Environment Setup

This tutorial was developed and tested with:

  • Red Hat OpenShift 4.10

  • Red Hat Quay 3.7

Container Management Tools

The following tools are required to run the exercises in this tutorial. Please ensure that they are installed and properly configured before proceeding with any of the tutorial chapters.

Tool Fedora Debian

podman

dnf install podman

apt install podman

skopeo

dnf install skopeo

apt install skopeo

OpenShift CLI (oc)

OpenShift Container Platform downloads page

OpenShift Container Platform downloads page

helm

Helm install (or Snap Store)

Helm install

openssl

dnf install openssl

apt install openssl

cosign

cosign Installation

cosign Installation

pgp

dnf install gnupg

apt install gnupg

Note: some of these tools are available through the Web Terminal provided by the Web Terminal Operator.

Red Hat Quay Prerequisites

ODF Operator

You can use the Red Hat OpenShift Container Platform web console to install Quay prerequisites by following these steps:

  • Open a browser window and log in to the Red Hat OpenShift Container Platform web console.

  • From the Administrator perspective, click on Operators and then select OperatorHub.

  • In the Filter by keyword field, type ODF.

operatorhub odf
  • Select the Red Hat OpenShift Data Foundation tile and click Install button.

odf install
  • On the Install Operator page, select stable-4.10 from the list of available Update Channel options, and then choose A specific namespace on the cluster. Leave the default value of Installed Namespace as openshift-storage, and set the Update Approval to Automatic. Also, make sure to set Enable the Console Plugin.

odfoperator install opts
  • Click Install.

Creating the standalone object gateway

For workshop testing purposes, we will deploy the Multi-Cloud Object Gateway (MCG) component provided by the Red Hat OpenShift Data Foundation Operator.

The MCG provides a S3-compatible object storage interface for our Quay deployment managed by the Operator. The gateway is used in combination with the Kubernetes PersistentVolume storage, which is mounted on the gateway as a backing store for object storage, and any block-based StorageClass is supported.

This is not a high-availability (HA) solution.
  • Create the NooBaa object storage:

cat <<EOF | oc apply -f -
apiVersion: noobaa.io/v1alpha1
kind: NooBaa
metadata:
  name: noobaa
  namespace: openshift-storage
spec:
 dbResources:
   requests:
     cpu: '0.1'
     memory: 1Gi
 dbType: postgres
 coreResources:
   requests:
     cpu: '0.1'
     memory: 1Gi
EOF
  • After some time, verify if the MCG has been provisioned:

oc get -n openshift-storage noobaas noobaa
After creating the Multi-Cloud Object Gateway, a new default backing store for all the ObjectBucketClaim issued by the Operator is automatically created.

Installing Quay Operator

You can use the Red Hat OpenShift Container Platform web console to suscribe and deploy the Red Hat Quay Operator.

  • Open a browser window and log in to the Red Hat OpenShift Container Platform web console.

  • From the Administrator perspective, click on Operators and then select OperatorHub.

  • In the Filter by keyword field, type Red Hat Quay.

operatorhub quay
  • Select the Red Hat Quay tile and click on the Install button.

quayoperator install
  • On the Install Operator page, select stable-3.7 from the list of available Update Channel options. Then, choose All namespaces on the cluster (default) as the installation mode and select Automatic for update approval.

quayoperator opts
  • Click Install.

Deploying Quay

  • Create a new quay-workshop project.

  • From the Administrator perspective, navigate to Operators and then select Installed Operators. Choose the quay-workshop project and select the Red Hat Quay operator.

  • Click Create instance to create a new Quay Registry instance.

create quay instance
  • If desired, change the name, and then click Create.

quay create
Please check if the init container fails during the Quay registry deployment. If it fails, please verify if a LimitRange exists in the current OCP project. Sometimes, the RHPDS environment creates a LimitRange automatically when a new project is created.

Export environment variables

It is recommended to set the QUAY_HOSTNAME environment variable in the working terminal before executing the commands. Alternatively, the hostname can be provided directly in the commands as needed.
QUAY_HOSTNAME=$(oc get route registry-quay -n quay-workshop -o jsonpath={.spec.host})