restore-registry-quay-database=# create extension pg_trgm ;
```
Copy to Clipboard Toggle word wrap
Example output:
```
CREATE EXTENSION
```
```
CREATE EXTENSION
```
Copy to Clipboard Toggle word wrap
Exit the postgres CLI to re-enter bash-4.4:
```
\q
```
```
\q
```
Copy to Clipboard Toggle word wrap

Set the password for your PostgreSQL deployment:

bash-4.4$ psql -h localhost -d "QUAY_DATABASE_NAME" -U QUAY_DATABASE_OWNER -W < /var/lib/pgsql/data/userdata/quay-database-backup.sql

bash-4.4$ psql -h localhost -d "QUAY_DATABASE_NAME" -U QUAY_DATABASE_OWNER -W < /var/lib/pgsql/data/userdata/quay-database-backup.sql

Copy to Clipboard

Toggle word wrap

Example output:

SET
SET
SET
SET
SET

SET
SET
SET
SET
SET

Copy to Clipboard

Toggle word wrap

Exit bash mode:
```
bash-4.4$ exit
```
```
bash-4.4$ exit
```
Copy to Clipboard Toggle word wrap
Create a new configuration bundle for the Red Hat Quay Operator.
```
touch config-bundle.yaml
```
```
$ touch config-bundle.yaml
```
Copy to Clipboard Toggle word wrap
In your new config-bundle.yaml, include all of the information that the registry requires, such as LDAP configuration, keys, and other modifications that your old registry had. Run the following command to move the secret_key to your config-bundle.yaml:
```
cat /tmp/quay-backup/config.yaml | grep SECRET_KEY > /tmp/quay-backup/config-bundle.yaml
```
```
$ cat /tmp/quay-backup/config.yaml | grep SECRET_KEY > /tmp/quay-backup/config-bundle.yaml
```
Copy to Clipboard Toggle word wrap
Note
You must manually copy all the LDAP, OIDC and other information and add it to the /tmp/quay-backup/config-bundle.yaml file.

Create a configuration bundle secret inside of your OpenShift cluster:

oc create secret generic new-custom-config-bundle --from-file=config.yaml=/tmp/quay-backup/config-bundle.yaml

$ oc create secret generic new-custom-config-bundle --from-file=config.yaml=/tmp/quay-backup/config-bundle.yaml

Copy to Clipboard

Toggle word wrap

Scale up the Quay pods:

oc scale --replicas=1 deployment quayregistry-quay-app

$ oc scale --replicas=1 deployment quayregistry-quay-app
deployment.apps/quayregistry-quay-app scaled

Copy to Clipboard

Toggle word wrap

Scale up the mirror pods:

oc scale --replicas=1  deployment quayregistry-quay-mirror

$ oc scale --replicas=1  deployment quayregistry-quay-mirror
deployment.apps/quayregistry-quay-mirror scaled

Copy to Clipboard

Toggle word wrap

Patch the QuayRegistry CRD so that it contains the reference to the new custom configuration bundle:
```
oc patch quayregistry QUAY_REGISTRY_NAME --type=merge -p '{"spec":{"configBundleSecret":"new-custom-config-bundle"}}'
```
```
$ oc patch quayregistry QUAY_REGISTRY_NAME --type=merge -p '{"spec":{"configBundleSecret":"new-custom-config-bundle"}}'
```
Copy to Clipboard Toggle word wrap
Note
If Red Hat Quay returns a 500 internal server error, you might have to update the location of your DISTRIBUTED_STORAGE_CONFIG to default.

Create a new AWS credentials.yaml in your /.aws/ directory and include the access_key and secret_key from the Operator-created config.yaml file:

touch credentials.yaml

$ touch credentials.yaml

Copy to Clipboard

Toggle word wrap

grep -i DISTRIBUTED_STORAGE_CONFIG -A10 /tmp/quay-backup/operator-quay-config-yaml-backup.yaml

$ grep -i DISTRIBUTED_STORAGE_CONFIG -A10 /tmp/quay-backup/operator-quay-config-yaml-backup.yaml

Copy to Clipboard

Toggle word wrap

cat > ~/.aws/credentials << EOF
[default]
aws_access_key_id = ACCESS_KEY_FROM_QUAY_CONFIG
aws_secret_access_key = SECRET_KEY_FROM_QUAY_CONFIG
EOF

$ cat > ~/.aws/credentials << EOF
[default]
aws_access_key_id = ACCESS_KEY_FROM_QUAY_CONFIG
aws_secret_access_key = SECRET_KEY_FROM_QUAY_CONFIG
EOF

Copy to Clipboard

Toggle word wrap

Note

If the aws cli does not automatically collect the access_key and secret_key from the `~/.aws/credentials file, you can configure these by running aws configure and manually inputting the credentials.

Record the NooBaa’s publicly available endpoint:

oc get route s3 -n openshift-storage -o yaml -o jsonpath="{.spec.host}{'\n'}"

$ oc get route s3 -n openshift-storage -o yaml -o jsonpath="{.spec.host}{'\n'}"

Copy to Clipboard

Toggle word wrap

Sync the backup data to the NooBaa backend storage:

aws s3 sync --no-verify-ssl --endpoint-url https://NOOBAA_PUBLIC_S3_ROUTE /tmp/quay-backup/bucket-backup/* s3://QUAY_DATASTORE_BUCKET_NAME

$ aws s3 sync --no-verify-ssl --endpoint-url https://NOOBAA_PUBLIC_S3_ROUTE /tmp/quay-backup/bucket-backup/* s3://QUAY_DATASTORE_BUCKET_NAME

Copy to Clipboard

Toggle word wrap

Scale the Operator back up to 1 pod:

oc scale –replicas=1 deployment quay-operator.v3.6.4 -n openshift-operators

$ oc scale –replicas=1 deployment quay-operator.v3.6.4 -n openshift-operators

Copy to Clipboard

Toggle word wrap

The Operator uses the custom configuration bundle provided and reconciles all secrets and deployments. Your new Red Hat Quay deployment on OpenShift Container Platform should contain all of the information that the old deployment had. You should be able to pull all images.

맨 위로 이동

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 18. Migrating a standalone Red Hat Quay deployment to a Red Hat Quay Operator deployment

18.1. Backing up a standalone deployment of Red Hat Quay
링크 복사

18.2. Using backed up standalone content to migrate to OpenShift Container Platform.
링크 복사

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat 소개

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 18. Migrating a standalone Red Hat Quay deployment to a Red Hat Quay Operator deployment

18.1. Backing up a standalone deployment of Red Hat Quay링크 복사링크가 클립보드에 복사되었습니다!

18.2. Using backed up standalone content to migrate to OpenShift Container Platform.링크 복사링크가 클립보드에 복사되었습니다!

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat 소개

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

18.1. Backing up a standalone deployment of Red Hat Quay
링크 복사

18.2. Using backed up standalone content to migrate to OpenShift Container Platform.
링크 복사