0

i'm new to openshift/kubernetes/docker and i was wondering where the docker registry of openshift origin persist the images , knowing that :

1.in the deployment's yaml of the docker registry , there is only emptyDir volumes declaration

  volumes:
    - emptyDir: {}
      name: registry-storage

2.in the machine where the pod is deployed i can't see no volume using 

docker volumes ls

3.the images are still persisted even if i restart the pod

docker registry deployment's yaml :

apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
  creationTimestamp: '2020-04-26T18:16:50Z'
  generation: 1
  labels:
    docker-registry: default
  name: docker-registry
  namespace: default
  resourceVersion: '1844231'
  selfLink: >-
    /apis/apps.openshift.io/v1/namespaces/default/deploymentconfigs/docker-registry
  uid: 1983153d-87ea-11ea-a4bc-fa163ee581f7
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    docker-registry: default
  strategy:
    activeDeadlineSeconds: 21600
    resources: {}
    rollingParams:
      intervalSeconds: 1
      maxSurge: 25%
      maxUnavailable: 25%
      timeoutSeconds: 600
      updatePeriodSeconds: 1
    type: Rolling
  template:
    metadata:
      creationTimestamp: null
      labels:
        docker-registry: default
    spec:
      containers:
        - env:
            - name: REGISTRY_HTTP_ADDR
              value: ':5000'
            - name: REGISTRY_HTTP_NET
              value: tcp
            - name: REGISTRY_HTTP_SECRET
              value: 
            - name: REGISTRY_MIDDLEWARE_REPOSITORY_OPENSHIFT_ENFORCEQUOTA
              value: 'false'
            - name: OPENSHIFT_DEFAULT_REGISTRY
              value: 'docker-registry.default.svc:5000'
            - name: REGISTRY_HTTP_TLS_CERTIFICATE
              value: /etc/secrets/registry.crt
            - name: REGISTRY_OPENSHIFT_SERVER_ADDR
              value: 'docker-registry.default.svc:5000'
            - name: REGISTRY_HTTP_TLS_KEY
              value: /etc/secrets/registry.key
          image: 'docker.io/openshift/origin-docker-registry:v3.11'
          imagePullPolicy: IfNotPresent
          livenessProbe:
            failureThreshold: 3
            httpGet:
              path: /healthz
              port: 5000
              scheme: HTTPS
            initialDelaySeconds: 10
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 5
          name: registry
          ports:
            - containerPort: 5000
              protocol: TCP
          readinessProbe:
            failureThreshold: 3
            httpGet:
              path: /healthz
              port: 5000
              scheme: HTTPS
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 5
          resources:
            requests:
              cpu: 100m
              memory: 256Mi
          securityContext:
            privileged: false
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          volumeMounts:
            - mountPath: /registry
              name: registry-storage
            - mountPath: /etc/secrets
              name: registry-certificates
      dnsPolicy: ClusterFirst
      nodeSelector:
        node-role.kubernetes.io/infra: 'true'
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      serviceAccount: registry
      serviceAccountName: registry
      terminationGracePeriodSeconds: 30
      volumes:
        - emptyDir: {}
          name: registry-storage
        - name: registry-certificates
          secret:
            defaultMode: 420
            secretName: registry-certificates
  test: false
  triggers:
    - type: ConfigChange
status:
  availableReplicas: 1
  conditions:
    - lastTransitionTime: '2020-04-26T18:17:12Z'
      lastUpdateTime: '2020-04-26T18:17:12Z'
      message: replication controller "docker-registry-1" successfully rolled out
      reason: NewReplicationControllerAvailable
      status: 'True'
      type: Progressing
    - lastTransitionTime: '2020-05-05T09:39:57Z'
      lastUpdateTime: '2020-05-05T09:39:57Z'
      message: Deployment config has minimum availability.
      status: 'True'
      type: Available
  details:
    causes:
      - type: ConfigChange
    message: config change
  latestVersion: 1
  observedGeneration: 1
  readyReplicas: 1
  replicas: 1
  unavailableReplicas: 0
  updatedReplicas: 1

to restart : i just delete the pod and a new one is created since i'm using a deployment

i'm creating the file in the /registry

AMAR BESSALAH
  • 49
  • 1
  • 6

1 Answers1

1

Restarting does not mean the data is deleted, it still exist in the container top layer, suggest you get started by reading this.

Persistence is, for example in Kubernetes, when a pod is deleted and re-created on another node and still maintains the same state of a volume.

omricoco
  • 823
  • 5
  • 15
  • thank you for taking the time to answer me. can you please explain to me why when i create a new file in the container and restart it the file is lost but the images are still there ? by saying restart i meant deleting the pod and a new one will immediatly be recreated since i'm using a deployment , is this way of doing is restarting the same pod or creating a new one ? – AMAR BESSALAH May 05 '20 at 11:20
  • no problem. what file are you creating and where? how exactly do you restart the container? can you specify your example - what container are you running, the file you are creating and the way you restart. – omricoco May 05 '20 at 11:23
  • i edited the post , i included the yaml of the docker registry , i'm creating dummy file in /registry that is being deleted after restart – AMAR BESSALAH May 05 '20 at 11:35
  • Are you sure the images you are retrieving do not originate from the registry image? how do you validate that images still exist after deletion? – omricoco May 05 '20 at 11:48
  • i curl into the docker registry : curl -u unused:$(oc whoami -t) https://docker-registry.default.svc:5000/v2/_catalog?n=100 i'm sure they don't come from the docker registry image , i just pushed an image and restart the pod and it's still there – AMAR BESSALAH May 05 '20 at 12:09
  • after inspecting the dockerfile of the docker registry image i can see that there is a definition of a volume in /registry ( https://github.com/openshift/image-registry/blob/master/Dockerfile ) , is it normal that it's not showing in the docker volume ls ? and why when i create a file inside the /registry it's not persisted ? – AMAR BESSALAH May 05 '20 at 12:11