User or Developer story

As a WMCO user, I want to pull images from the internal registry without manual configuration, achieving parity with Linux nodes.

Description

Windows nodes in OpenShift clusters must be able to pull images from the internal registry (image-registry.openshift-image-registry.svc:5000) without manual configuration, achieving parity with Linux nodes.

 1. Automatic DNS Resolution
    - must watch the image-registry Service in openshift-image-registry namespace
    - must automatically add entries to C:\Windows\System32\drivers\etc\hosts mapping registry DNS names to ClusterIP
    - Entries must be kept synchronized if Service changes
  2. Containerd Registry Configuration
    - Create hosts.toml for internal registry at C:\k\containerd\registries\image-registry.openshift-image-registry.svc:5000\hosts.toml
    - Reference the CA bundle at C:\k\ca-bundle.crt
 

Required

  - Windows pods must successfully pull from internal registry
  - No manual hosts file edits required
  

Engineering Details

 MCO Registry CA Bundle Implementation:

•   Commit: https://github.com/openshift/machine-config-operator/commit/81136ed1aedcea39506c4e879a99086c599aaae5
•   Creates merged-trusted-image-registry-ca ConfigMap in openshift-config-managed
•   Populates ControllerConfig with ImageRegistryBundleData and ImageRegistryBundleUserData
•  The existing Windows disconnected test (vsphere-disconnected-e2e-operator), test infra can be reused. ipi-install-vsphere-registry step (at ci-operator/step-registry/ipi/install/vsphere/registry/ipi-install-vsphere-registry-commands.sh) sets up internal registry.

Acceptance Criteria

•   Deploy Windows pod with image: image-registry.openshift-image-registry.svc:5000/openshift/test-image:latest
•   Image pull succeeds without errors
•   E2E test extension
•   User documentation stating featured enabled