Jump To Close Expand all Collapse all Table of contents Manage Red Hat Quay Preface 1. Advanced Red Hat Quay configuration Expand section "1. Advanced Red Hat Quay configuration" Collapse section "1. Advanced Red Hat Quay configuration" 1.1. Using the API to modify Red Hat Quay 1.2. Editing the config.yaml file to modify Red Hat Quay Expand section "1.2. Editing the config.yaml file to modify Red Hat Quay" Collapse section "1.2. Editing the config.yaml file to modify Red Hat Quay" 1.2.1. Adding name and company to Red Hat Quay sign-in 2. Using the configuration API Expand section "2. Using the configuration API" Collapse section "2. Using the configuration API" 2.1. Retrieving the default configuration 2.2. Retrieving the current configuration 2.3. Validating configuration using the API 2.4. Determining the required fields 3. Getting Red Hat Quay release notifications 4. Using SSL to protect connections to Red Hat Quay Expand section "4. Using SSL to protect connections to Red Hat Quay" Collapse section "4. Using SSL to protect connections to Red Hat Quay" 4.1. Using SSL/TLS 4.2. Creating a Certificate Authority Expand section "4.2. Creating a Certificate Authority" Collapse section "4.2. Creating a Certificate Authority" 4.2.1. Signing the certificate 4.3. Configuring SSL/TLS using the command line interface 4.4. Configuring SSL/TLS using the Red Hat Quay UI 4.5. Testing the SSL/TLS configuration using the CLI 4.6. Testing the SSL/TLS configuration using a browser 4.7. Configuring Podman to trust the Certificate Authority 4.8. Configuring the system to trust the certificate authority 5. Adding TLS Certificates to the Red Hat Quay Container Expand section "5. Adding TLS Certificates to the Red Hat Quay Container" Collapse section "5. Adding TLS Certificates to the Red Hat Quay Container" 5.1. Add TLS certificates to Red Hat Quay 5.2. Adding custom SSL/TLS certificates when Red Hat Quay is deployed on Kubernetes 6. Configuring action log storage for Elasticsearch and Splunk Expand section "6. Configuring action log storage for Elasticsearch and Splunk" Collapse section "6. Configuring action log storage for Elasticsearch and Splunk" 6.1. Configuring action log storage for Elasticsearch 6.2. Configuring action log storage for Splunk Expand section "6.2. Configuring action log storage for Splunk" Collapse section "6.2. Configuring action log storage for Splunk" 6.2.1. Installing and creating a username for Splunk 6.2.2. Generating a Splunk token Expand section "6.2.2. Generating a Splunk token" Collapse section "6.2.2. Generating a Splunk token" 6.2.2.1. Generating a Splunk token using the Splunk UI 6.2.2.2. Generating a Splunk token using the CLI 6.2.3. Configuring Red Hat Quay to use Splunk 6.2.4. Creating an action log 7. Clair security scanner Expand section "7. Clair security scanner" Collapse section "7. Clair security scanner" 7.1. Clair vulnerability databases Expand section "7.1. Clair vulnerability databases" Collapse section "7.1. Clair vulnerability databases" 7.1.1. Information about Open Source Vulnerability (OSV) database for Clair 7.2. Setting up Clair on standalone Red Hat Quay deployments 7.3. Clair on OpenShift Container Platform 7.4. Testing Clair 8. Repository mirroring Expand section "8. Repository mirroring" Collapse section "8. Repository mirroring" 8.1. Repository mirroring 8.2. Repository mirroring compared to geo-replication 8.3. Using repository mirroring 8.4. Mirroring configuration UI 8.5. Mirroring configuration fields 8.6. Mirroring worker 8.7. Creating a mirrored repository Expand section "8.7. Creating a mirrored repository" Collapse section "8.7. Creating a mirrored repository" 8.7.1. Repository mirroring settings 8.7.2. Advanced settings 8.7.3. Synchronize now 8.8. Event notifications for mirroring 8.9. Mirroring tag patterns Expand section "8.9. Mirroring tag patterns" Collapse section "8.9. Mirroring tag patterns" 8.9.1. Pattern syntax 8.9.2. Example tag patterns 8.10. Working with mirrored repositories 8.11. Repository mirroring recommendations 9. IPv6 and dual-stack deployments Expand section "9. IPv6 and dual-stack deployments" Collapse section "9. IPv6 and dual-stack deployments" 9.1. Enabling the IPv6 protocol family 9.2. Enabling the dual-stack protocol family 9.3. IPv6 and dua-stack limitations 10. LDAP Authentication Setup for Red Hat Quay Expand section "10. LDAP Authentication Setup for Red Hat Quay" Collapse section "10. LDAP Authentication Setup for Red Hat Quay" 10.1. Considerations when enabling LDAP 10.2. Configuring LDAP for Red Hat Quay 10.3. Enabling the LDAP_RESTRICTED_USER_FILTER configuration field 10.4. Enabling the LDAP_SUPERUSER_FILTER configuration field 10.5. Common LDAP configuration issues 10.6. LDAP configuration fields 11. Configuring OIDC for Red Hat Quay Expand section "11. Configuring OIDC for Red Hat Quay" Collapse section "11. Configuring OIDC for Red Hat Quay" 11.1. Configuring Microsoft Entra ID OIDC on a standalone deployment of Red Hat Quay 11.2. Configuring Red Hat Single Sign-On for Red Hat Quay Expand section "11.2. Configuring Red Hat Single Sign-On for Red Hat Quay" Collapse section "11.2. Configuring Red Hat Single Sign-On for Red Hat Quay" 11.2.1. Configuring the Red Hat Single Sign-On Operator for use with the Red Hat Quay Operator Expand section "11.2.1. Configuring the Red Hat Single Sign-On Operator for use with the Red Hat Quay Operator" Collapse section "11.2.1. Configuring the Red Hat Single Sign-On Operator for use with the Red Hat Quay Operator" 11.2.1.1. Configuring the Red Hat Quay Operator to use Red Hat Single Sign-On 11.3. Team synchronization for Red Hat Quay OIDC deployments Expand section "11.3. Team synchronization for Red Hat Quay OIDC deployments" Collapse section "11.3. Team synchronization for Red Hat Quay OIDC deployments" 11.3.1. Enabling synchronization for Red Hat Quay OIDC deployments 11.3.2. Setting up your Red Hat Quay deployment for team synchronization 12. Configuring AWS STS for Red Hat Quay Expand section "12. Configuring AWS STS for Red Hat Quay" Collapse section "12. Configuring AWS STS for Red Hat Quay" 12.1. Creating an IAM user 12.2. Creating an S3 role 12.3. Configuring Red Hat Quay to use AWS STS 13. Prometheus and Grafana metrics under Red Hat Quay Expand section "13. Prometheus and Grafana metrics under Red Hat Quay" Collapse section "13. Prometheus and Grafana metrics under Red Hat Quay" 13.1. Exposing the Prometheus endpoint Expand section "13.1. Exposing the Prometheus endpoint" Collapse section "13.1. Exposing the Prometheus endpoint" 13.1.1. Standalone Red Hat Quay 13.1.2. Red Hat Quay Operator 13.1.3. Setting up Prometheus to consume metrics 13.1.4. DNS configuration under Kubernetes 13.1.5. DNS configuration for a manual cluster 13.2. Introduction to metrics Expand section "13.2. Introduction to metrics" Collapse section "13.2. Introduction to metrics" 13.2.1. General registry statistics 13.2.2. Queue items 13.2.3. Garbage collection metrics Expand section "13.2.3. Garbage collection metrics" Collapse section "13.2.3. Garbage collection metrics" 13.2.3.1. Multipart uploads metrics 13.2.4. Image push / pull metrics Expand section "13.2.4. Image push / pull metrics" Collapse section "13.2.4. Image push / pull metrics" 13.2.4.1. Image pulls total 13.2.4.2. Image bytes pulled 13.2.4.3. Image pushes total 13.2.4.4. Image bytes pushed 13.2.5. Authentication metrics 14. Red Hat Quay quota management and enforcement overview Expand section "14. Red Hat Quay quota management and enforcement overview" Collapse section "14. Red Hat Quay quota management and enforcement overview" 14.1. Quota management limitations 14.2. Quota management for Red Hat Quay 3.9 Expand section "14.2. Quota management for Red Hat Quay 3.9" Collapse section "14.2. Quota management for Red Hat Quay 3.9" 14.2.1. Option A: Configuring quota management for Red Hat Quay 3.9 by adjusting the QUOTA_TOTAL_DELAY feature flag 14.2.2. Option B: Configuring quota management for Red Hat Quay 3.9 by setting QUOTA_TOTAL_DELAY_SECONDS to 0 14.3. Testing quota management for Red Hat Quay 3.9 14.4. Setting default quota 14.5. Establishing quota in Red Hat Quay UI 14.6. Establishing quota with the Red Hat Quay API Expand section "14.6. Establishing quota with the Red Hat Quay API" Collapse section "14.6. Establishing quota with the Red Hat Quay API" 14.6.1. Setting the quota 14.6.2. Viewing the quota 14.6.3. Modifying the quota 14.6.4. Pushing images Expand section "14.6.4. Pushing images" Collapse section "14.6.4. Pushing images" 14.6.4.1. Pushing ubuntu:18.04 14.6.4.2. Using the API to view quota usage 14.6.4.3. Pushing another image 14.6.5. Rejecting pushes using quota limits Expand section "14.6.5. Rejecting pushes using quota limits" Collapse section "14.6.5. Rejecting pushes using quota limits" 14.6.5.1. Setting reject and warning limits 14.6.5.2. Viewing reject and warning limits 14.6.5.3. Pushing an image when the reject limit is exceeded 14.6.5.4. Notifications for limits exceeded 14.7. Calculating the total registry size in Red Hat Quay 3.9 14.8. Permanently deleting an image tag Expand section "14.8. Permanently deleting an image tag" Collapse section "14.8. Permanently deleting an image tag" 14.8.1. Permanently deleting an image tag using the Red Hat Quay v2 UI 14.8.2. Permanently deleting an image tag using the Red Hat Quay legacy UI 15. Red Hat Quay auto-pruning overview Expand section "15. Red Hat Quay auto-pruning overview" Collapse section "15. Red Hat Quay auto-pruning overview" 15.1. Prerequisites and limitations for auto-pruning 15.2. Managing auto-pruning policies using the Red Hat Quay UI Expand section "15.2. Managing auto-pruning policies using the Red Hat Quay UI" Collapse section "15.2. Managing auto-pruning policies using the Red Hat Quay UI" 15.2.1. Configuring the Red Hat Quay auto-pruning feature 15.2.2. Creating an auto-prune policy for a namespace using the Red Hat Quay v2 UI 15.2.3. Creating an auto-prune policy for a namespace using the Red Hat Quay API 15.2.4. Creating an auto-prune policy for a namespace for the current user using the API 15.2.5. Creating an auto-prune policy for a repository using the Red Hat Quay v2 UI 15.2.6. Creating an auto-prune policy for a repository using the Red Hat Quay API 15.2.7. Creating an auto-prune policy on a repository for a user with the API 16. Geo-replication Expand section "16. Geo-replication" Collapse section "16. Geo-replication" 16.1. Geo-replication features 16.2. Geo-replication requirements and constraints Expand section "16.2. Geo-replication requirements and constraints" Collapse section "16.2. Geo-replication requirements and constraints" 16.2.1. Enable storage replication - standalone Quay 16.2.2. Run Red Hat Quay with storage preferences 16.2.3. Removing a geo-replicated site from your standalone Red Hat Quay deployment 16.2.4. Setting up geo-replication on OpenShift Container Platform Expand section "16.2.4. Setting up geo-replication on OpenShift Container Platform" Collapse section "16.2.4. Setting up geo-replication on OpenShift Container Platform" 16.2.4.1. Configuring geo-replication for the Red Hat Quay on OpenShift Container Platform 16.2.5. Removing a geo-replicated site from your Red Hat Quay on OpenShift Container Platform deployment 16.3. Mixed storage for geo-replication 17. Backing up and restoring Red Hat Quay on a standalone deployment Expand section "17. Backing up and restoring Red Hat Quay on a standalone deployment" Collapse section "17. Backing up and restoring Red Hat Quay on a standalone deployment" 17.1. Backing up Red Hat Quay on standalone deployments 17.2. Restoring Red Hat Quay on standalone deployments 18. Migrating a standalone Red Hat Quay deployment to a Red Hat Quay Operator deployment Expand section "18. Migrating a standalone Red Hat Quay deployment to a Red Hat Quay Operator deployment" Collapse section "18. Migrating a standalone Red Hat Quay deployment to a Red Hat Quay Operator deployment" 18.1. Backing up a standalone deployment of Red Hat Quay 18.2. Using backed up standalone content to migrate to OpenShift Container Platform. 19. Configuring artifact types Expand section "19. Configuring artifact types" Collapse section "19. Configuring artifact types" 19.1. Configuring OCI artifact types 19.2. Configuring additional artifact types 19.3. Configuring unknown media types 20. Red Hat Quay garbage collection Expand section "20. Red Hat Quay garbage collection" Collapse section "20. Red Hat Quay garbage collection" 20.1. Red Hat Quay garbage collection in practice Expand section "20.1. Red Hat Quay garbage collection in practice" Collapse section "20.1. Red Hat Quay garbage collection in practice" 20.1.1. Measuring storage reclamation 20.2. Garbage collection configuration fields 20.3. Disabling garbage collection 20.4. Garbage collection and quota management 20.5. Garbage collection in practice 20.6. Red Hat Quay garbage collection metrics 21. Using the v2 UI Expand section "21. Using the v2 UI" Collapse section "21. Using the v2 UI" 21.1. v2 user interface configuration Expand section "21.1. v2 user interface configuration" Collapse section "21.1. v2 user interface configuration" 21.1.1. Creating a new organization using the v2 UI 21.1.2. Deleting an organization using the v2 UI 21.1.3. Creating a new repository using the v2 UI 21.1.4. Deleting a repository using the v2 UI 21.1.5. Pushing an image to the v2 UI 21.1.6. Deleting an image using the v2 UI 21.1.7. Creating a new team using the Red Hat Quay v2 UI 21.1.8. Creating a robot account using the v2 UI Expand section "21.1.8. Creating a robot account using the v2 UI" Collapse section "21.1.8. Creating a robot account using the v2 UI" 21.1.8.1. Bulk managing robot account repository access using the Red Hat Quay v2 UI 21.1.9. Creating default permissions using the Red Hat Quay v2 UI 21.1.10. Organization settings for the v2 UI 21.1.11. Viewing image tag information using the v2 UI 21.1.12. Adjusting repository settings using the v2 UI 21.2. Viewing Red Hat Quay tag history 21.3. Adding and managing labels on the Red Hat Quay v2 UI 21.4. Setting tag expirations on the Red Hat Quay v2 UI 21.5. Selecting color theme preference on the Red Hat Quay v2 UI 21.6. Viewing usage logs on the Red Hat Quay v2 UI 21.7. Enabling the legacy UI 22. Performing health checks on Red Hat Quay deployments Expand section "22. Performing health checks on Red Hat Quay deployments" Collapse section "22. Performing health checks on Red Hat Quay deployments" 22.1. Red Hat Quay health check endpoints 22.2. Navigating to a Red Hat Quay health check endpoint 23. Branding a Red Hat Quay deployment on the legacy UI 24. Schema for Red Hat Quay configuration Legal Notice Settings Close Language: English 简体中文 日本語 Language: English 简体中文 日本語 Format: Multi-page Single-page PDF Format: Multi-page Single-page PDF Language and Page Formatting Options Language: English 简体中文 日本語 Language: English 简体中文 日本語 Format: Multi-page Single-page PDF Format: Multi-page Single-page PDF Chapter 24. Schema for Red Hat Quay configuration Most Red Hat Quay configuration information is stored in the config.yaml file. All configuration options are described in the Red Hat Quay Configuration Guide. Previous Next