Jump To Close Expand all Collapse all Table of contents Deploy Red Hat Quay on OpenShift with the Quay Operator Preface 1. Introduction to the Red Hat Quay Operator Expand section "1. Introduction to the Red Hat Quay Operator" Collapse section "1. Introduction to the Red Hat Quay Operator" 1.1. QuayRegistry API 1.2. Quay Operator components 1.3. Using managed components 1.4. Using unmanaged components for dependencies 1.5. Config bundle secret 1.6. Prerequisites for Red Hat Quay on OpenShift Expand section "1.6. Prerequisites for Red Hat Quay on OpenShift" Collapse section "1.6. Prerequisites for Red Hat Quay on OpenShift" 1.6.1. OpenShift cluster 1.6.2. Resource Requirements 1.6.3. Object Storage 2. Installing the Quay Operator from OperatorHub 3. Configuring Quay before deployment Expand section "3. Configuring Quay before deployment" Collapse section "3. Configuring Quay before deployment" 3.1. Pre-configuring Red Hat Quay for automation Expand section "3.1. Pre-configuring Red Hat Quay for automation" Collapse section "3.1. Pre-configuring Red Hat Quay for automation" 3.1.1. Allowing the API to create the first user 3.1.2. Enabling general API access 3.1.3. Adding a super user 3.1.4. Restricting user creation 3.1.5. Enabling new functionality 3.1.6. Enabling new functionality 3.1.7. Suggested configuration for automation 3.2. Configuring object storage Expand section "3.2. Configuring object storage" Collapse section "3.2. Configuring object storage" 3.2.1. Unmanaged storage Expand section "3.2.1. Unmanaged storage" Collapse section "3.2.1. Unmanaged storage" 3.2.1.1. AWS S3 storage 3.2.1.2. Google Cloud storage 3.2.1.3. Azure storage 3.2.1.4. Ceph/RadosGW Storage 3.2.1.5. Swift storage 3.2.1.6. NooBaa unmanaged storage 3.2.2. Managed storage Expand section "3.2.2. Managed storage" Collapse section "3.2.2. Managed storage" 3.2.2.1. About The Standalone Object Gateway Expand section "3.2.2.1. About The Standalone Object Gateway" Collapse section "3.2.2.1. About The Standalone Object Gateway" 3.2.2.1.1. Create A Standalone Object Gateway 3.3. Configuring the database Expand section "3.3. Configuring the database" Collapse section "3.3. Configuring the database" 3.3.1. Using an existing Postgres database 3.3.2. Database configuration Expand section "3.3.2. Database configuration" Collapse section "3.3.2. Database configuration" 3.3.2.1. Database URI 3.3.2.2. Database connection arguments Expand section "3.3.2.2. Database connection arguments" Collapse section "3.3.2.2. Database connection arguments" 3.3.2.2.1. PostgreSQL SSL connection arguments 3.3.2.2.2. MySQL SSL connection arguments 3.3.3. Using the managed PostgreSQL 3.4. Configuring TLS and routes Expand section "3.4. Configuring TLS and routes" Collapse section "3.4. Configuring TLS and routes" 3.4.1. Creating the config bundle secret with TLS cert, key pair: 3.5. Configuring other components Expand section "3.5. Configuring other components" Collapse section "3.5. Configuring other components" 3.5.1. Using external Redis Expand section "3.5.1. Using external Redis" Collapse section "3.5.1. Using external Redis" 3.5.1.1. Redis configuration fields Expand section "3.5.1.1. Redis configuration fields" Collapse section "3.5.1.1. Redis configuration fields" 3.5.1.1.1. Build logs 3.5.1.1.2. User events 3.5.1.1.3. Example Redis configuration 3.5.2. Disabling the Horizontal Pod Autoscaler 3.5.3. Disabling Route Component 3.5.4. Unmanaged monitoring 3.5.5. Unmanaged mirroring 4. Deploying Quay using the Quay Operator Expand section "4. Deploying Quay using the Quay Operator" Collapse section "4. Deploying Quay using the Quay Operator" 4.1. Deploying Red Hat Quay from the command line Expand section "4.1. Deploying Red Hat Quay from the command line" Collapse section "4.1. Deploying Red Hat Quay from the command line" 4.1.1. Viewing created components using the command line 4.1.2. Horizontal Pod Autoscaling (HPA) 4.1.3. Using the API to deploy Red Hat Quay Expand section "4.1.3. Using the API to deploy Red Hat Quay" Collapse section "4.1.3. Using the API to deploy Red Hat Quay" 4.1.3.1. Using the API to create the first user 4.1.4. Monitoring and debugging the deployment process 4.2. Deploying Red Hat Quay from the OpenShift console Expand section "4.2. Deploying Red Hat Quay from the OpenShift console" Collapse section "4.2. Deploying Red Hat Quay from the OpenShift console" 4.2.1. Using the Quay UI to create the first user 5. Configuring Quay on OpenShift Expand section "5. Configuring Quay on OpenShift" Collapse section "5. Configuring Quay on OpenShift" 5.1. Editing the config bundle secret in the OpenShift console 5.2. Determining QuayRegistry endpoints and secrets 5.3. Downloading the existing configuration 5.4. Using the config bundle to configure custom SSL certs Expand section "5.4. Using the config bundle to configure custom SSL certs" Collapse section "5.4. Using the config bundle to configure custom SSL certs" 5.4.1. Set TLS to unmanaged 5.4.2. Add certs to config bundle 6. Using the config tool to reconfigure Quay on OpenShift Expand section "6. Using the config tool to reconfigure Quay on OpenShift" Collapse section "6. Using the config tool to reconfigure Quay on OpenShift" 6.1. Accessing the config editor Expand section "6.1. Accessing the config editor" Collapse section "6.1. Accessing the config editor" 6.1.1. Retrieving the config editor credentials 6.1.2. Logging in to the config editor 6.1.3. Changing configuration 6.2. Monitoring reconfiguration in the UI Expand section "6.2. Monitoring reconfiguration in the UI" Collapse section "6.2. Monitoring reconfiguration in the UI" 6.2.1. QuayRegistry resource 6.2.2. Events 6.3. Accessing updated information after reconfiguration Expand section "6.3. Accessing updated information after reconfiguration" Collapse section "6.3. Accessing updated information after reconfiguration" 6.3.1. Accessing the updated config tool credentials in the UI 6.3.2. Accessing the updated config.yaml in the UI 6.4. Custom SSL certificates UI 6.5. External Access to the Registry 7. Quay Operator features Expand section "7. Quay Operator features" Collapse section "7. Quay Operator features" 7.1. Console monitoring and alerting Expand section "7.1. Console monitoring and alerting" Collapse section "7.1. Console monitoring and alerting" 7.1.1. Dashboard 7.1.2. Metrics 7.1.3. Alerting 7.2. Clair for Red Hat Quay Expand section "7.2. Clair for Red Hat Quay" Collapse section "7.2. Clair for Red Hat Quay" 7.2.1. Clair vulnerability databases 7.2.2. Clair on OpenShift Container Platform 7.2.3. Testing Clair 7.3. Federal Information Processing Standard (FIPS) readiness and compliance 8. Advanced Concepts Expand section "8. Advanced Concepts" Collapse section "8. Advanced Concepts" 8.1. Deploying Quay on infrastructure nodes Expand section "8.1. Deploying Quay on infrastructure nodes" Collapse section "8.1. Deploying Quay on infrastructure nodes" 8.1.1. Label and taint nodes for infrastructure use 8.1.2. Create a Project with node selector and toleration 8.1.3. Install the Quay Operator in the namespace 8.1.4. Create the registry 8.2. Enabling monitoring when Operator is installed in a single namespace Expand section "8.2. Enabling monitoring when Operator is installed in a single namespace" Collapse section "8.2. Enabling monitoring when Operator is installed in a single namespace" 8.2.1. Creating a cluster monitoring config map 8.2.2. Creating a user-defined workload monitoring config map 8.2.3. Enable monitoring for user-defined projects 8.2.4. Create a Service object to expose Quay metrics 8.2.5. Create a ServiceMonitor object 8.2.6. View the metrics in OpenShift 8.3. Resizing Managed Storage Expand section "8.3. Resizing Managed Storage" Collapse section "8.3. Resizing Managed Storage" 8.3.1. Resize Noobaa PVC 8.3.2. Add Another Storage Pool 8.4. Customizing Default Operator Images Expand section "8.4. Customizing Default Operator Images" Collapse section "8.4. Customizing Default Operator Images" 8.4.1. Environment Variables 8.4.2. Applying Overrides to a Running Operator 8.5. AWS S3 CloudFront 8.6. Advanced Clair configuration Expand section "8.6. Advanced Clair configuration" Collapse section "8.6. Advanced Clair configuration" 8.6.1. Unmanaged Clair configuration Expand section "8.6.1. Unmanaged Clair configuration" Collapse section "8.6.1. Unmanaged Clair configuration" 8.6.1.1. Running a custom Clair configuration with an unmanaged Clair database 8.6.1.2. Configuring a custom Clair database with an unmanaged Clair database 8.6.2. Running a custom Clair configuration with a managed Clair database Expand section "8.6.2. Running a custom Clair configuration with a managed Clair database" Collapse section "8.6.2. Running a custom Clair configuration with a managed Clair database" 8.6.2.1. Setting a Clair database to managed 8.6.2.2. Configuring a custom Clair database with a managed Clair configuration 8.6.3. Clair in disconnected environments Expand section "8.6.3. Clair in disconnected environments" Collapse section "8.6.3. Clair in disconnected environments" 8.6.3.1. Setting up Clair in a disconnected OpenShift Container Platform cluster Expand section "8.6.3.1. Setting up Clair in a disconnected OpenShift Container Platform cluster" Collapse section "8.6.3.1. Setting up Clair in a disconnected OpenShift Container Platform cluster" 8.6.3.1.1. Installing the clairctl command line utility tool for OpenShift Container Platform deployments 8.6.3.1.2. Retrieving and decoding the Clair configuration secret for Clair deployments on OpenShift Container Platform 8.6.3.1.3. Exporting the updaters bundle from a connected Clair instance 8.6.3.1.4. Configuring access to the Clair database in the disconnected OpenShift Container Platform cluster 8.6.3.1.5. Importing the updaters bundle into the disconnected OpenShift Container Platform cluster 8.6.3.2. Setting up a self-managed deployment of Clair for a disconnected OpenShift Container Platform cluster Expand section "8.6.3.2. Setting up a self-managed deployment of Clair for a disconnected OpenShift Container Platform cluster" Collapse section "8.6.3.2. Setting up a self-managed deployment of Clair for a disconnected OpenShift Container Platform cluster" 8.6.3.2.1. Installing the clairctl command line utility tool for a self-managed Clair deployment on OpenShift Container Platform 8.6.3.2.2. Deploying a self-managed Clair container for disconnected OpenShift Container Platform clusters 8.6.3.2.3. Exporting the updaters bundle from a connected Clair instance 8.6.3.2.4. Configuring access to the Clair database in the disconnected OpenShift Container Platform cluster 8.6.3.2.5. Importing the updaters bundle into the disconnected OpenShift Container Platform cluster 8.6.4. Enabling Clair CRDA 8.6.5. Mapping repositories to Common Product Enumeration information Expand section "8.6.5. Mapping repositories to Common Product Enumeration information" Collapse section "8.6.5. Mapping repositories to Common Product Enumeration information" 8.6.5.1. Mapping repositories to Common Product Enumeration example configuration 9. Red Hat Quay build enhancements Expand section "9. Red Hat Quay build enhancements" Collapse section "9. Red Hat Quay build enhancements" 9.1. Red Hat Quay enhanced build architecture 9.2. Red Hat Quay build limitations 9.3. Creating a Red Hat Quay builders environment with OpenShift Container Platform Expand section "9.3. Creating a Red Hat Quay builders environment with OpenShift Container Platform" Collapse section "9.3. Creating a Red Hat Quay builders environment with OpenShift Container Platform" 9.3.1. OpenShift Container Platform TLS component 9.3.2. Using OpenShift Container Platform for Red Hat Quay builders Expand section "9.3.2. Using OpenShift Container Platform for Red Hat Quay builders" Collapse section "9.3.2. Using OpenShift Container Platform for Red Hat Quay builders" 9.3.2.1. Preparing OpenShift Container Platform for virtual builders 9.3.2.2. Manually adding SSL/TLS certificates Expand section "9.3.2.2. Manually adding SSL/TLS certificates" Collapse section "9.3.2.2. Manually adding SSL/TLS certificates" 9.3.2.2.1. Creating and signing certificates 9.3.2.2.2. Setting TLS to unmanaged 9.3.2.2.3. Creating temporary secrets 9.3.2.2.4. Copying secret data to the configuration YAML 9.3.2.3. Using the UI to create a build trigger 9.3.2.4. Modifying your AWS S3 storage bucket 10. Geo-replication Expand section "10. Geo-replication" Collapse section "10. Geo-replication" 10.1. Geo-replication features 10.2. Geo-replication requirements and constraints 10.3. Geo-replication using the Red Hat Quay Operator Expand section "10.3. Geo-replication using the Red Hat Quay Operator" Collapse section "10.3. Geo-replication using the Red Hat Quay Operator" 10.3.1. Setting up geo-replication on Openshift Expand section "10.3.1. Setting up geo-replication on Openshift" Collapse section "10.3.1. Setting up geo-replication on Openshift" 10.3.1.1. Configuration 10.3.2. Mixed storage for geo-replication 11. Backing up and restoring Red Hat Quay managed by the Red Hat Quay Operator Expand section "11. Backing up and restoring Red Hat Quay managed by the Red Hat Quay Operator" Collapse section "11. Backing up and restoring Red Hat Quay managed by the Red Hat Quay Operator" 11.1. Backing up Red Hat Quay Expand section "11.1. Backing up Red Hat Quay" Collapse section "11.1. Backing up Red Hat Quay" 11.1.1. Red Hat Quay configuration backup 11.1.2. Scale down your Red Hat Quay deployment 11.1.3. Red Hat Quay managed database backup Expand section "11.1.3. Red Hat Quay managed database backup" Collapse section "11.1.3. Red Hat Quay managed database backup" 11.1.3.1. Red Hat Quay managed object storage backup 11.1.4. Scale the Red Hat Quay deployment back up 11.2. Restoring Red Hat Quay Expand section "11.2. Restoring Red Hat Quay" Collapse section "11.2. Restoring Red Hat Quay" 11.2.1. Restoring Red Hat Quay and its configuration from a backup 11.2.2. Scale down your Red Hat Quay deployment 11.2.3. Restore your Red Hat Quay database 11.2.4. Restore your Red Hat Quay object storage data 11.2.5. Scale up your Red Hat Quay deployment 12. Deploying IPv6 on the Red Hat Quay Operator Expand section "12. Deploying IPv6 on the Red Hat Quay Operator" Collapse section "12. Deploying IPv6 on the Red Hat Quay Operator" 12.1. Enabling the IPv6 protocol family 12.2. IPv6 limitations 13. Upgrading the Quay Operator Overview Expand section "13. Upgrading the Quay Operator Overview" Collapse section "13. Upgrading the Quay Operator Overview" 13.1. Operator Lifecycle Manager 13.2. Upgrading the Quay Operator Expand section "13.2. Upgrading the Quay Operator" Collapse section "13.2. Upgrading the Quay Operator" 13.2.1. Upgrading Quay 13.2.2. Notes on upgrading directly from 3.3.z or 3.4.z to 3.6 Expand section "13.2.2. Notes on upgrading directly from 3.3.z or 3.4.z to 3.6" Collapse section "13.2.2. Notes on upgrading directly from 3.3.z or 3.4.z to 3.6" 13.2.2.1. Upgrading with edge routing enabled 13.2.2.2. Upgrading with custom TLS certificate/key pairs without Subject Alternative Names 13.2.2.3. Configuring Clair v4 when upgrading from 3.3.z or 3.4.z to 3.6 using the Quay Operator 13.2.3. Swift configuration when upgrading from 3.3.z to 3.6 13.2.4. Changing the update channel for an Operator 13.2.5. Manually approving a pending Operator upgrade 13.3. Upgrading a QuayRegistry 13.4. Upgrading a QuayEcosystem Expand section "13.4. Upgrading a QuayEcosystem" Collapse section "13.4. Upgrading a QuayEcosystem" 13.4.1. Reverting QuayEcosystem Upgrade 13.4.2. Supported QuayEcosystem Configurations for Upgrades Legal Notice Settings Close Language: 简体中文 한국어 日本語 English Language: 简体中文 한국어 日本語 English Format: Multi-page Single-page PDF Format: Multi-page Single-page PDF Language and Page Formatting Options Language: 简体中文 한국어 日本語 English Language: 简体中文 한국어 日本語 English Format: Multi-page Single-page PDF Format: Multi-page Single-page PDF Deploy Red Hat Quay on OpenShift with the Quay Operator Red Hat Quay 3Deploy Red Hat Quay on OpenShift with Quay OperatorRed Hat OpenShift Documentation TeamLegal NoticeAbstract Deploy Red Hat Quay on an OpenShift Cluster with the Red Hat Quay Operator Next