- https://docs.openshift.com/container-platform/4.3/operators/olm-restricted-networks.html
- docs bug to add procedure for creating the CatalogSource manually https://bugzilla.redhat.com/show_bug.cgi?id=1796464
- using
oc
from 4.4 as 4.3 apparently has a bug in theoc adm catalog
command(s)
oc patch OperatorHub cluster --type json \
-p '[{"op": "add", "path": "/spec/disableAllDefaultSources", "value": true}]'
oc adm catalog build \
--appregistry-endpoint https://quay.io/cnr \
--appregistry-org redhat-operators \
--to=registry.ocp.sjennings.me/olm/redhat-operators:v1
oc adm catalog mirror \
registry.ocp.sjennings.me/olm/redhat-operators:v1 \
registry.ocp.sjennings.me
Some images required for Service Mesh are not mirrored by the oc adm catalog mirror
above
#!/bin/bash
set -eu
images=(
registry.redhat.io/distributed-tracing/jaeger-all-in-one-rhel7:1.13.1
registry.redhat.io/openshift-service-mesh/kiali-rhel7:1.0.9
registry.redhat.io/openshift4/ose-oauth-proxy:latest
registry.redhat.io/openshift4/ose-oauth-proxy:4.2
docker.io/maistra/examples-bookinfo-details-v1:0.12.0
docker.io/maistra/examples-bookinfo-productpage-v1:0.12.0
docker.io/maistra/examples-bookinfo-ratings-v1:0.12.0
docker.io/maistra/examples-bookinfo-reviews-v1:0.12.0
docker.io/maistra/examples-bookinfo-reviews-v2:0.12.0
docker.io/maistra/examples-bookinfo-reviews-v3:0.12.0
)
for image in ${images[@]}; do
src=$image
dst=registry.lab.variantweb.net/${image#*/}
oc image mirror $src $dst
done
This registries.conf
is sufficient for Service Mesh
unqualified-search-registries = ["registry.access.redhat.com", "docker.io"]
[[registry]]
prefix = ""
location = "docker.io/maistra"
[[registry.mirror]]
location = "registry.ocp.sjennings.me/maistra"
[[registry]]
prefix = ""
location = "quay.io/openshift-release-dev/ocp-release"
[[registry.mirror]]
location = "registry.ocp.sjennings.me/ocp/release"
[[registry]]
prefix = ""
location = "quay.io/openshift-release-dev/ocp-v4.0-art-dev"
[[registry.mirror]]
location = "registry.ocp.sjennings.me/ocp/release"
[[registry]]
prefix = ""
location = "registry.redhat.io/distributed-tracing"
[[registry.mirror]]
location = "registry.ocp.sjennings.me/distributed-tracing"
[[registry]]
prefix = ""
location = "registry.redhat.io/openshift-service-mesh"
[[registry.mirror]]
location = "registry.ocp.sjennings.me/openshift-service-mesh"
[[registry]]
prefix = ""
location = "registry.redhat.io/openshift4"
[[registry.mirror]]
location = "registry.ocp.sjennings.me/openshift4"
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
name: mirrored-redhat-operators
namespace: openshift-marketplace
spec:
displayName: Red Hat Operators
sourceType: grpc
image: registry.ocp.sjennings.me/olm/redhat-operators:v1
I encoutered an issue were the marketplace-operator
pod had trouble contacting the kube API server sometime in the past and had basically stopped operating. I had to delete pod and wait for a new pod to be created before action was taken on my CatalogSource
.
Even with the latest 4.4 nightly build: 4.4.0-0.nightly-2020-02-11-232643
I ran into this: https://bugzilla.redhat.com/show_bug.cgi?id=1795272
My original command:
./oc adm catalog build --auth-token=/tmp/pull-secret.txt --appregistry-endpoint https://quay.io/cnr --appregistry-org redhat-operators --to=localhost.localdomain:5000/olm/redhat-operators:v1
As soon as I copied my pull secret to: ~/.docker/config.json
It worked. I made sure the pull secret include credentials for my local registry mirror.