search

crc-org / snc

Single Node Cluster creation scripts for OpenShift 4.x as used by CodeReady Containers
https://crc.dev
Apache License 2.0
100 stars 49 forks source link

[BUG][4.15.0] Image registry service not exposed #862

Closed adrianriobo closed 3 months ago

adrianriobo commented 3 months ago

Testing pre release bits for 4.15.0 it is not possible to reach the image registry from outside the cluster; on previous versions there was a route to access the image registry:

v4.14.12

NAME                                                   READY   STATUS    RESTARTS   AGE
pod/cluster-image-registry-operator-7dd75c64c9-9q6lk   1/1     Running   0          26d
pod/image-registry-7b977db585-6xzmn                    1/1     Running   0          28m
pod/node-ca-fxjxr                                      1/1     Running   0          26d

NAME                              TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)     AGE
service/image-registry            ClusterIP   10.217.5.7   <none>        5000/TCP    26d
service/image-registry-operator   ClusterIP   None         <none>        60000/TCP   26d

NAME                     DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
daemonset.apps/node-ca   1         1         1       1            1           kubernetes.io/os=linux   26d

NAME                                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/cluster-image-registry-operator   1/1     1            1           26d
deployment.apps/image-registry                    1/1     1            1           26d

NAME                                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/cluster-image-registry-operator-7dd75c64c9   1         1         1       26d
replicaset.apps/image-registry-75fbc4cbd9                    0         0         0       25d
replicaset.apps/image-registry-7b977db585                    1         1         1       28m
replicaset.apps/image-registry-b964bbc5d                     0         0         0       26d
replicaset.apps/image-registry-f6fc46597                     0         0         0       25d

NAME                         SCHEDULE    SUSPEND   ACTIVE   LAST SCHEDULE   AGE
cronjob.batch/image-pruner   0 0 * * *   False     0        <none>          26d

NAME                                     HOST/PORT                                                   PATH   SERVICES         PORT    TERMINATION   WILDCARD
route.route.openshift.io/default-route   default-route-openshift-image-registry.10.0.78.133.nip.io          image-registry   <all>   reencrypt     None

v4.15.0

Trying to login within the registry:

podman login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.apps-crc.testing --tls-verify=false` we get an error: 
Error: authenticating creds for "default-route-openshift-image-registry.apps-crc.testing": pinging container registry default-route-openshift-image-registry.apps-crc.testing: received unexpected HTTP status: 503 Service Unavailable

And if we check the resources on the cluster:

pod/cluster-image-registry-operator-85644cb64d-zbkpc   1/1     Running   1          10d
pod/node-ca-qqv6t                                      1/1     Running   1          10d

NAME                              TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)     AGE
service/image-registry-operator   ClusterIP   None         <none>        60000/TCP   10d

NAME                     DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
daemonset.apps/node-ca   1         1         1       1            1           kubernetes.io/os=linux   10d

NAME                                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/cluster-image-registry-operator   1/1     1            1           10d

NAME                                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/cluster-image-registry-operator-85644cb64d   1         1         1       10d

NAME                         SCHEDULE    SUSPEND   ACTIVE   LAST SCHEDULE   AGE
cronjob.batch/image-pruner   0 0 * * *   False     0        <none>          10d
praveenkumar commented 3 months ago

Looks like https://docs.openshift.com/container-platform/4.15/registry/configuring_registry_storage/configuring-registry-storage-baremetal.html since we moved from libvirt IPI to SNO which have platform: none by default the Image Registry Operator bootstraps itself as Removed state and when it is in Removed state all the configuration we apply to the config not going to be applied to cluster.