Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: quay-v3.6.0
Affects Version/s: quay-v3.6.0
Component/s: quay-operator
Labels:
- quay-enterprise
- triaged

Blocked:
False
Ready:
False
Release Note Text:
undefined
Git Pull Request:
https://github.com/quay/config-tool/pull/118, https://github.com/quay/config-tool/pull/119
Market:

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Description:

This is an issue found when deploy quay with operator, choose to use managed route and unmanaged tls component, provide cert/key pair, after created quayregistry CR, found Quay Mirror POD was failed to start, check the logs of Mirror POD, get error message "Failed to append custom certificate: extra_ca_certs/ssl.key",see attached mirror POD logs quay_360_mirror_pod.logs

Note: Quay image is quay-operator-bundle-container-v3.6.0-18

oc create secret generic --from-file config.yaml=./config.yaml --from-file ssl.cert=./ssl.cert --from-file ssl.key=./ssl.key config-bundle-secret

oc create -f quayregistry_s3_tls_route_unmanaged.yaml

oc get pod
NAME                                          READY   STATUS             RESTARTS   AGE
quay-operator.v3.6.0-784898d9f8-s57wc         1/1     Running            0          6h15m
quay360-clair-app-cbb764cd9-b9swc             1/1     Running            0          22m
quay360-clair-app-cbb764cd9-kmhv5             1/1     Running            0          22m
quay360-clair-postgres-59cb96bfc6-jp8z4       1/1     Running            1          23m
quay360-quay-app-5cc9777c79-nrpbc             1/1     Running            0          22m
quay360-quay-app-5cc9777c79-r2qfv             1/1     Running            1          22m
quay360-quay-app-upgrade-ntm5m                0/1     Completed          0          22m
quay360-quay-config-editor-6cd5676d7b-4krp6   1/1     Running            0          22m
quay360-quay-database-9494b4578-m4v9b         1/1     Running            1          22m
quay360-quay-mirror-78459cf5d5-2qv4j          0/1     CrashLoopBackOff   8          21m
quay360-quay-mirror-78459cf5d5-jbnkc          0/1     CrashLoopBackOff   8          21m
quay360-quay-postgres-init-94czg              0/1     Completed          0          22m
quay360-quay-redis-74d8d54b57-wh6vv           1/1     Running            0          23m

oc get pod quay360-quay-mirror-78459cf5d5-2qv4j -o json | jq '.spec.containers[0].image'
"registry.redhat.io/quay/quay-rhel8@sha256:a4cad2c70cd340029d00f468fc08cab887365d17fe22bbf31beeec36aebeb9e7"

Config.yaml:

cat config.yaml
FEATURE_EXTENDED_REPOSITORY_NAMES: true
CREATE_REPOSITORY_ON_PUSH_PUBLIC: true
FEATURE_USER_INITIALIZE: true
SERVER_HOSTNAME: quayv360.apps.quay-perf-738.perfscale.devcluster.openshift.com
ALLOWED_OCI_ARTIFACT_TYPES: 
    application/vnd.cncf.helm.config.v1+json: 
    - application/tar+gzip
    application/vnd.oci.image.layer.v1.tar+gzip+encrypted:
    - application/vnd.oci.image.layer.v1.tar+gzip+encrypted
    application/vnd.oci.image.config.v1+json:
    - application/vnd.oci.image.layer.v1.tar+zstd
    application/vnd.oci.image.config.v1+json:
    - application/vnd.dev.cosign.simplesigning.v1+json
DEFAULT_TAG_EXPIRATION: 4w
TAG_EXPIRATION_OPTIONS:
- 2w
- 4w
- 8w
FEATURE_GENERAL_OCI_SUPPORT: true
FEATURE_HELM_OCI_SUPPORT: false
SUPER_USERS:
  - quay
  - admin
DISTRIBUTED_STORAGE_DEFAULT_LOCATIONS:
  - default
DISTRIBUTED_STORAGE_PREFERENCE:
  - default
DISTRIBUTED_STORAGE_CONFIG:
  default:
    - S3Storage
    - s3_bucket: quay360
      storage_path: /quay360
      s3_access_key: ******
      s3_secret_key: ******
      host: s3.us-east-2.amazonaws.com

QuayRegistry CR:

apiVersion: quay.redhat.com/v1
kind: QuayRegistry
metadata:
  name: quay360
spec:
  configBundleSecret: config-bundle-secret
  components:
    - kind: objectstorage
      managed: false
    - kind: route
      managed: true
    - kind: tls
      managed: false

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

quay_360_mirror_pod.logs
6 kB
2021/08/18 7:45 AM
quay360_app_depoyment
10 kB
2021/08/24 3:19 AM
quay360_mirror_deployment
8 kB
2021/08/24 3:19 AM

is related to

PROJQUAY-2424 Quay notification worker was failed to send out notification when TLS is unmanaged

Closed

mentioned on

Merge request - Updated US source to: 1239477 [redhat-3.9] api: Adding ignore timezone flag when parsing datetime (PROJQUAY-5360) (#2079)

Merge request - Updated US source to: a095e1f api: Adding ignore timezone flag when parsing datetime (PROJQUAY-5360) (#2027)

Assignee:: Ricardo Maraschini (Inactive)

Reporter:: luffy zhang

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2021/08/18 7:43 AM

Updated:: 2023/08/01 2:27 PM

Resolved:: 2021/08/31 7:00 PM

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates