[BUG][4.15.0] Image registry service not exposed #862

adrianriobo · 2024-03-13T11:31:25Z

Testing pre release bits for 4.15.0 it is not possible to reach the image registry from outside the cluster; on previous versions there was a route to access the image registry:

`v4.14.12`

NAME                                                   READY   STATUS    RESTARTS   AGE
pod/cluster-image-registry-operator-7dd75c64c9-9q6lk   1/1     Running   0          26d
pod/image-registry-7b977db585-6xzmn                    1/1     Running   0          28m
pod/node-ca-fxjxr                                      1/1     Running   0          26d

NAME                              TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)     AGE
service/image-registry            ClusterIP   10.217.5.7   <none>        5000/TCP    26d
service/image-registry-operator   ClusterIP   None         <none>        60000/TCP   26d

NAME                     DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
daemonset.apps/node-ca   1         1         1       1            1           kubernetes.io/os=linux   26d

NAME                                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/cluster-image-registry-operator   1/1     1            1           26d
deployment.apps/image-registry                    1/1     1            1           26d

NAME                                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/cluster-image-registry-operator-7dd75c64c9   1         1         1       26d
replicaset.apps/image-registry-75fbc4cbd9                    0         0         0       25d
replicaset.apps/image-registry-7b977db585                    1         1         1       28m
replicaset.apps/image-registry-b964bbc5d                     0         0         0       26d
replicaset.apps/image-registry-f6fc46597                     0         0         0       25d

NAME                         SCHEDULE    SUSPEND   ACTIVE   LAST SCHEDULE   AGE
cronjob.batch/image-pruner   0 0 * * *   False     0        <none>          26d

NAME                                     HOST/PORT                                                   PATH   SERVICES         PORT    TERMINATION   WILDCARD
route.route.openshift.io/default-route   default-route-openshift-image-registry.10.0.78.133.nip.io          image-registry   <all>   reencrypt     None

`v4.15.0`

Trying to login within the registry:

podman login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.apps-crc.testing --tls-verify=false` we get an error: 
Error: authenticating creds for "default-route-openshift-image-registry.apps-crc.testing": pinging container registry default-route-openshift-image-registry.apps-crc.testing: received unexpected HTTP status: 503 Service Unavailable

And if we check the resources on the cluster:

pod/cluster-image-registry-operator-85644cb64d-zbkpc   1/1     Running   1          10d
pod/node-ca-qqv6t                                      1/1     Running   1          10d

NAME                              TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)     AGE
service/image-registry-operator   ClusterIP   None         <none>        60000/TCP   10d

NAME                     DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
daemonset.apps/node-ca   1         1         1       1            1           kubernetes.io/os=linux   10d

NAME                                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/cluster-image-registry-operator   1/1     1            1           10d

NAME                                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/cluster-image-registry-operator-85644cb64d   1         1         1       10d

NAME                         SCHEDULE    SUSPEND   ACTIVE   LAST SCHEDULE   AGE
cronjob.batch/image-pruner   0 0 * * *   False     0        <none>          10d

The text was updated successfully, but these errors were encountered:

praveenkumar · 2024-03-14T07:30:51Z

Looks like https://docs.openshift.com/container-platform/4.15/registry/configuring_registry_storage/configuring-registry-storage-baremetal.html since we moved from libvirt IPI to SNO which have platform: none by default the Image Registry Operator bootstraps itself as Removed state and when it is in Removed state all the configuration we apply to the config not going to be applied to cluster.

… to Managed Since we switched from libvirt IPI to SNO where platform is used as `none` so the image registry operator bootstraps itself as Removed. Which means registry operator not start the registry instance and any configurations are ignored. - https://access.redhat.com/solutions/5114881 - https://docs.openshift.com/container-platform/4.15/registry/configuring_registry_storage/configuring-registry-storage-baremetal.html#registry-removed_configuring-registry-storage-baremetal fixes: crc-org#862

… to Managed Since we switched from libvirt IPI to SNO where platform is used as `none` so the image registry operator bootstraps itself as Removed. Which means registry operator not start the registry instance and any configurations are ignored. Since registry operator not started that means there is no registry route and user not able to push image to internal registry and get following error. ``` podman login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.apps-crc.testing --tls-verify=false` we get an error: Error: authenticating creds for "default-route-openshift-image-registry.apps-crc.testing": pinging container registry default-route-openshift-image-registry.apps-crc.testing: received unexpected HTTP status: 503 Service Unavailable ``` - https://access.redhat.com/solutions/5114881 - https://docs.openshift.com/container-platform/4.15/registry/configuring_registry_storage/configuring-registry-storage-baremetal.html#registry-removed_configuring-registry-storage-baremetal fixes: crc-org#862

… to Managed Since we switched from libvirt IPI to SNO where platform is used as `none` so the image registry operator bootstraps itself as Removed. Which means registry operator not start the registry instance and any configurations are ignored. Since registry operator not started that means there is no registry route and user not able to push image to internal registry and get following error. ``` podman login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.apps-crc.testing --tls-verify=false` we get an error: Error: authenticating creds for "default-route-openshift-image-registry.apps-crc.testing": pinging container registry default-route-openshift-image-registry.apps-crc.testing: received unexpected HTTP status: 503 Service Unavailable ``` - https://access.redhat.com/solutions/5114881 - https://docs.openshift.com/container-platform/4.15/registry/configuring_registry_storage/configuring-registry-storage-baremetal.html#registry-removed_configuring-registry-storage-baremetal fixes: #862

… to Managed Since we switched from libvirt IPI to SNO where platform is used as `none` so the image registry operator bootstraps itself as Removed. Which means registry operator not start the registry instance and any configurations are ignored. Since registry operator not started that means there is no registry route and user not able to push image to internal registry and get following error. ``` podman login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.apps-crc.testing --tls-verify=false` we get an error: Error: authenticating creds for "default-route-openshift-image-registry.apps-crc.testing": pinging container registry default-route-openshift-image-registry.apps-crc.testing: received unexpected HTTP status: 503 Service Unavailable ``` - https://access.redhat.com/solutions/5114881 - https://docs.openshift.com/container-platform/4.15/registry/configuring_registry_storage/configuring-registry-storage-baremetal.html#registry-removed_configuring-registry-storage-baremetal fixes: crc-org#862

… to Managed Since we switched from libvirt IPI to SNO where platform is used as `none` so the image registry operator bootstraps itself as Removed. Which means registry operator not start the registry instance and any configurations are ignored. Since registry operator not started that means there is no registry route and user not able to push image to internal registry and get following error. ``` podman login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.apps-crc.testing --tls-verify=false` we get an error: Error: authenticating creds for "default-route-openshift-image-registry.apps-crc.testing": pinging container registry default-route-openshift-image-registry.apps-crc.testing: received unexpected HTTP status: 503 Service Unavailable ``` - https://access.redhat.com/solutions/5114881 - https://docs.openshift.com/container-platform/4.15/registry/configuring_registry_storage/configuring-registry-storage-baremetal.html#registry-removed_configuring-registry-storage-baremetal fixes: #862

adrianriobo changed the title ~~[BUG][4.15.0] Image registry not exposed~~ [BUG][4.15.0] Image registry service not exposed Mar 13, 2024

praveenkumar transferred this issue from crc-org/crc Mar 14, 2024

praveenkumar self-assigned this Mar 14, 2024

praveenkumar mentioned this issue Mar 19, 2024

Change managementState of Image Registry Operator config from Removed to Managed #863

Merged

praveenkumar closed this as completed in #863 Mar 20, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BUG][4.15.0] Image registry service not exposed #862

[BUG][4.15.0] Image registry service not exposed #862

adrianriobo commented Mar 13, 2024 •

edited

Loading

praveenkumar commented Mar 14, 2024

[BUG][4.15.0] Image registry service not exposed #862

[BUG][4.15.0] Image registry service not exposed #862

Comments

adrianriobo commented Mar 13, 2024 • edited Loading

v4.14.12

v4.15.0

praveenkumar commented Mar 14, 2024

adrianriobo commented Mar 13, 2024 •

edited

Loading

`v4.14.12`

`v4.15.0`