Uploaded image for project: 'Knative Serving'
  1. Knative Serving
  2. SRVKS-103

Internal registry does not work out of the box

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • None
    • Serverless Sprint 167

      After installing Knative Serving with the Operator it does not support the internal registry out of the box.

      Our E2E tests make the internal registry work by hooking it up with the OpenShift internal certificate mechanism like so:

      function enable_knative_interaction_with_registry() {
  local configmap_name=config-service-ca
  local cert_name=service-ca.crt
  local mount_path=/var/run/secrets/kubernetes.io/servicecerts

  oc -n $SERVING_NAMESPACE create configmap $configmap_name
  oc -n $SERVING_NAMESPACE annotate configmap $configmap_name service.alpha.openshift.io/inject-cabundle="true"
  wait_until_configmap_contains $SERVING_NAMESPACE $configmap_name $cert_name
  oc -n $SERVING_NAMESPACE set volume deployment/controller --add --name=service-ca --configmap-name=$configmap_name --mount-path=$mount_path
  oc -n $SERVING_NAMESPACE set env deployment/controller SSL_CERT_FILE=$mount_path/$cert_name
}

       The operator could do all of this for the user if it detects it's running on OpenShift.
       

              sashture Savita .
              markusthoemmes Markus Thömmes (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: