Configuring Azure Blob Storage for Integrated Container Image Registry

Overview

This topic reviews how to configure Microsoft Azure Blob Storage for OpenShift integrated container image registry.

Before You Begin

  • Create a storage container using Microsoft Azure Portal, Microsoft Azure CLI, or Microsoft Azure Storage Explorer. Keep a note of the storage account name, storage account key and container name.

  • Deploy the integrated container image registry if it is not deployed.

Overriding Registry Configuration

To create a new registry pod and replace the old pod automatically:

  1. Create a new registry configuration file called registryconfig.yaml and add the following information:

    1. version: 0.1
    2. log:
    3.   level: debug
    4. http:
    5.   addr: :5000
    6. storage:
    7.   cache:
    8.     blobdescriptor: inmemory
    9.   delete:
    10.     enabled: true
    11.   azure: (1)
    12.     accountname: azureblobacc
    13.     accountkey:  azureblobacckey
    14.     container: azureblobname
    15.     realm: core.windows.net (2)
    16. auth:
    17.   openshift:
    18.     realm: openshift
    19. middleware:
    20.   registry:
    21.     - name: openshift
    22.   repository:
    23.     - name: openshift
    24.       options:
    25.         acceptschema2: false
    26.         pullthrough: true
    27.         enforcequota: false
    28.         projectcachettl: 1m
    29.         blobrepositorycachettl: 10m
    30.   storage:
    31.     - name: openshift
    1Replace the values for accountname, acountkey, and container with storage account name, storage account key, and storage container name respectively.
    2If using Azure regional cloud, set to the desired realm. For example, core.cloudapi.de for the Germany regional cloud.

  2. Create a new registry configuration:

    1. $ oc create secret generic registry-config --from-file=config.yaml=registryconfig.yaml

  3. Add the secret:

    1. $ oc set volume dc/docker-registry --add --type=secret \
    2.     --secret-name=registry-config -m /etc/docker/registry/

  4. Set the REGISTRY_CONFIGURATION_PATH environment variable:

    1. $ oc set env dc/docker-registry \
    2.     REGISTRY_CONFIGURATION_PATH=/etc/docker/registry/config.yaml

  5. If you already created a registry configuration:

    1. Delete the secret:

      1. $ oc delete secret registry-config

    2. Create a new registry configuration:

      1. $ oc create secret generic registry-config --from-file=config.yaml=registryconfig.yaml

    3. Update the configuration by starting a new rollout:

      1. $ oc rollout latest docker-registry