Enabling the OpenShift internal image registry

The Image Registry Operator installs a single instance of the OpenShift Container Platform registry, and manages all registry configuration, including setting up registry storage. Storage is only automatically configured when you install an installer-provisioned infrastructure cluster on AWS, GCP, and Azure, and thus you can use the internal image registry directly. But for bare metal and vSphere OpenShift clusters, you must manually enable the OpenShift internal image registry so that it will be used by Maximo® Application Suite and applications.

You can enable the OpenShift internal image registry either by using the NFS Storage in your Bastion Server, or by using the existing OpenShift Container Storage.

Enabling the OpenShift internal image registry by using the NFS Storage in your Bastion Server

If you have an NFS server setup in your Bastion server, you can run the following steps in the bastion server and use an NFS file system for the internal image registry.

Procedure

  1. Create a folder to serve as the NFS Storage.
    
    mkdir /didk1/nfs/image-registry&& chmod 777 /disk1/nfs/image-registry/
    
  2. Modify /etc/exports and add the following line to export the folder to all worker/master nodes in the same subnet.
    
    /disk1/nfs/image-registry10.176.245.0/24(rw,no_subtree_check,sync,no_wdelay,insecure,no_root_squash)
    
  3. Restart the nfs to get the NFS folder take effect.
    
    systemctl restart nfs-server
    
  4. Create the image-storage.yaml file to create the PV and PVC manually with the NFS folder.
    
    ---
    apiVersion: v1
    kind: PersistentVolume
    metadata:
      name: image-registry-pv
    spec:
      capacity:
        storage: 500Gi
      claimRef:
        apiVersion: v1
        kind: PersistentVolumeClaim
        name: image-registry-storage
        namespace: openshift-image-registry
      accessModes:
      - ReadWriteMany
      nfs:
        path: /disk1/nfs/image-registry
        server: 10.176.245.2
      persistentVolumeReclaimPolicy: Retain
    ---
    apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      finalizers:
      - kubernetes.io/pvc-protection
      name: image-registry-storage
      namespace: openshift-image-registry
    spec:
      accessModes:
      - ReadWriteMany
      resources:
        requests:
          storage: 500Gi
    
  5. Apply the PV and PVC to OCP cluster.
    
    oc apply -f image-storage.yaml
    
  6. Update the Registry CR spec with the following command.
    
    oc edit configs.imageregistry.operator.openshift.io -n openshift-image-registry
    
  7. Change spec.managementState from Removed to Managed.
  8. Change spec.storage from {} to:
    
    spec:
        managementState: Managed
    storage:
          pvc:
            claim: image-registry-storage
    
  9. Save and quit.
  10. Check that the image registry is available.
    
    oc get co image-registry
    
  11. Enable the external route.
    
    oc -n openshift-image-registry patch configs.imageregistry.operator.openshift.io/cluster 
     --patch '{"spec":{"defaultRoute":true}}' --type=merge
    

Enabling the OpenShift internal image registry by using the existing OpenShift Container Storage

If you already have Red Hat OpenShift Container Storage 4 running inside your Red Hat OpenShift Container Platform, you can run the following steps in the bastion server and use OCS storage for the internal image registry.

Procedure

  1. Create PVC for internal Registry use.
    
    oc project openshift-image-registry
    
    
    oc create -f <(echo '{
       "apiVersion": "v1",
       "kind": "PersistentVolumeClaim",
       "metadata": {
         "name": "image-registry-storage"
       },
       "spec": {
         "storageClassName": "ocs-storagecluster-cephfs",
         "accessModes": [ "ReadWriteMany" ],
         "resources": {
           "requests": { "storage": "500Gi"
         }
       }
     }
    }');
    
  2. Update the Registry CR spec with the following command:
    
    oc edit configs.imageregistry.operator.openshift.io -n openshift-image-registry
    
  3. Change spec.managementState from Removed to Managed.
  4. Change spec.storage from {} to:
    
    spec:
        managementState: Managed
    storage:
          pvc:
            claim: image-registry-storage
    
  5. Save and quit.
  6. Check that the image registry is available.
    
    oc get co image-registry
    
  7. Enable the external route.
    
    oc -n openshift-image-registry patch configs.imageregistry.operator.openshift.io/cluster 
     --patch '{"spec":{"defaultRoute":true}}' --type=merge