quay-operator icon indicating copy to clipboard operation
quay-operator copied to clipboard

Published 20 hours ago verified publisher icon quay

postgres and redis container images anywhere but dockerhub

Open BonzTM opened this issue 2 years ago • 7 comments

Hello, Is it possible to pull or mirror the centos postgres and redis images anywhere but dockerhub? Perhaps mirrored on Quay?

I've deployed Quay into my cluster as a local mirror of many different repos. It functions well as a workaround for dockerhub api rate limiting, until Quay itself fails to come up due to dockerhub rate limiting.

BonzTM avatar May 29 '22 03:05 BonzTM

Hi @BonzTM, maybe this helps? https://docs.projectquay.io/deploy_quay_on_openshift_op_tng.html#operator-customize-images

flavianmissi avatar Jun 01 '22 12:06 flavianmissi

Hi @BonzTM, maybe this helps? https://docs.projectquay.io/deploy_quay_on_openshift_op_tng.html#operator-customize-images

Hello, This does help, however it is noted: Using this mechanism is not supported for production Quay environments and is strongly encouraged only for development/testing purposes. There is no guarantee your deployment will work correctly when using non-default images with the Quay Operator.

I do not wish for my production Quay instance to be subject to failure if I mis-type a tag, or fail to upgrade one of the container images with a Quay upgrade. If the default postgres and redis were hosted in a container registry that did not impose very low rate limitations, that would be ideal.

BonzTM avatar Jun 02 '22 12:06 BonzTM

If you are running on OpenShift, you can use ImageContentSourcePolicy to redirect those image pulls for redis and postgres to your own mirror of those images.

dmesser avatar Jun 21 '22 09:06 dmesser

If you are running on OpenShift, you can use ImageContentSourcePolicy to redirect those image pulls for redis and postgres to your own mirror of those images.

Thanks Dan, I have done this as a workaround with the overrides and locally mirrored ImageStreams for now. I am running OKD at home. I will keep on top of the images as the Quay operator advances in version and handle this each time if necessary.

While I think the best solution is to host the centos-redis and centos-postgres images on a different mirror to rid ourselves of the requirements of DockerHub for this operator; if this workaround is the official solution, consider my complaints resolved.

BonzTM avatar Jun 21 '22 13:06 BonzTM

The operator is packaged following a philosophy from the OpenShift Container Platform, which is to:

  • hard code container image references and not get those from external configuration
  • refer to the image references via digests

Both concepts allow to reason about the content you are getting and that the component is pulling at runtime, although it makes it a little harder to get the images from somewhere else.

dmesser avatar Jun 21 '22 14:06 dmesser

The operator is packaged following a philosophy from the OpenShift Container Platform, which is to:

  • hard code container image references and not get those from external configuration
  • refer to the image references via digests

Both concepts allow to reason about the content you are getting and that the component is pulling at runtime, although it makes it a little harder to get the images from somewhere else.

Dan, Postgres v10 (and newer) and Redis (v5) are hosted on Quay.io already. Is there a reason to not use those and continue pulling from dockerhub?

https://quay.io/repository/centos7/postgresql-10-centos7 https://quay.io/repository/centos7/redis-5-centos7

BonzTM avatar Jun 23 '22 12:06 BonzTM

We could certainly look into that.

dmesser avatar Jun 23 '22 12:06 dmesser