starlingx/docs
Code Issues Proposed changes
Files
e8e17c8688df879c788204c59d0efd24e60a67c2
docs/doc/source/system_configuration/kubernetes/verify-the-registry-secret-changes-and-secret-key-in-system-database.rst
Adil 8cef686cf8 Added topics upstream for Re-host Upstream Registry 
Created new chapter in System Configuration Guide

Acted on Greg's comments

Changed the AWS occurences and hostnames

Fixed merge conflict

https://review.opendev.org/c/starlingx/docs/+/788616

Signed-off-by: Adil <mohamed.adilassakkali@windriver.com>
Change-Id: Id4406152d108326125b32911b7d73e805068cf5e
2021-06-09 15:06:31 -03:00

109 lines
3.4 KiB
ReStructuredText
Raw Blame History

..
.. _verify-the-registry-secret-changes-and-secret-key-in-system-database:
===================================================
Verify the Registries' Secret Configuration Changes
===================================================
To verify the registries' secret configuration changes, use the following command:
.. code-block:: none
for registry in docker-registry quay-registry elastic-registry gcr-registry k8s-registry
do
echo $registry
secret_uuid=`openstack secret list |grep ${registry}-secret | awk '{print $2}'`
openstack secret get -d $secret_uuid
done
You will get the following output:
docker-registry
.. table::
:widths: auto
+---------+-----------------------------------+
| Field | Value |
+---------+-----------------------------------+
| Payload | username:docker password:******** |
+---------+-----------------------------------+
quay-registry
.. table::
:widths: auto
+---------+-----------------------------------+
| Field | Value |
+---------+-----------------------------------+
| Payload | username:docker password:******** |
+---------+-----------------------------------+
elastic-registry
.. table::
:widths: auto
+---------+-----------------------------------+
| Field | Value |
+---------+-----------------------------------+
| Payload | username:docker password:******** |
+---------+-----------------------------------+
gcr-registry
.. table::
:widths: auto
+---------+-----------------------------------+
| Field | Value |
+---------+-----------------------------------+
| Payload | username:docker password:******** |
+---------+-----------------------------------+
k8s-registry
.. table::
:widths: auto
+---------+-----------------------------------+
| Field | Value |
+---------+-----------------------------------+
| Payload | username:docker password:******** |
+---------+-----------------------------------+
To verify if the configured registries' secret is properly linked to the
registry entries in the service parameter table, use the following command:
.. code-block:: none
for registry in docker-registry quay-registry elastic-registry gcr-registry k8s-registry
do
echo $registry
uuid=`system service-parameter-list |grep $registry | grep auth-secret | awk '{print $2}'`
url=`system service-parameter-show ${uuid} | grep value | awk '{print $4}'`
secret_uuid=`openstack secret list |grep ${registry}-secret | awk '{print $2}'| awk -F/ '{print $6}'`
echo $url $secret_uuid
if [ "${url}" != "${secret_uuid}" ]; then
echo "**** ${registry} not correct"
fi
done
You will get the following output:
.. code-block:: none
docker-registry
1ee140e8-3246-4435-8dfc-5c37277767a2 1ee140e8-3246-4435-8dfc-5c37277767a2
quay-registry
657b91e8-e214-4fee-b391-0ad2ce9124de 657b91e8-e214-4fee-b391-0ad2ce9124de
elastic-registry
3f816e1c-7892-42e9-b269-f02bc14504fa 3f816e1c-7892-42e9-b269-f02bc14504fa
gcr-registry
4c58aa1a-2026-49d2-8f9c-f3f6b4b34eb1 4c58aa1a-2026-49d2-8f9c-f3f6b4b34eb1
k8s-registry
96d722e6-ab97-4185-9b97-64ee90c6162c 96d722e6-ab97-4185-9b97-64ee90c6162c
To add the CA Certificate, go to :ref:`Add the CA Certificate for New Registry
<add-the-ca-certificate-for-new-registry>`.
View Git Blame Copy Permalink