Verify the Registries’ Secret Configuration Changes¶
To verify the registries’ secret configuration changes, use the following command:
for registry in docker-registry quay-registry elastic-registry gcr-registry k8s-registry
do
echo $registry
secret_uuid=`openstack secret list |grep ${registry}-secret | awk '{print $2}'`
openstack secret get -d $secret_uuid
done
You will get the following output:
docker-registry
Field |
Value |
Payload |
username:docker password:**** |
quay-registry
Field |
Value |
Payload |
username:docker password:**** |
elastic-registry
Field |
Value |
Payload |
username:docker password:**** |
gcr-registry
Field |
Value |
Payload |
username:docker password:**** |
k8s-registry
Field |
Value |
Payload |
username:docker password:**** |
To verify if the configured registries’ secret is properly linked to the registry entries in the service parameter table, use the following command:
for registry in docker-registry quay-registry elastic-registry gcr-registry k8s-registry
do
echo $registry
uuid=`system service-parameter-list |grep $registry | grep auth-secret | awk '{print $2}'`
url=`system service-parameter-show ${uuid} | grep value | awk '{print $4}'`
secret_uuid=`openstack secret list |grep ${registry}-secret | awk '{print $2}'| awk -F/ '{print $6}'`
echo $url $secret_uuid
if [ "${url}" != "${secret_uuid}" ]; then
echo "**** ${registry} not correct"
fi
done
You will get the following output:
docker-registry
1ee140e8-3246-4435-8dfc-5c37277767a2 1ee140e8-3246-4435-8dfc-5c37277767a2
quay-registry
657b91e8-e214-4fee-b391-0ad2ce9124de 657b91e8-e214-4fee-b391-0ad2ce9124de
elastic-registry
3f816e1c-7892-42e9-b269-f02bc14504fa 3f816e1c-7892-42e9-b269-f02bc14504fa
gcr-registry
4c58aa1a-2026-49d2-8f9c-f3f6b4b34eb1 4c58aa1a-2026-49d2-8f9c-f3f6b4b34eb1
k8s-registry
96d722e6-ab97-4185-9b97-64ee90c6162c 96d722e6-ab97-4185-9b97-64ee90c6162c
To add the CA Certificate, go to Add the CA Certificate for New Registry.