Bug 1784208 - operator uses virtual hosted bucket addressing for custom region endpoints
Summary: operator uses virtual hosted bucket addressing for custom region endpoints
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Image Registry
Version: 4.1.z
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 4.4.0
Assignee: Oleg Bulatov
QA Contact: Wenjing Zheng
URL:
Whiteboard:
Depends On:
Blocks: 1815124
TreeView+ depends on / blocked
 
Reported: 2019-12-16 23:41 UTC by Oleg Bulatov
Modified: 2023-09-07 21:17 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: the operator always uses virtual hosted style addressing for S3 even if a custom region endpoint is provided Consequence: it's not compatible with the registry that uses path style addressing for custom endpoints Fix: when a custom endpoint is provided, use path style addressing Result: the operator access the S3-compatible storage that same way as the registry does
Clone Of:
: 1815124 (view as bug list)
Environment:
Last Closed: 2020-05-04 11:20:19 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift cluster-image-registry-operator pull 418 0 None closed Bug 1784208: force path style for custom endpoints 2020-11-20 12:02:45 UTC
Red Hat Product Errata RHBA-2020:0581 0 None None None 2020-05-04 11:20:43 UTC

Description Oleg Bulatov 2019-12-16 23:41:46 UTC 
Description of problem:

The image registry operator, when S3 regionEndpoint is specified, tries to use virtual hosted bucket addressing like http://<bucketname>.<regionEndpoint>/<key>. This is not desired behaviour for S3-compatible storages like Minio.

Version-Release number of selected component (if applicable):

4.1.0

How reproducible:


Steps to Reproduce:
1. install an OpenShift cluster and minio storage
2. change the config.imageregistry to use this storage, set the proper regionEndpoint

Actual results:

The operator includes the bucket name into the domain name.

Expected results:

The operator uses path-style addressing like http://<regionEndpoint>/<bucket>/<key>.
Comment 5 Wenjing Zheng 2020-02-03 10:35:05 UTC 
But if use http://<bucketname>.<regionEndpoint>/<key>,UnmarshalError appears, so report a bug as below: https://bugzilla.redhat.com/show_bug.cgi?id=1797512
Comment 7 Wenjing Zheng 2020-03-30 09:57:32 UTC 
Re-verify on 4.4.0-0.nightly-2020-03-29-132004:
  storage:
    s3:
      bucket: wzheng-44bug-bcwqr-image-registry-us-east-2-yfjbspjvnpcuouygwi
      encrypt: true
      keyID: ""
      region: us-east-2
      regionEndpoint: https://s3.us-east-2.amazonaws.com/
Comment 9 errata-xmlrpc 2020-05-04 11:20:19 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0581
Note You need to log in before you can comment on or make changes to this bug.