S3 是AWS提供的存儲服務(wù)沦寂,可以通過RestAPI進(jìn)行訪問,CEPH提供了一個(gè)GateWay API 來支持通過S3API來訪問ceph
在OpenShift中支持S3,因此可以在openshift中通過S3接口訪問ceph,本文目標(biāo)是,通過S3 API 將openshift default registry數(shù)據(jù)保存在Ceph中
步驟
- 創(chuàng)建config.yaml 文件
version: 0.1
log:
level: debug
http:
addr: :5000
storage:
cache:
blobdescriptor: inmemory
s3:
accesskey: awsaccesskey
secretkey: awssecretkey
region: us-west-1
regionendpoint: http://myobjects.local
bucket: bucketname
encrypt: true
keyid: mykeyid
secure: true
v4auth: false
chunksize: 5242880
rootdirectory: /s3/object/name/prefix
auth:
openshift:
realm: openshift
middleware:
registry:
- name: openshift
repository:
- name: openshift
- 創(chuàng)建一個(gè)名為registry-config 的secret
oc secrets new registry-config config.yml=./config.yaml
- 將 registry-config 作為一個(gè)volume添加到registry 的DC中
此時(shí)會(huì)將config.yaml 文件掛載在 /etc/docker/registry 目錄下
oc volume dc/docker-registry --add --type=secret \
--secret-name=registry-config -m /etc/docker/registry/
- 在dc中添加參數(shù) REGISTRY_CONFIGURATION_PATH亏钩,使其使用新加的配置文件創(chuàng)建registry pod
oc set env dc/docker-registry \
REGISTRY_CONFIGURATION_PATH=/etc/docker/registry/config.yml
等registry 重啟后即可正常使用
排查方案
- 要確保Ceph可以正常訪問,可以通過瀏覽器訪問Ceph bucket 驗(yàn)證
Reference:
https://docs.openshift.com/container-platform/3.3/install_config/registry/extended_registry_configuration.html#advanced-overriding-the-registry-configuration
https://docs.docker.com/registry/storage-drivers/s3/#parameters
