《OpenShift 4.x HOL教程匯總》
說(shuō)明：本文已經(jīng)在 OpenShift 4.13 + Quay 3.9.0 環(huán)境中驗(yàn)證

安裝配置 OpenShift Data Foundation

因?yàn)?Quay 需要用到對(duì)象存儲(chǔ)，所以我們先安裝 OpenShift Data Foundation 提供對(duì)象存儲(chǔ)。

安裝 ODF Operator

使用默認(rèn)配置將 OpenShift Data Foundation Operator 安裝到 openshift-storage 項(xiàng)目中。

配置 Noobaa

1. 執(zhí)行以下命令創(chuàng)建 NooBaa 對(duì)象。

$ cat << EOF | oc apply -f -
apiVersion: noobaa.io/v1alpha1
kind: NooBaa
metadata:name: noobaanamespace: openshift-storage
spec:dbResources:requests:cpu: '0.1'memory: 1GidbType: postgrescoreResources:requests:cpu: '0.1'memory: 1Gi
EOF

2. 執(zhí)行命令創(chuàng)建 BackingStore 對(duì)象。其中 gp2 是 OpenShift 集群中已有的 StorageClass 名稱(chēng)。

$ cat << EOF | oc apply -f -
apiVersion: noobaa.io/v1alpha1
kind: BackingStore
metadata:finalizers:- noobaa.io/finalizerlabels:app: noobaaname: noobaa-pv-backing-storenamespace: openshift-storage
spec:pvPool:numVolumes: 2resources:requests:storage: 100GistorageClass: gp2type: pv-pool
EOF

3. 部署完后可以查看部署好的資源。

$ oc get pod -n openshift-storage
NAME                                               READY   STATUS    RESTARTS   AGE
csi-addons-controller-manager-58765ffdb9-l9r4h     2/2     Running   0          25m
noobaa-core-0                                      1/1     Running   0          25m
noobaa-db-pg-0                                     1/1     Running   0          25m
noobaa-endpoint-76b76b7457-lbnww                   1/1     Running   0          11m
noobaa-operator-6c8b57f6f7-5qq2v                   1/1     Running   0          26m
noobaa-pv-backing-store-noobaa-pod-05a665d4        1/1     Running   0          11m
noobaa-pv-backing-store-noobaa-pod-d7fd9e71        1/1     Running   0          11m
ocs-metrics-exporter-8488bdfbc5-648qg              1/1     Running   0          26m
ocs-operator-8499fdf689-slrdb                      1/1     Running   0          26m
odf-console-65f5595bb9-z4hz8                       1/1     Running   0          26m
odf-operator-controller-manager-77b4fc5c49-89tfd   2/2     Running   0          26m
rook-ceph-operator-9795c956f-lh8gt                 1/1     Running   0          26m

4. 執(zhí)行命令查看相關(guān)對(duì)象。

$ oc get storageclass openshift-storage.noobaa.io
NAME                          PROVISIONER                       RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
openshift-storage.noobaa.io   openshift-storage.noobaa.io/obc   Delete          Immediate           false                  105s$ oc get pvc -n openshift-storage
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
db-noobaa-db-pg-0                             Bound    pvc-903f225e-92a0-4c50-aa33-0090a41d79e8   50Gi       RWO            gp2            4m15s
noobaa-pv-backing-store-noobaa-pvc-6168f68a   Bound    pvc-07d5c176-c4d7-43c3-a852-a8842114ace7   300Gi      RWO            gp2            2m31s
noobaa-pv-backing-store-noobaa-pvc-7acf1cbb   Bound    pvc-4bd33ead-722d-42ef-b4b1-69b5ab975779   300Gi      RWO            gp2            2m31s$ oc get BackingStore -n openshift-storage
NAME                           TYPE      PHASE   AGE
noobaa-default-backing-store   aws-s3    Ready   2m44s
noobaa-pv-backing-store        pv-pool   Ready   4m16s$ oc get noobaa -n openshift-storage
NAME     S3-ENDPOINTS                     STS-ENDPOINTS                    IMAGE                                                                                                            PHASE   AGE
noobaa   ["https://10.0.226.238:30852"]   ["https://10.0.226.238:30341"]   registry.redhat.io/odf4/mcg-core-rhel8@sha256:bed794f5d396e04ff6e5041369f012f849402ac8a31a38c1acf054ff8c3b0874   Ready   5m$ oc get bucketclass -n openshift-storage
NAME                          PLACEMENT                                                        NAMESPACEPOLICY   QUOTA   PHASE   AGE
noobaa-default-bucket-class   {"tiers":[{"backingStores":["noobaa-default-backing-store"]}]}                             Ready   2m28s

5. 執(zhí)行命令更新 noobaa-default-bucket-class 對(duì)象使用的 backingStores 配置。

$ oc patch bucketclass noobaa-default-bucket-class --patch '{"spec":{"placementPolicy":{"tiers":[{"backingStores":["noobaa-pv-backing-store"]}]}}}' --type merge -n openshift-storage

安裝 Quay

1. 使用默認(rèn)配置將 Quay Operator 安裝到默認(rèn)的命名空間。
   
2. 創(chuàng)建名為 redhat-quay 的項(xiàng)目。
3. 執(zhí)行命令創(chuàng)建 QuayRegistry 實(shí)例。完成后可以在 OpenShift 的開(kāi)發(fā)者視圖中看到下圖的部署拓?fù)洹?/li>

$ cat << EOF | oc apply -f -
apiVersion: quay.redhat.com/v1
kind: QuayRegistry
metadata:name: example-registrynamespace: redhat-quay
spec:{}
EOF

注意：在部署過(guò)程中有可能會(huì)在事件中提示申請(qǐng)資源超過(guò) LimitRange。此時(shí)可以進(jìn)入控制臺(tái)的 “管理”-“限制范圍” 菜單，然后刪除對(duì)應(yīng)的 LimitRange 即可。

5. 執(zhí)行命令獲得 Quay 控制臺(tái)訪問(wèn)地址。

$ QUAY_HOST=$(oc get route example-registry-quay -n redhat-quay -o jsonpath='{.spec.host}')

6. 在瀏覽器中打開(kāi)上一步 QUAY_HOST 變量中的地址，然后在控制臺(tái)中創(chuàng)建名為 quayadmin 的賬戶即可。
   

驗(yàn)證測(cè)試 Quay

1. 獲得 hello-openshift 鏡像到本地。

$ podman pull docker.io/openshift/hello-openshift
Trying to pull docker.io/openshift/hello-openshift:latest...
Getting image source signatures
Copying blob 4f4fb700ef54 done
Copying blob 8b32988996c5 done
Copying config 7af3297a3f done
Writing manifest to image destination
Storing signatures
7af3297a3fb4487b740ed6798163f618e6eddea1ee5fa0ba340329fcae31c8f6

2. 對(duì)鏡像重新打標(biāo)簽。

podman tag docker.io/openshift/hello-openshift ${QUAY_HOST}/quayadmin/hello-openshift:latest

3. 登錄 Quay 后將本地鏡像推送到 Quay上。

$ podman login ${QUAY_HOST} --username=quayadmin --password=<YOUR-PASSWORD>
Login Succeeded!$ podman push ${QUAY_HOST}/quayadmin/hello-openshift:latest
Getting image source signatures
Copying blob 5f70bf18a086 done
Copying blob da0e4d9121c7 done
Copying config 7af3297a3f done
Writing manifest to image destination
Storing signatures

注意：

• 如果在 login 的時(shí)候出現(xiàn) “x509: certificate signed by unknown authority” 的錯(cuò)誤提示，則需要增加 “–tls-verify=false” 參數(shù)。
• 如果鏡像因?yàn)橛泻灻鵁o(wú)法推送，可以添加 --remove-signatures 命令參數(shù)。

4. 最后可以在 Quay 中確認(rèn)已經(jīng)有了 hello-openshift 鏡像。
   

參考

https://github.com/liuxiaoyu-git/OpenShift-Labs/tree/main/userOperators/Quay
https://github.com/liuxiaoyu-git/ocp-quay-demo
https://olleb.com/quay-workshop/setup.html