Create Podman based Image Registry (Mirror Registry) for Airgap OpenShift Installation:

Creating a Podman-based image registry on a Red Hat Linux machine involves several steps. Here’s a guideline to help you set up your own registry:

Prerequisites:

A Red Hat Linux machine with Podman installed.
Ensure you have root or sudo privileges for the installation and configuration process.

Step-by-Step Guide

Install and Configure the Registry Container:

First, pull the registry image using Podman:

podman pull docker.io/library/registry:2

Next, create a container from the image:

podman run -d –name registry -p 5000:5000 docker.io/library/registry:2

Configure Storage for the Registry:

You may want to mount a volume to store registry data. For example:

podman run -d –name registry -p 5000:5000 \
   -v /path/to/local/directory:/var/lib/registry \
   docker.io/library/registry:2

Setup Security (Optional but Recommended):

For production environments, it’s crucial to secure your registry. You can use self-signed certificates or obtain them from a trusted CA.

Place the certificates in a directory and mount them to the container:

podman run -d –name registry -p 5000:5000 \
   -v /path/to/certs:/certs \
   -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
   -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
   docker.io/library/registry:2

Allow Insecure Registry (If Using Self-Signed Certificates):

Edit /etc/containers/registries.conf and add your registry under [registries.insecure]:

[[registries.insecure]]
registries = [‘localhost:5000’]

Restart the Podman service or daemon for the changes to take effect.

Pushing and Pulling Images:

Tag an image for your local registry:

podman tag myimage localhost:5000/myimage

Push the image:

podman push localhost:5000/myimage

Pull the image from the registry:

podman pull localhost:5000/myimage

Managing the Registry:

You can start, stop, and manage the registry container like any other Podman container:

podman stop registry

podman start registry

Viewing Registry Logs:

Check the registry logs for troubleshooting or monitoring:

podman logs registry

Notes:

Ensure that the firewall settings on your Red Hat Linux machine allow traffic on the port where the registry is running (default is 5000).

Regularly backup your registry data if you are storing important images.

Always keep security in mind, especially if your registry is accessible over a network.

This setup provides you with a basic, private image registry using Podman on Red Hat Linux. For more advanced configurations, you might need to delve into the registry’s documentation and explore more detailed settings.