Add new docker_registry.server to replace address and port

Author: dkoshkin

ansible/group_vars/all.yaml

@@ -234,7 +234,6 @@ etcd_networking_cluster_ip_list: "{% for host in groups['etcd'] %}https://{{ hos
 etcd_k8s_cluster_ip_list: "{% for host in groups['etcd'] %}https://{{ host }}:{{ etcd_k8s_client_port }}{% if not loop.last %},{% endif %}{% endfor %}"
 
 #===============================================================================
-docker_registry_full_url: "{{ docker_registry_address }}:{{ docker_registry_port }}"
 load_private_images: "{{ configure_docker_with_private_registry is defined and configure_docker_with_private_registry|bool == true and disconnected_installation is defined and disconnected_installation|bool == true }}"
 
 official_versioned_images:

docs/container-registry.md

@@ -9,9 +9,8 @@ in the plan file.
 ## Configuring KET
 The following information must be provided in the plan file to use an internal
 image registry:
-* `address`: The hostname or IP address of the registry. This must be reachable from
+* `server`: The hostname or IP address of the registry and the port. This must be reachable from
 all the nodes in the cluster.
-* `port`: The port number on which the registry is listening.
 * `CA`: The absolute path to the certificate that should be trusted when connecting
 to the registry. This is optional. When set, KET will configure the docker daemon
 on all nodes to trust this certificate.
@@ -20,8 +19,7 @@ Sample:
 ```
 # plan file
 docker_registry:                         
-    address: registry.example.com
-    port: 8443              
+    server: registry.example.com:8443        
     CA: /certs/ca.rt    
 ```
 

docs/plan-file-reference.md

@@ -41,8 +41,9 @@
       * [block_device](#dockerstoragedirect_lvmblock_device)
       * [enable_deferred_deletion](#dockerstoragedirect_lvmenable_deferred_deletion)
 * [docker_registry](#docker_registry)
-  * [address](#docker_registryaddress)
-  * [port](#docker_registryport)
+  * [server](#docker_registryserver)
+  * [address _(deprecated)_](#docker_registryaddress-deprecated)
+  * [port _(deprecated)_](#docker_registryport-deprecated)
   * [CA](#docker_registryCA)
   * [username](#docker_registryusername)
   * [password](#docker_registrypassword)
@@ -456,7 +457,17 @@
 
  Docker registry configuration 
 
-###  docker_registry.address
+###  docker_registry.server
+
+ The hostname or IP address and port of a private container image registry. Do not include http or https. When performing a disconnected installation, this registry will be used to fetch all the required container images. 
+
+| | |
+|----------|-----------------|
+| **Kind** |  string |
+| **Required** |  No |
+| **Default** | ` ` | 
+
+###  docker_registry.address _(deprecated)_
 
  The hostname or IP address of a private container image registry. When performing a disconnected installation, this registry will be used to fetch all the required container images. 
 
@@ -466,7 +477,7 @@
 | **Required** |  No |
 | **Default** | ` ` | 
 
-###  docker_registry.port
+###  docker_registry.port _(deprecated)_
 
  The port on which the private container image registry is listening on. 
 

docs/upgrade/v1.6.0/disconnected-upgrade.md

@@ -42,10 +42,8 @@ by KET.
 
 If you want to continue using the registry that was deployed by KET, you must
 set the plan file fields to the following values:
-* `docker_registry.address`: The hostname or IP of the first master node. This
+* `docker_registry.server`: The hostname or IP of the first master node and port 8443 (This is the port that KET used when deploying the registry during the (installation of your cluster). This
 is where KET deployed the registry during the installation of your cluster.
-* `docker_registry.port`: 8443 (This is the port that KET used when deploying
-the registry during the (installation of your cluster)
 * `docker_registry.CA`: Absolute path to the certificate authority located in
 `generated/keys/ca.pem`
 
@@ -54,8 +52,8 @@ must configure docker on the node where you are running the command to trust the
 certificate authority generated by KET. The way to configure this in docker 
 depends on the operating system. If you are seeding the registry from a Linux 
 machine, you must copy the `generated/keys/ca.pem` certificate to 
-`/etc/docker/certs.d/${docker_registry.address}:8443/ca.crt`. For example, if
-the `docker_registry.address` field is set to `registry.example.com`, you would 
+`/etc/docker/certs.d/${docker_registry.server}/ca.crt`. For example, if
+the `docker_registry.server` field is set to `registry.example.com:8443`, you would 
 copy the CA to `/etc/docker/certs.d/registry.example.com:8443/ca.crt`. See the
 [official docker documentation](https://docs.docker.com/registry/insecure/#use-self-signed-certificates)
 for more information about using a registry with a self-signed certificate.

integration/disconnected_install_test.go

@@ -63,8 +63,7 @@ var _ = Describe("disconnected installation", func() {
 						disconnectedInstallation:   true,
 						modifyHostsFiles:           true,
 						dockerRegistryCAPath:       caFile,
-						dockerRegistryIP:           repoNode.PrivateIP,
-						dockerRegistryPort:         dockerRegistryPort,
+						dockerRegistryServer:       fmt.Sprintf("%s:%d", repoNode.PrivateIP, dockerRegistryPort),
 						dockerRegistryUsername:     "kismaticuser",
 						dockerRegistryPassword:     "kismaticpassword",
 					}
@@ -120,8 +119,7 @@ var _ = Describe("disconnected installation", func() {
 						disconnectedInstallation:   true,
 						modifyHostsFiles:           true,
 						dockerRegistryCAPath:       caFile,
-						dockerRegistryIP:           repoNode.PrivateIP,
-						dockerRegistryPort:         dockerRegistryPort,
+						dockerRegistryServer:       fmt.Sprintf("%s:%d", repoNode.PrivateIP, dockerRegistryPort),
 						dockerRegistryUsername:     "kismaticuser",
 						dockerRegistryPassword:     "kismaticpassword",
 					}

integration/docker_registry_test.go

@@ -1,6 +1,7 @@
 package integration
 
 import (
+	"fmt"
 	"os"
 
 	. "github.com/onsi/ginkgo"
@@ -22,8 +23,7 @@ var _ = Describe("kismatic docker registry feature", func() {
 				Expect(err).ToNot(HaveOccurred())
 				opts := installOptions{
 					dockerRegistryCAPath:   caFile,
-					dockerRegistryIP:       nodes.etcd[1].PrivateIP,
-					dockerRegistryPort:     dockerRegistryPort,
+					dockerRegistryServer:   fmt.Sprintf("%s:%d", nodes.etcd[1].PrivateIP, dockerRegistryPort),
 					dockerRegistryUsername: "kismaticuser",
 					dockerRegistryPassword: "kismaticpassword",
 				}

integration/install.go

@@ -31,8 +31,7 @@ func GetSSHKeyFile() (string, error) {
 type installOptions struct {
 	disablePackageInstallation   bool
 	disconnectedInstallation     bool
-	dockerRegistryIP             string
-	dockerRegistryPort           int
+	dockerRegistryServer         string
 	dockerRegistryCAPath         string
 	dockerRegistryUsername       string
 	dockerRegistryPassword       string
@@ -96,8 +95,7 @@ func buildPlan(nodes provisionedNodes, installOpts installOptions, sshKey string
 		SSHKeyFile:                   sshKey,
 		SSHUser:                      sshUser,
 		DockerRegistryCAPath:         installOpts.dockerRegistryCAPath,
-		DockerRegistryIP:             installOpts.dockerRegistryIP,
-		DockerRegistryPort:           installOpts.dockerRegistryPort,
+		DockerRegistryServer:         installOpts.dockerRegistryServer,
 		DockerRegistryUsername:       installOpts.dockerRegistryUsername,
 		DockerRegistryPassword:       installOpts.dockerRegistryPassword,
 		ModifyHostsFiles:             installOpts.modifyHostsFiles,

integration/plan_patterns.go

@@ -18,8 +18,7 @@ type PlanAWS struct {
 	HomeDirectory                string
 	DisablePackageInstallation   bool
 	DisconnectedInstallation     bool
-	DockerRegistryIP             string
-	DockerRegistryPort           int
+	DockerRegistryServer         string
 	DockerRegistryCAPath         string
 	DockerRegistryUsername       string
 	DockerRegistryPassword       string
@@ -82,8 +81,7 @@ docker:
       block_device: "/dev/xvdb"
       enable_deferred_deletion: false{{end}}
 docker_registry:
-  address: {{.DockerRegistryIP}}
-  port: {{.DockerRegistryPort}}
+  server: {{.DockerRegistryServer}}
   CA: {{.DockerRegistryCAPath}}
   username: {{.DockerRegistryUsername}}
   password: {{.DockerRegistryPassword}}

integration/upgrade_test.go

@@ -156,8 +156,7 @@ var _ = Describe("Upgrade", func() {
 								disconnectedInstallation: true,
 								modifyHostsFiles:         true,
 								dockerRegistryCAPath:     caFile,
-								dockerRegistryIP:         repoNode.PrivateIP,
-								dockerRegistryPort:       dockerRegistryPort,
+								dockerRegistryServer:     fmt.Sprintf("%s:%d", repoNode.PrivateIP, dockerRegistryPort),
 								dockerRegistryUsername:   "kismaticuser",
 								dockerRegistryPassword:   "kismaticpassword",
 							}
@@ -224,8 +223,7 @@ var _ = Describe("Upgrade", func() {
 								disconnectedInstallation: true,
 								modifyHostsFiles:         true,
 								dockerRegistryCAPath:     caFile,
-								dockerRegistryIP:         repoNode.PrivateIP,
-								dockerRegistryPort:       dockerRegistryPort,
+								dockerRegistryServer:     fmt.Sprintf("%s:%d", repoNode.PrivateIP, dockerRegistryPort),
 								dockerRegistryUsername:   "kismaticuser",
 								dockerRegistryPassword:   "kismaticpassword",
 							}
@@ -382,8 +380,7 @@ var _ = Describe("Upgrade", func() {
 								disconnectedInstallation: true,
 								modifyHostsFiles:         true,
 								dockerRegistryCAPath:     caFile,
-								dockerRegistryIP:         repoNode.PrivateIP,
-								dockerRegistryPort:       dockerRegistryPort,
+								dockerRegistryServer:     fmt.Sprintf("%s:%d", repoNode.PrivateIP, dockerRegistryPort),
 								dockerRegistryUsername:   "kismaticuser",
 								dockerRegistryPassword:   "kismaticpassword",
 							}
@@ -450,8 +447,7 @@ var _ = Describe("Upgrade", func() {
 								disconnectedInstallation: true,
 								modifyHostsFiles:         true,
 								dockerRegistryCAPath:     caFile,
-								dockerRegistryIP:         repoNode.PrivateIP,
-								dockerRegistryPort:       dockerRegistryPort,
+								dockerRegistryServer:     fmt.Sprintf("%s:%d", repoNode.PrivateIP, dockerRegistryPort),
 								dockerRegistryUsername:   "kismaticuser",
 								dockerRegistryPassword:   "kismaticpassword",
 							}

pkg/ansible/clustercatalog.go

@@ -27,8 +27,7 @@ type ClusterCatalog struct {
 
 	ConfigureDockerWithPrivateRegistry bool   `yaml:"configure_docker_with_private_registry"`
 	DockerRegistryCAPath               string `yaml:"docker_certificates_ca_path"`
-	DockerRegistryAddress              string `yaml:"docker_registry_address"`
-	DockerRegistryPort                 string `yaml:"docker_registry_port"`
+	DockerRegistryServer               string `yaml:"docker_registry_full_url"`
 	DockerRegistryUsername             string `yaml:"docker_registry_username"`
 	DockerRegistryPassword             string `yaml:"docker_registry_password"`
 

pkg/cli/seed.go

@@ -118,21 +118,15 @@ func doSeedRegistry(stdout, stderr io.Writer, options seedRegistryOptions, image
 		util.PrettyPrintOk(stdout, "Reading installation plan file %q", options.planFile)
 		// Validate the registry info in the plan file
 		errs := []error{}
-		if plan.DockerRegistry.Address == "" {
+		if plan.DockerRegistry.Server == "" {
 			errs = append(errs, errors.New("The private registry's address must be set in the plan file."))
 		}
-		if plan.DockerRegistry.Port == 0 {
-			errs = append(errs, errors.New("The private registry's port must be set in the plan file."))
-		}
-		if plan.DockerRegistry.Port < 1 || plan.DockerRegistry.Port > 65535 {
-			errs = append(errs, fmt.Errorf("The private registry port '%d' provided in the plan file is not valid.", plan.DockerRegistry.Port))
-		}
 		if len(errs) > 0 {
 			util.PrettyPrintErr(stdout, "Validating registry configured in plan file")
 			util.PrintValidationErrors(stdout, errs)
 			return errors.New("Invalid registry configuration found in plan file")
 		}
-		server = fmt.Sprintf("%s:%d", plan.DockerRegistry.Address, plan.DockerRegistry.Port)
+		server = plan.DockerRegistry.Server
 	}
 
 	im, err := readImageManifest()

pkg/inspector/rule/rule_set.go

@@ -139,15 +139,6 @@ const defaultRuleSet = `---
   port: 10250
   timeout: 5s
 
-# Port used by Docker registry
-- kind: TCPPortAvailable
-  when: ["master"]
-  port: 8443
-- kind: TCPPortAccessible
-  when: ["master"]
-  port: 8443
-  timeout: 5s
-
 # Port used by Ingress
 - kind: TCPPortAvailable
   when: ["ingress"]

pkg/install/execute.go

@@ -7,7 +7,6 @@ import (
 	"io/ioutil"
 	"os"
 	"path/filepath"
-	"strconv"
 	"time"
 
 	"strings"
@@ -685,8 +684,7 @@ func (ae *ansibleExecutor) buildClusterCatalog(p *Plan) (*ansible.ClusterCatalog
 
 	if p.PrivateRegistryProvided() {
 		cc.ConfigureDockerWithPrivateRegistry = true
-		cc.DockerRegistryAddress = p.DockerRegistry.Address
-		cc.DockerRegistryPort = strconv.Itoa(p.DockerRegistry.Port)
+		cc.DockerRegistryServer = p.DockerRegistry.Server
 		cc.DockerRegistryCAPath = p.DockerRegistry.CAPath
 		cc.DockerRegistryUsername = p.DockerRegistry.Username
 		cc.DockerRegistryPassword = p.DockerRegistry.Password

pkg/install/plan.go

@@ -92,6 +92,10 @@ func readDeprecatedFields(p *Plan) {
 			Disable: p.AddOns.DashboardDeprecated.Disable,
 		}
 	}
+
+	if p.DockerRegistry.Server == "" && p.DockerRegistry.Address != "" && p.DockerRegistry.Port != 0 {
+		p.DockerRegistry.Server = fmt.Sprintf("%s:%d", p.DockerRegistry.Address, p.DockerRegistry.Port)
+	}
 }
 
 func setDefaults(p *Plan) {
@@ -285,9 +289,6 @@ func buildPlanFromTemplateOptions(templateOpts PlanTemplateOptions) Plan {
 	p.Cluster.Certificates.Expiry = "17520h"
 	p.Cluster.Certificates.CAExpiry = defaultCAExpiry
 
-	// Set DockerRegistry defaults
-	p.DockerRegistry.Port = 8443
-
 	// Add-Ons
 	// CNI
 	p.AddOns.CNI = &CNI{}
@@ -424,8 +425,7 @@ var commentMap = map[string][]string{
 	"docker.storage.direct_lvm.block_device":             []string{"Path to the block device that will be used for direct-lvm mode. This", "device will be wiped and used exclusively by docker."},
 	"docker.storage.direct_lvm.enable_deferred_deletion": []string{"Set to true if you want to enable deferred deletion when using", "direct-lvm mode."},
 	"docker_registry":                                    []string{"If you want to use an internal registry for the installation or upgrade, you", "must provide its information here. You must seed this registry before the", "installation or upgrade of your cluster. This registry must be accessible from", "all nodes on the cluster."},
-	"docker_registry.address":                            []string{"IP or hostname for your registry."},
-	"docker_registry.port":                               []string{"Port for your registry."},
+	"docker_registry.server":                             []string{"IP or hostname and port for your registry."},
 	"docker_registry.CA":                                 []string{"Absolute path to the certificate authority that should be trusted when", "connecting to your registry."},
 	"docker_registry.username":                           []string{"Leave blank for unauthenticated access."},
 	"docker_registry.password":                           []string{"Leave blank for unauthenticated access."},

pkg/install/plan_types.go

@@ -238,12 +238,19 @@ type DockerStorageDirectLVM struct {
 
 // DockerRegistry details for docker registry, either confgiured by the cli or customer provided
 type DockerRegistry struct {
+	// The hostname or IP address and port of a private container image registry.
+	// Do not include http or https.
+	// When performing a disconnected installation, this registry will be used
+	// to fetch all the required container images.
+	Server string
 	// The hostname or IP address of a private container image registry.
 	// When performing a disconnected installation, this registry will be used
 	// to fetch all the required container images.
-	Address string
+	// +deprecated
+	Address string `yaml:"address,omitempty"`
 	// The port on which the private container image registry is listening on.
-	Port int
+	// +deprecated
+	Port int `yaml:"port,omitempty"`
 	// The absolute path of the Certificate Authority that should be installed on
 	// all cluster nodes that have a docker daemon.
 	// This is required to establish trust between the daemons and the private
@@ -666,7 +673,7 @@ func hasIP(nodes *[]Node, ip string) bool {
 // PrivateRegistryProvided returns true when the details about a private
 // registry have been provided
 func (p Plan) PrivateRegistryProvided() bool {
-	return p.DockerRegistry.Address != ""
+	return p.DockerRegistry.Server != ""
 }
 
 // NetworkConfigured returns true if pod validation/smoketest should run

pkg/install/test/plan-template-with-storage.golden.yaml

@@ -103,11 +103,8 @@ docker:
 # all nodes on the cluster.
 docker_registry:
 
-  # IP or hostname for your registry.
-  address: ""
-
-  # Port for your registry.
-  port: 8443
+  # IP or hostname and port for your registry.
+  server: ""
 
   # Absolute path to the certificate authority that should be trusted when
   # connecting to your registry.

pkg/install/test/plan-template.golden.yaml

@@ -103,11 +103,8 @@ docker:
 # all nodes on the cluster.
 docker_registry:
 
-  # IP or hostname for your registry.
-  address: ""
-
-  # Port for your registry.
-  port: 8443
+  # IP or hostname and port for your registry.
+  server: ""
 
   # Absolute path to the certificate authority that should be trusted when
   # connecting to your registry.

pkg/install/validate.go

@@ -484,9 +484,6 @@ func (dr *DockerRegistry) validate() (bool, []error) {
 	if dr.Address == "" && (dr.CAPath != "") {
 		v.addError(fmt.Errorf("Docker Registry address cannot be empty when CA is provided"))
 	}
-	if dr.Address != "" && (dr.Port < 1 || dr.Port > 65535) {
-		v.addError(fmt.Errorf("Docker Registry port %d is invalid. Port must be in the range 1-65535", dr.Port))
-	}
 	if _, err := os.Stat(dr.CAPath); dr.CAPath != "" && os.IsNotExist(err) {
 		v.addError(fmt.Errorf("Docker Registry CA file was not found at %q", dr.CAPath))
 	}

pkg/install/validate_test.go

@@ -849,8 +849,7 @@ func TestValidatePlanDisconnectedInstallationFailsDueToMissingRegistry(t *testin
 func TestValidatePlanDisconnectedInstallationSucceeds(t *testing.T) {
 	plan := validPlan
 	plan.Cluster.DisconnectedInstallation = true
-	plan.DockerRegistry.Address = "localhost"
-	plan.DockerRegistry.Port = 5000
+	plan.DockerRegistry.Server = "localhost:5000"
 	if ok, errs := plan.validate(); !ok {
 		t.Error("expected validation to succeed, but it failed")
 		t.Logf("errors were: %v\n", errs)