Open in app

Sign in

Write

Sign in

Mirror Registry for a Disconnected Installation

Almog Elfassy
4 min readSep 19, 2022

--

Introduction

Before deployment of a k8s or OpenShift cluster in a disconnected environment you need to break the loop between k8s/OpenShift and container registries.

Let’s create a local registry built on Red Hat Quay technology that will provide the required images for the disconnected installation by mirror-registry.

References

Red Hat Ecosystem Catalog

We're the world's leading provider of enterprise open source solutions, using a community-powered approach to deliver…

catalog.redhat.com

Chapter 3. Mirroring images for a disconnected installation OpenShift Container Platform 4.9 | Red…

Access Red Hat's knowledge, guidance, and support through your subscription.

access.redhat.com

Prerequisites

Deploy Red Hat Quay registry

First extract the mirror registry tar file

tar -xzf mirror-registry.tar.gz

Deploy the registry on the node with a simple command

./mirror-registry install --quayHostname < aelfassyRegistry >

The deployment will be done in a few minutes, and the port, password, and user will show.

Let’s check our Red Hat Quay registry

sudo podman ps
curl https://<aelfassyRegistry>:<8443> -k -I

Use the user and password we saw earlier to access the registry

Our registry is prepared, now we can mirror images, whether it’s installation or operator images.

Mirror the installation images to the local registry

Login to the local registry using the username and password we saw earlier

Set the required environment variables

Export the the version of OpenShift Container Platform to install, such as 4.10.18.

OCP_RELEASE=<release_version>

Export the local registry name and host port

LOCAL_REGISTRY=’<registry_name>:<registry_port>’

Export the local repository name, specify the name of the repository to create in your registry, such as ocp4/openshift4

LOCAL_REPOSITORY=’<repository_name>’

Export the name of the repository to mirror (you must specify openshift-release-dev)

PRODUCT_REPO=’openshift-release-dev’

Export the path to your registry pull secret

LOCAL_SECRET_JSON=’<path_to_pull_secret>’

Export the release mirror (you must specify ocp-release)

RELEASE_NAME=”ocp-release”

Export the type of architecture for your server, such as x86_64

ARCHITECTURE=<server_architecture>

Mirror the images to the local registry

oc adm release mirror -a ${LOCAL_SECRET_JSON}  \
     --from=quay.io/${PRODUCT_REPO}/${RELEASE_NAME}:${OCP_RELEASE}-${ARCHITECTURE} \
     --to=${LOCAL_REGISTRY}/${LOCAL_REPOSITORY} \
     --to-release-image=${LOCAL_REGISTRY}/${LOCAL_REPOSITORY}:${OCP_RELEASE}-${ARCHITECTURE}

The mirroring process will begin

The mirroring will be done in a few minutes, Record the entire imageContentSources section from the output. The information about your mirrors is unique to your mirrored repository, and you must add the imageContentSources section to the install-config.yaml file during installation.

Let’s check our Red Hat Quay registry

As we can see that a repository was created for us according to the name we defined in the previous step

View the images by navigating to the repository tags

Once the registry is no longer required or used, it can be removed with one command

./mirror-registry uninstall

Verify that the registry has been deleted

sudo podman ps
curl https://<aelfassyRegistry>:<8443> -k -I

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

--

--

Almog Elfassy
Almog Elfassy

Written by Almog Elfassy

47 Followers
4 Following

Sr. AI & MLOps Solutions Architect, Global at NVIDIA |Ex-Redhat |CCIE #63990

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech