From 47a73af27ea24b68c0e338ad226c976e80661a20 Mon Sep 17 00:00:00 2001 From: Brad Stein Date: Mon, 8 Sep 2025 22:25:41 -0500 Subject: [PATCH] zot troubleshooting --- services/zot/configmap.yaml | 4 ++-- services/zot/ingress.yaml | 1 + services/zot/kustomization.yaml | 1 + services/zot/middleware.yaml | 2 +- services/zot/tlsoptions.yaml | 9 +++++++++ 5 files changed, 14 insertions(+), 3 deletions(-) create mode 100644 services/zot/tlsoptions.yaml diff --git a/services/zot/configmap.yaml b/services/zot/configmap.yaml index c7057fb..ef4880c 100644 --- a/services/zot/configmap.yaml +++ b/services/zot/configmap.yaml @@ -17,7 +17,7 @@ data: "http": { "address": "0.0.0.0", "port": "5000", - "auth": { "htpasswd": { "path": "/etc/zot/htpasswd" } }, + "auth": { "htpasswd": { "path": "/etc/zot/htpasswd", "realm": "zot-registry" } }, "accessControl": { "repositories": { "**": { @@ -34,7 +34,7 @@ data: } } }, - "log": { "level": "info" }, + "log": { "level": "debug" }, "extensions": { "ui": { "enable": true }, "search": { "enable": true }, diff --git a/services/zot/ingress.yaml b/services/zot/ingress.yaml index dc8d010..aa79e95 100644 --- a/services/zot/ingress.yaml +++ b/services/zot/ingress.yaml @@ -8,6 +8,7 @@ metadata: cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" + traefik.ingress.kubernetes.io/router.tls.options: zot-h1only@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: zot-zot-headers@kubernetescrd,zot-zot-buffering@kubernetescrd spec: ingressClassName: traefik diff --git a/services/zot/kustomization.yaml b/services/zot/kustomization.yaml index 03e6982..48acd1f 100644 --- a/services/zot/kustomization.yaml +++ b/services/zot/kustomization.yaml @@ -9,4 +9,5 @@ resources: - service.yaml - ingress.yaml - middleware.yaml + - tlsoptions.yaml \ No newline at end of file diff --git a/services/zot/middleware.yaml b/services/zot/middleware.yaml index ab6859c..3df1cec 100644 --- a/services/zot/middleware.yaml +++ b/services/zot/middleware.yaml @@ -1,4 +1,4 @@ -# services/zot/middlewares.yaml +# services/zot/middleware.yaml apiVersion: traefik.io/v1alpha1 kind: Middleware metadata: diff --git a/services/zot/tlsoptions.yaml b/services/zot/tlsoptions.yaml new file mode 100644 index 0000000..8d7936b --- /dev/null +++ b/services/zot/tlsoptions.yaml @@ -0,0 +1,9 @@ +# services/zot/tlsoptions.yaml +apiVersion: traefik.io/v1alpha1 +kind: TLSOption +metadata: + name: h1only + namespace: zot +spec: + alpnProtocols: + - http/1.1 \ No newline at end of file