Chapter 7. Using the configuration tool
7.1. Custom SSL certificates UI
The config tool can be used to load custom certificates to facilitate access to resources such as external databases. Select the custom certs to be uploaded, ensuring that they are in PEM format, with an extension .crt
.
The config tool also displays a list of any uploaded certificates. Once you upload your custom SSL cert, it will appear in the list:
7.2. Basic configuration
7.2.1. Contact information
7.3. Server configuration
7.3.1. Server configuration choice
7.3.2. TLS configuration
7.4. Database configuration
You can choose between PostGreSQL and MySQL:
The MySQL and MariaDB databases have been deprecated as of Red Hat Quay 3.6. Support for these databases will be removed in a future version of Red Hat Quay. If starting a new Red Hat Quay installation, it is strongly recommended to use PostgreSQL.
7.4.1. PostgreSQL configuration
Enter the details for connecting to the database:
This will generate a DB_URI field of the form postgresql://quayuser:quaypass@quay-server.example.com:5432/quay
.
If you need finer-grained control of the connection arguments, see the section "Database connection arguments" in the Configuration Guide.
7.5. Data consistency
7.6. Time machine configuration
7.7. Redis configuration
7.8. Repository mirroring configuration
7.9. Registry storage configuration
- Proxy storage
- Storage georeplication
- Storage engines
7.9.1. Enable storage replication - standalone Quay
-
Scroll down to the section entitled
Registry Storage
. -
Click
Enable Storage Replication
. - Add each of the storage engines to which data will be replicated. All storage engines to be used must be listed.
-
If complete replication of all images to all storage engines is required, under each storage engine configuration click
Replicate to storage engine by default
. This will ensure that all images are replicated to that storage engine. To instead enable per-namespace replication, please contact support. -
When you are done, click
Save Configuration Changes
. Configuration changes will take effect the next time Red Hat Quay restarts. After adding storage and enabling “Replicate to storage engine by default” for Georeplications, you need to sync existing image data across all storage. To do this, you need to
oc exec
(or docker/kubectl exec) into the container and run:# scl enable python27 bash # python -m util.backfillreplication
This is a one time operation to sync content after adding new storage.
7.9.2. Storage engines
7.9.2.1. Local storage
7.9.2.2. Amazon S3 storage
7.9.2.3. Azure blob storage
7.9.2.4. Google cloud storage
7.9.2.5. Ceph object gateway (RADOS) storage
7.9.2.6. OpenStack (Swift) storage configuration
7.9.2.7. Cloudfront + Amazon S3 storage configuration
7.10. Action log configuration
7.10.1. Action log storage configuration
7.10.1.1. Database action log storage
7.10.1.2. Elasticsearch action log storage
7.10.2. Action log rotation and archiving
7.11. Security scanner configuration
7.12. Application registry configuration
7.13. Email configuration
7.14. Internal authentication configuration
7.14.1. LDAP
7.14.2. Keystone (OpenStack identity)
7.14.3. JWT custom authentication
7.14.4. External application token
7.15. External authentication (OAUTH) configuration
7.15.1. GitHub (Enterprise) authentication
7.15.2. Google authentication
7.16. Access settings configuration
7.17. Dockerfile build support
7.17.1. GitHub (Enterprise) Build Triggers
7.17.2. BitBucket Build Triggers
7.17.3. GitLab Build Triggers