Description of problem:
Recently, we need to use the private registry(especially on GCE cluster). But, the ASB does not support that at present.
So, I think the ASB should support the private registry for users.
Version-Release number of selected component (if applicable):
The ASB version: 1.1.16
Steps to Reproduce:
1, Config the ASB with a private registry. For example(I couldn't find a suitable type now),
- type: xxx
Got below erros as expect:
[2018-03-21T06:18:28.749Z] [DEBUG] - Using registry.reg-aws.openshift.com:443 to source APB images using query:"*-apb"
[2018-03-21T06:18:28.749Z] [ERROR] - unable to retrieve image names for registry rh - Get registry.reg-aws.openshift.com:443/v1/search?q="*-apb": unsupported protocol scheme "registry.reg-aws.openshift.com"
[2018-03-21T06:18:28.749Z] [WARNING] - registry: 0x14c6fc0 was unable to complete bootstrap - Get registry.reg-aws.openshift.com:443/v1/search?q="*-apb": unsupported protocol scheme "registry.reg-aws.openshift.com"
The ASB can support the private registry well.
The main issue is that openshift registry implementation does not support the Catalog API in docker registry v2. Without this we are limited in the functionality we can obtain discovering APBs.
There is a trello card on dev-exp to implement catalog api here:
BZ is tracked here:
Assuming that catalog api is not available, we do have a workaround with current Broker code. We need to explicitly list the APB images we want the registry adapter to support in the config entry.
Documentation is here showing how this works:
Please try the documentation out and see if this is sufficient for your immediate needs. If this works for you I would recommend we close this BZ.
I can clear something up here. The `openshift` registry currently only connects to the ISV registry (registry.connect.redhat.com). I am working on a PR to fix https://bugzilla.redhat.com/show_bug.cgi?id=1558472 which I hope will also give improvements to this bug. I believe my PR should resolve both of these.
Thank you for your clarification! I also believe your PR can fix that `openshift` registry issue. But, I don't think it will work for this bug, because as you said, it only connects to the registry.connect.redhat.com.
For this [REF] bug, our expectation is that the ASB should support the user's private registry, which is configurable. Not limit it to the registry.connect.redhat.com.
Yes part of my PR is to remove the requirement on registry.connect.redhat.com. My PR will assume a generic openshift registry and retrieve the authentication redirect header to grab a bearer token. It will take the users configured URL and add /v2/ as a suffix to get the authentication header.
I *hope* that this will work for any registry that supports the v2 docker registry API, including any users private registry.
That's good! Thanks!
Can we use a trello card to trace this new requirement? or use existing card https://trello.com/c/NaNlxsPo
Sounds good, I will track testing of this registry in that card. Thanks!
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.