Uploaded image for project: 'OpenShift Virtualization'
  1. OpenShift Virtualization
  2. CNV-40722

[RFE] Automatic import of default boot sources support with local registry

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Obsolete
    • Icon: Major Major
    • None
    • None
    • Storage Platform
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • None
    • ---
    • ---

      In a disconnected installation the automatic import of default boot sources fails if the user mirrors them to the locally available registry and creates an ICSP. This works for most if not all OCP operators/components, so the user expects this to work for CNV boot sources too. Without having to disable and create/maintain custom ones.
       
      For example, use oc-mirror to create a local mirror for OCP, adding the RHEL8 and RHEL9 boot images (these are ImageStreams)

      $ cat imageset-config.yaml 
kind: ImageSetConfiguration
apiVersion: mirror.openshift.io/v1alpha2
storageConfig:
  registry:
    imageURL: synology.home.arpa:50000/mirror/oc-mirror-metadata
    skipTLS: true
mirror:
  platform:
    channels:
    - name: fast-4.15
      type: ocp
    graph: true                                                     
  operators:
  - catalog: registry.redhat.io/redhat/redhat-operator-index:v4.15
    packages:
    <...>
  additionalImages:
  - name: registry.redhat.io/rhel9/rhel-guest-image:latest
  - name: registry.redhat.io/rhel8/rhel-guest-image:latest
  helm: {}

       

      Then apply the generated ICSP

      apiVersion: operator.openshift.io/v1alpha1
kind: ImageContentSourcePolicy
metadata:
  name: generic-0
spec:
  repositoryDigestMirrors:
  - mirrors:
    - synology.home.arpa:50000/rhel9
    source: registry.redhat.io/rhel9
  - mirrors:
    - synology.home.arpa:50000/rhel8
    source: registry.redhat.io/rhel8

       

      Wait for it to apply, delete any already downloaded source if already present and check the status:

       

      $ oc -n openshift-virtualization-os-images get is
NAME          IMAGE REPOSITORY   TAGS     UPDATED
rhel8-guest                      latest   
rhel9-guest                      latest   

      $ oc -n openshift-virtualization-os-images get is rhel9-guest -o yaml | yq '.status'
{
  "dockerImageRepository": "",
  "tags": [
    {
      "conditions": [
        {
          "generation": 31,
          "lastTransitionTime": "2024-04-12T19:45:12Z",
          "message": "Internal error occurred: registry.redhat.io/rhel9/rhel-guest-image:latest: Get \"https://registry.redhat.io/v2/\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)",
          "reason": "InternalError",
          "status": "False",
          "type": "ImportSuccess"
        }
      ],
      "items": null,
      "tag": "latest"
    }
  ]
}

      The other images (CentOS/Fedora) use a slightly different mechanism but also don't seem to work out of the box.

      This bug, fixed in 4.8, suggests imageStreams should work with ICSP - but with some limitations (i.e. auth). Not sure if still relevant. https://bugzilla.redhat.com/show_bug.cgi?id=1918376

      It would be nice if all this worked out of the box with an ICSP like pretty much everything else, and gets documented.

       

              alitke@redhat.com Adam Litke
              rhn-support-gveitmic Germano Veit Michel
              Ying Cui Ying Cui
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: