Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1942662

Summary: [DOC] Clarify additional URL needed in the firewall for images in registry.connect.redhat.com
Product: OpenShift Container Platform Reporter: oarribas <oarribas>
Component: DocumentationAssignee: Kelly Brown <kelbrown>
Status: CLOSED CURRENTRELEASE QA Contact: XiuJuan Wang <xiuwang>
Severity: medium Docs Contact: Latha S <lmurthy>
Priority: low    
Version: 4.6CC: aos-bugs, jokerman, kelbrown, lmurthy, rkant
Target Milestone: ---   
Target Release: 4.6.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-11-30 18:51:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description oarribas 2021-03-24 17:23:02 UTC 
Document URL: 

https://docs.openshift.com/container-platform/4.7/installing/install_config/configuring-firewall.html


Section Number and Name: 

Configuring your firewall for OpenShift Container Platform



Describe the issue: 

The URL `oso-rhc4tp-docker-registry.s3-us-west-2.amazonaws.com` is already in the document, but it looks that is only needed if deploying the cluster in AWS.
That URL is also needed by, at least, some operators. I have identify 2 operators which images are in `registry.connect.redhat.com`, and needs to connect to `oso-rhc4tp-docker-registry.s3-us-west-2.amazonaws.com`:

~~~
https://registry.connect.redhat.com/v2/f5networks/k8s-bigip-ctlr-operator/blobs/sha256:2490557f8586f8f37df6402c083720f6feb0945ffde3a3cee84c6715543aa9c6

https://registry.connect.redhat.com/v2/sonatype/nexus-repository-manager/blobs/sha256:e598ae6c78d234638ffbcd2529f46525fdd7eb517d7919a61bb55fafa1879835
~~~


Suggestions for improvement: 

`registry.connect.redhat.com` and `oso-rhc4tp-docker-registry.s3-us-west-2.amazonaws.com` should be added to point 5 instead of 4.
Maybe `s3-us-west-2.amazonaws.com` could be also needed as KCS [1].


Additional information: 

It should be backported also to previous versions of the documentation.




[1] https://access.redhat.com/solutions/2998411
Comment 3 Kelly Brown 2021-10-08 15:20:14 UTC 
Hello @oarribas
Comment 4 Kelly Brown 2021-10-08 15:26:05 UTC 
My apologies, I'm a little new to bugzilla and messed up that previous comment.

I have a few questions involving this bug 
- Did you want the `oso-rhc4tp-docker-registry.s3-us-west-2.amazonaws.com` removed from point 4 then added to point 5, or have it in both 4 and 5.
- I don’t see the function description for `registry.connect.redhat.com` so that I can add it to the chart in the doc. (Other than it provides third party images)

Thank you!
Comment 6 Kelly Brown 2021-10-20 16:09:25 UTC 
PR for changes: https://github.com/openshift/openshift-docs/pull/37792
Comment 7 Kelly Brown 2021-11-30 18:51:34 UTC 
Updated docs for changes: https://docs.openshift.com/container-platform/4.9/installing/install_config/configuring-firewall.html

If there is additional information regarding this doc, please feel free to reopen.