-
Bug
-
Resolution: Won't Do
-
Major
-
quay-v3.3.0
Description:
This is an issue found when deploy Quay with Operator, now when configurting Quay CR file to use CloudFrontS3 as cloudregistryBackends, the CR deployment was failed, report error message ""msg":"Failed to Validate Component","error":"registry-storage Validation Failed: [Errno 2] No such file or directory: u'/tmp/tmpCp0fPb/cloudfrontprivatekey'"" , maybe the step of configuring privatekey is not correct, pls review this issue and update the doc to show to how configure the privatekey.
Following Docs: https://github.com/redhat-cop/quay-operator/blob/master/docs/storage.md#cloudfront-s3
Steps:
1. Configure Quay CR file to use CloudFrontS3 as cloudregistryBackends(refer to the CR file below).
2. Run "oc create -f quayecosystem_cr_awscloudfronts3.yaml"
3. Check POD status
Expected Results:
The Quay CR deployment should complete successfully.
Actiual Results:
The Quay CR deployment was failed.
lizhang@lzha-mac Quay3.3_operator_testing % cat quayecosystem_cr_awscloudfronts3.yaml
apiVersion: redhatcop.redhat.io/v1alpha1
kind: QuayEcosystem
metadata:
name: demoawscloudfront-quayecosystem
spec:
quay:
imagePullSecretName: redhat-pull-secret
image: quay.io/quay/quay:v3.3.0-3
registryBackends:
- name: cloudfrontS3
cloudfrontS3:
accessKey: AKIAUMQAHCJON275SXFZ
bucketName: quay0427
secretKey: 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
host: s3.us-east-2.amazonaws.com
distributionDomain: do60gux9828by.cloudfront.net
keyID: EHV9ZNKBNRTXW
privateKeyFilename: cloudfrontprivatekey
database:
volumeSize: 30Gi
envVars: - name: DEBUGLOG
value: "true"
clair:
enabled: true
image: quay.io/quay/clair-jwt:v3.3.0-1
imagePullSecretName: redhat-pull-secret
updateInterval: "60m"
Operator logs:
{"level":"error","ts":1588043689.3538685,"logger":"controller_quayecosystem","msg":"Failed to Validate Component","error":"registry-storage Validation Failed: [Errno 2] No such file or directory: u'/tmp/tmpPCGRo0/cloudfrontprivatekey'","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\t/tmp/quay-operator/vendor/github.com/go-logr/zapr/zapr.go:128\ngithub.com/redhat-cop/quay-operator/pkg/controller/quayecosystem/setup.(*QuaySetupManager).SetupQuay\n\t/tmp/quay-operator/pkg/controller/quayecosystem/setup/setup.go:234\ngithub.com/redhat-cop/quay-operator/pkg/controller/quayecosystem.(*ReconcileQuayEcosystem).Reconcile\n\t/tmp/quay-operator/pkg/controller/quayecosystem/quayecosystem_controller.go:269\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/tmp/quay-operator/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:256\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/tmp/quay-operator/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:232\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).worker\n\t/tmp/quay-operator/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:211\nk8s.io/apimachinery/pkg/util/wait.JitterUntil.func1\n\t/tmp/quay-operator/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:152\nk8s.io/apimachinery/pkg/util/wait.JitterUntil\n\t/tmp/quay-operator/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:153\nk8s.io/apimachinery/pkg/util/wait.Until\n\t/tmp/quay-operator/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:88"}
lizhang@lzha-mac Quay3.3_operator_testing % oc get configmap cloudfrontprivatekey -o yaml
apiVersion: v1
data:
cloudfront.pem: |
----BEGIN PRIVATE KEY----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCQOCmeZlEWnK0o
+cH0i7XTl/t2p5I706x3VGKpfjVuH+TewtmgAVH6g5ns5YOYJsfNtiw4XB4b7R8a
0awaQJPlhly1VD7mZTOYf4iWnbmrQBMA/xDBLFFz0iF8/keZmZ091b2ut2cYk23B
JIUcjOgvagfkbnf7I+OSumM9eR+EekPux56lhubovOFJQYCHLioDO2EeWscBvYgg
oUyo48LWaZPZLBEU3P1uWKwzyqqzh56YqG33jWxkTbN3ZNCePcEwILa8ArxGTBzO
6YzwyxhYsd5BMzUWDQ4dU15azFtCrSY5Qf6toOzxWOFafIGTKsZhmq/F0O9REYsu
FUVQfhXJAgMBAAECggEAS4WNjcxIpE2xg+aeQcAznDVXUoBX3IpxIyAGdnmH4z5C
bMCek+J9GnF11o8txSxxrvC54V2jyr32buXjeO/eQvCEddRDCAVw6mfGkBDSXLI2
AWyQSog5sywTq0/BENdXdz0JkoeqLj1t2RmVtyi2obWlomKS4+mcT4bZVySpc4aF
nL7zO/ZbD78xmXGvYQmgI77MUkaDEmyJ73PZg6iwdnkcKLqREwLvYVPZHaozrrdx
BY/BUHiI6MpIATq+a9HsrPr9g8Bz0790VLsVjo2Cyj619Jsy4KCL8DW05Zf16Wqr
JqgDFoj2LF8cFk4NJWhVi4gxXTdKZE6heidy+xrfAQKBgQDLtcFpZ51ughfAc9CL
EJr6Z6rH6gTPBRgDf9PNnOkg4GUMar8oBp663wqGqFaADo1/BzTdfvAOzbqkaP7+
qktuv7Kb3zgo7tduLSIIPu8MyTOF0kQsBlBIjgyabnZhFdXet6L7nYmXcJTZ1CrH
qCDXRvmEM0VsGNfJ/vd7qOejoQKBgQC1PSUmWn361fAQJGtlOtUWsqjg3dhTt0bc
3aDjoDnjPqNsy4GU9/v1LHspNgDyGkSjMJAHyllH050OVDCjFMXeHDNlQ8Luyuzz
KvKYKLuBLNLw9//gCxwAgYBjemEYcVQ8QU4E+dEiscHTUCXan9B7W2yRLoJa9tBR
OD1ihDlBKQKBgEFe/0U6+ftnhgW9ZLPrzUAEGnry7z4b7VvaHncCHpHtUKAOdW97
yF5BixgxVyjbAq87+cwGmzS08msmQoYo0fIlVETO+i+wjbOOijhJMd9RhdYw5q2W
DRdrdkHsptJ69ln1ZjkGkgvmFe5dNqlBm+BZp2K0LVgGFOF+j57AUi1hAoGACwR8
jahSoD0BKvoLzUuWSJrzyTezPuOVWzfd3/iNjFLyfFqitfudRXo+wnKV/CG8qm75
Un/qjYM/uO9FRaStoqL0POOxpfKQFPg3ZyiSvXeMGzn4RBZozV8R/vohjOrWxBL0
Ozk0jXdg4QeuRWwRsG4OW4UIR59ZapaQpLyE/oECgYEAsFiTVkduXCipOM8bOlDN
leQ3JPUG/tx8JexMvX4VdIaG7idTv3jeRl+SxMhNx7smyyxJVQ4ELjg12G3DNGdk
t2hy1/VoIbzK+AjVorZ4GJ9CSXk/ijAVNiYvUFvLmqx9ATtLPE5XI/0Iakkk96DY
BADuIIBjavaJPg61X5W2DzA=
----END PRIVATE KEY----
kind: ConfigMap
metadata:
creationTimestamp: "2020-04-28T03:11:48Z"
name: cloudfrontprivatekey
namespace: quay33
resourceVersion: "963270"
selfLink: /api/v1/namespaces/quay33/configmaps/cloudfrontprivatekey
uid: 418111a3-802f-45f3-bf06-a42067b48d4e