OSDOCS-16866:CQA-2.0-reg-1

JoeAldinger · JoeAldinger · commit edf6078594a5 · 2025-11-18T14:46:57.000-05:00
diff --git a/modules/installation-registry-storage-block-recreate-rollout-bare-metal.adoc b/modules/installation-registry-storage-block-recreate-rollout-bare-metal.adoc
@@ -10,6 +10,7 @@
 [id="installation-registry-storage-block-recreate-rollout-bare-metal_{context}"]
 = Configuring block registry storage for bare metal
 
+[role="_abstract"]
 To allow the image registry to use block storage types during upgrades as a cluster administrator, you can use the `Recreate` rollout strategy.
 
 [IMPORTANT]
@@ -36,19 +37,21 @@ $ oc patch config.imageregistry.operator.openshift.io/cluster --type=merge -p '{
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
-  name: image-registry-storage <1>
-  namespace: openshift-image-registry <2>
+  name: image-registry-storage
+  namespace: openshift-image-registry
 spec:
   accessModes:
-  - ReadWriteOnce <3>
+  - ReadWriteOnce
   resources:
     requests:
-      storage: 100Gi <4>
+      storage: 100Gi
 ----
-<1> A unique name that represents the `PersistentVolumeClaim` object.
-<2> The namespace for the `PersistentVolumeClaim` object, which is `openshift-image-registry`.
-<3> The access mode of the persistent volume claim. With `ReadWriteOnce`, the volume can be mounted with read and write permissions by a single node.
-<4> The size of the persistent volume claim.
+where:
+
+`name`:: Specifies a unique name that represents the `PersistentVolumeClaim` object.
+`namespace`:: Specifies the `namespace` for the `PersistentVolumeClaim` object, which is `openshift-image-registry`.
+`accessModes`:: Specifies the access mode of the persistent volume claim. With `ReadWriteOnce`, the volume can be mounted with read and write permissions by a single node.
+`storage`:: The size of the persistent volume claim.
 
 .. Enter the following command to create the `PersistentVolumeClaim` object from the file:
 +
@@ -70,6 +73,7 @@ $ oc edit config.imageregistry.operator.openshift.io -o yaml
 ----
 storage:
   pvc:
-    claim: <1>
+    claim:
 ----
-<1> By creating a custom PVC, you can leave the `claim` field blank for the default automatic creation of an `image-registry-storage` PVC.
++
+By creating a custom PVC, you can leave the `claim` field blank for the default automatic creation of an `image-registry-storage` PVC.
diff --git a/modules/registry-configuring-registry-storage-rhodf-cephrgw.adoc b/modules/registry-configuring-registry-storage-rhodf-cephrgw.adoc
@@ -10,6 +10,7 @@
 [id="registry-configuring-registry-storage-rhodf-cephrgw_{context}"]
 = Configuring the Image Registry Operator to use Ceph RGW storage with Red Hat OpenShift Data Foundation
 
+[role="_abstract"]
 {rh-storage-first} integrates multiple storage types that you can use with the {product-registry}:
 
 * Ceph, a shared and distributed file system and on-premise object storage
@@ -36,13 +37,14 @@ apiVersion: objectbucket.io/v1alpha1
 kind: ObjectBucketClaim
 metadata:
   name: rgwbucket
-  namespace: openshift-storage <1>
+  namespace: openshift-storage
 spec:
   storageClassName: ocs-storagecluster-ceph-rgw
   generateBucketName: rgwbucket
 EOF
 ----
-<1> Alternatively, you can use the `openshift-image-registry` namespace.
++
+Alternatively, you can use the `openshift-image-registry` for the `namespace` value.
 
 . Get the bucket name by entering the following command:
 +
diff --git a/modules/registry-configuring-registry-storage-rhodf-nooba.adoc b/modules/registry-configuring-registry-storage-rhodf-nooba.adoc
@@ -10,6 +10,7 @@
 [id="registry-configuring-registry-storage-rhodf-nooba_{context}"]
 = Configuring the Image Registry Operator to use Noobaa storage with Red Hat OpenShift Data Foundation
 
+[role="_abstract"]
 {rh-storage-first} integrates multiple storage types that you can use with the {product-registry}:
 
 * Ceph, a shared and distributed file system and on-premise object storage
@@ -35,13 +36,14 @@ apiVersion: objectbucket.io/v1alpha1
 kind: ObjectBucketClaim
 metadata:
   name: noobaatest
-  namespace: openshift-storage <1>
+  namespace: openshift-storage
 spec:
   storageClassName: openshift-storage.noobaa.io
   generateBucketName: noobaatest
 EOF
 ----
-<1> Alternatively, you can use the `openshift-image-registry` namespace.
++
+Alternatively, you can use the `openshift-image-registry` for the `namespace` value.
 
 . Get the bucket name by entering the following command:
 +
diff --git a/modules/registry-configuring-registry-storage-swift-trust.adoc b/modules/registry-configuring-registry-storage-swift-trust.adoc
@@ -7,13 +7,14 @@
 [id="registry-configuring-registry-storage-swift-trust_{context}"]
 = Configuring Image Registry Operator redirects
 
+[role="_abstract"]
 By disabling redirects, you can configure the Image Registry Operator to control whether clients such as {product-title} cluster builds or external systems like developer machines are redirected to pull images directly from {rh-openstack-first} Swift storage. This configuration is optional and depends on whether the clients trust the storage's SSL/TLS certificates.
 
 [NOTE]
 ====
-In situations where clients to not trust the storage certificate, setting the `disableRedirect` option can be set to `true` proxies traffic through the image registry. Consequently, however, the image registry might require more resources, especially network bandwidth, to handle the increased load. 
+In situations where clients to not trust the storage certificate, setting the `disableRedirect` option can be set to `true` proxies traffic through the image registry. Consequently, however, the image registry might require more resources, especially network bandwidth, to handle the increased load.
 
-Alternatively, if clients trust the storage certificate, the registry can allow redirects. This reduces resource demand on the registry itself. 
+Alternatively, if clients trust the storage certificate, the registry can allow redirects. This reduces resource demand on the registry itself.
 
 Some users might prefer to configure their clients to trust their self-signed certificate authorities (CAs) instead of disabling redirects. If you are using a self-signed CA, you must decide between trusting the custom CAs or disabling redirects.
 ====
diff --git a/modules/registry-configuring-storage-aws-user-infra.adoc b/modules/registry-configuring-storage-aws-user-infra.adoc
@@ -8,12 +8,16 @@
 [id="registry-configuring-storage-aws-user-infra_{context}"]
 = Configuring registry storage for AWS with user-provisioned infrastructure
 
-During installation, your cloud credentials are sufficient to create an Amazon S3 bucket
-and the Registry Operator will automatically configure storage.
+[role="_abstract"]
+During installation, your cloud credentials are sufficient to create an Amazon S3 bucket and the Registry Operator will automatically configure storage.
 
-If the Registry Operator cannot create an S3 bucket and automatically configure
-storage, you can create an S3 bucket and configure storage with the following
-procedure.
+If the Registry Operator cannot create an S3 bucket and automatically configure storage, you can create an S3 bucket and configure storage with the following procedure.
+
+[WARNING]
+====
+To secure your registry images in AWS, link:https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html[block public access]
+to the S3 bucket.
+====
 
 .Prerequisites
 
@@ -24,9 +28,6 @@ procedure.
 
 .Procedure
 
-Use the following procedure if the Registry Operator cannot create an S3 bucket
-and automatically configure storage.
-
 . Set up a link:https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config[Bucket Lifecycle Policy]
 to abort incomplete multipart uploads that are one day old.
 
@@ -41,14 +42,13 @@ $ oc edit configs.imageregistry.operator.openshift.io/cluster
 .Example configuration
 [source,yaml]
 ----
-storage:
-  s3:
-    bucket: <bucket-name>
-    region: <region-name>
+apiVersion: imageregistry.operator.openshift.io/v1
+kind: Config
+metadata:
+  name: cluster
+spec:
+  storage:
+    s3:
+      bucket: <bucket_name>
+      region: <region_name>
 ----
-
-[WARNING]
-====
-To secure your registry images in AWS, link:https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html[block public access]
-to the S3 bucket.
-====
diff --git a/modules/registry-configuring-storage-azure-gov-cloud.adoc b/modules/registry-configuring-storage-azure-gov-cloud.adoc
@@ -6,6 +6,7 @@
 [id="registry-configuring-storage-azure-gov-cloud_{context}"]
 = Configuring registry storage for Azure Government
 
+[role="_abstract"]
 During installation, your cloud credentials are sufficient to create Azure Blob
 Storage, and the Registry Operator automatically configures storage.
 
@@ -35,6 +36,7 @@ storage:
   azure:
     accountName: <storage-account-name>
     container: <container-name>
-    cloudName: AzureUSGovernmentCloud <1>
+    cloudName: AzureUSGovernmentCloud
 ----
-<1> `cloudName` is the name of the Azure cloud environment, which can be used to configure the Azure SDK with the appropriate Azure API endpoints. Defaults to `AzurePublicCloud`. You can also set `cloudName` to `AzureUSGovernmentCloud`, `AzureChinaCloud`, or `AzureGermanCloud` with sufficient credentials.
++
+`cloudName` is the name of the Azure cloud environment, which can be used to configure the Azure SDK with the appropriate Azure API endpoints. Defaults to `AzurePublicCloud`. You can also set `cloudName` to `AzureUSGovernmentCloud`, `AzureChinaCloud`, or `AzureGermanCloud` with sufficient credentials.
diff --git a/modules/registry-configuring-storage-azure-user-infra.adoc b/modules/registry-configuring-storage-azure-user-infra.adoc
@@ -6,6 +6,7 @@
 [id="registry-configuring-storage-azure-user-infra_{context}"]
 = Configuring registry storage for Azure
 
+[role="_abstract"]
 During installation, your cloud credentials are sufficient to create Azure Blob
 Storage, and the Registry Operator automatically configures storage.
 
@@ -31,8 +32,13 @@ $ oc edit configs.imageregistry.operator.openshift.io/cluster
 .Example configuration
 [source,yaml]
 ----
-storage:
-  azure:
-    accountName: <storage-account-name>
-    container: <container-name>
+apiVersion: imageregistry.operator.openshift.io/v1
+kind: Config
+metadata:
+  name: cluster
+spec:
+  storage:
+    azure:
+      accountName: <storage_account_name>
+      container: <container_name>
 ----
diff --git a/modules/registry-configuring-storage-gcp-user-infra.adoc b/modules/registry-configuring-storage-gcp-user-infra.adoc
@@ -6,6 +6,7 @@
 [id="registry-configuring-storage-gcp-user-infra_{context}"]
 = Configuring the registry storage for {gcp-short} with user-provisioned infrastructure
 
+[role="_abstract"]
 If the Registry Operator cannot create a {gcp-first} bucket, you must set up the storage medium manually and configure the settings in the registry custom resource (CR).
 
 .Prerequisites
@@ -17,6 +18,11 @@ cloud credentials.
 contents of a credentials file provided by {gcp-short}:
 ** `REGISTRY_STORAGE_GCS_KEYFILE`
 
+[WARNING]
+====
+You can secure your registry images that use a {gcp-full} Storage bucket by setting link:https://cloud.google.com/storage/docs/using-public-access-prevention[public access prevention].
+====
+
 .Procedure
 
 . Set up an link:https://cloud.google.com/storage/docs/lifecycle[Object Lifecycle Management policy] to abort incomplete multipart uploads that are one day old.
@@ -31,16 +37,14 @@ $ oc edit configs.imageregistry.operator.openshift.io/cluster
 .Example configuration
 [source,yaml]
 ----
-# ...
-storage:
-  gcs:
-    bucket: <bucket-name>
-    projectID: <project-id>
-    region: <region-name>
-# ...
+apiVersion: imageregistry.operator.openshift.io/v1
+kind: Config
+metadata:
+  name: cluster
+spec:
+  storage:
+    gcs:
+      bucket: <bucket_name>
+      projectID: <project_id>
+      region: <region_name>
 ----
-
-[WARNING]
-====
-You can secure your registry images that use a {gcp-full} Storage bucket by setting link:https://cloud.google.com/storage/docs/using-public-access-prevention[public access prevention].
-====
diff --git a/modules/registry-configuring-storage-openstack-user-infra.adoc b/modules/registry-configuring-storage-openstack-user-infra.adoc
@@ -6,6 +6,7 @@
 [id="registry-configuring-storage-openstack-user-infra_{context}"]
 = Registry storage for {rh-openstack} with user-provisioned infrastructure
 
+[role="_abstract"]
 If the Registry Operator cannot create a Swift bucket, you must set up the storage medium manually and configure the settings in the registry custom resource (CR).
 
 .Prerequisites
@@ -30,9 +31,12 @@ $ oc edit configs.imageregistry.operator.openshift.io/cluster
 .Example configuration
 [source,yaml]
 ----
-# ...
-storage: 
-  swift:
-    container: <container-id>
-# ...
+apiVersion: imageregistry.operator.openshift.io/v1
+kind: Config
+metadata:
+  name: cluster
+spec:
+  storage:
+    swift:
+      container: <container_id>
 ----
diff --git a/modules/registry-operator-config-resources-secret-aws.adoc b/modules/registry-operator-config-resources-secret-aws.adoc
@@ -6,6 +6,8 @@
 [id="registry-operator-config-resources-secret-aws_{context}"]
 = Configuring a secret for the Image Registry Operator
 
+
+[role="_abstract"]
 In addition to the `configs.imageregistry.operator.openshift.io` and ConfigMap
 resources, configuration is provided to the Operator by a separate secret
 resource located within the `openshift-image-registry` namespace.
diff --git a/modules/registry-operator-config-resources-secret-azure.adoc b/modules/registry-operator-config-resources-secret-azure.adoc
@@ -7,6 +7,7 @@
 [id="registry-operator-config-resources-secret-azure_{context}"]
 = Configuring a secret for the Image Registry Operator
 
+[role="_abstract"]
 In addition to the `configs.imageregistry.operator.openshift.io` and ConfigMap
 resources, configuration is provided to the Operator by a separate secret
 resource located within the `openshift-image-registry` namespace.
diff --git a/modules/registry-operator-config-resources-secret-gcp.adoc b/modules/registry-operator-config-resources-secret-gcp.adoc
@@ -6,6 +6,7 @@
 [id="registry-operator-config-resources-secret-gcp_{context}"]
 = Configuring a secret for the Image Registry Operator
 
+[role="_abstract"]
 In addition to the `configs.imageregistry.operator.openshift.io` and ConfigMap
 resources, configuration is provided to the Operator by a separate secret
 resource located within the `openshift-image-registry` namespace.
diff --git a/modules/registry-operator-config-resources-secret-openstack.adoc b/modules/registry-operator-config-resources-secret-openstack.adoc
@@ -6,6 +6,7 @@
 [id="registry-operator-config-resources-secret-openstack_{context}"]
 = Configuring a secret for the Image Registry Operator
 
+[role="_abstract"]
 In addition to the `configs.imageregistry.operator.openshift.io` and ConfigMap
 resources, configuration is provided to the Operator by a separate secret
 resource located within the `openshift-image-registry` namespace.
diff --git a/modules/registry-operator-configuration-resource-overview-aws-s3.adoc b/modules/registry-operator-configuration-resource-overview-aws-s3.adoc
@@ -6,6 +6,7 @@
 [id="registry-operator-configuration-resource-overview-aws-s3_{context}"]
 = Image Registry Operator configuration parameters for AWS S3
 
+[role="_abstract"]
 The following configuration parameters are available for AWS S3 registry storage.
 
 The image registry `spec.storage.s3` configuration parameter holds the information to configure the registry to use the AWS S3 service for back-end storage. See the link:https://docs.docker.com/registry/storage-drivers/s3/[S3 storage driver documentation] for more information.
@@ -20,7 +21,7 @@ It is optional and is generated if not provided.
 
 |`chunkSizeMiB`
 |ChunkSizeMiB is the size of the multipart upload chunks of the S3 API.
-The default is `10` MiB with a minimum of `5` MiB. 
+The default is `10` MiB with a minimum of `5` MiB.
 
 |`region`
 |Region is the AWS region in which your bucket exists. It is optional and is
@@ -48,7 +49,7 @@ true, or this parameter is ignored.
 It is optional.
 
 |`trustedCA`
-|The namespace for the config map referenced by `trustedCA` is `openshift-config`. The key for the bundle in the config map is `ca-bundle.crt`. It is optional. 
+|The namespace for the config map referenced by `trustedCA` is `openshift-config`. The key for the bundle in the config map is `ca-bundle.crt`. It is optional.
 |===
 
 [NOTE]
diff --git a/modules/registry-operator-configuration-resource-overview-gcp-gcs.adoc b/modules/registry-operator-configuration-resource-overview-gcp-gcs.adoc
@@ -6,7 +6,8 @@
 [id="registry-operator-configuration-resource-overview-gcp-gcs_{context}"]
 = Image Registry Operator configuration parameters for {gcp-short} GCS
 
-The following configuration parameters are available for {gcp-short} GCS registry storage.
+[role="_abstract"]
+The following parameters configure are available to configure your {gcp-short} GCS registry storage.
 
 [cols="3a,8a",options="header"]
 |===
diff --git a/modules/registry-operator-configuration-resource-overview-openstack-swift.adoc b/modules/registry-operator-configuration-resource-overview-openstack-swift.adoc
@@ -6,7 +6,8 @@
 [id="registry-operator-configuration-resource-overview-openstack-swift_{context}"]
 = Image Registry Operator configuration parameters for {rh-openstack} Swift
 
-The following configuration parameters are available for {rh-openstack-first} Swift
+[role="_abstract"]
+The following parameters are available for you to configure your {rh-openstack-first} Swift
 registry storage.
 
 [cols="3a,8a",options="header"]
diff --git a/registry/configuring_registry_storage/configuring-registry-storage-aws-user-infrastructure.adoc b/registry/configuring_registry_storage/configuring-registry-storage-aws-user-infrastructure.adoc
@@ -6,7 +6,8 @@ include::_attributes/common-attributes.adoc[]
 
 toc::[]
 
-:FILE: REGISTRY_STORAGE_S3_ACCESSKEY=
+[role="_abstract"]
+Save your container images to a durable storage location by configuring the built-in image registry to use dedicated {aws-short} storage. This setup provides persistent scalable storage for your registry, separate from ephemeral cluster storage.
 
 include::modules/registry-operator-config-resources-secret-aws.adoc[leveloffset=+1]
 
diff --git a/registry/configuring_registry_storage/configuring-registry-storage-azure-user-infrastructure.adoc b/registry/configuring_registry_storage/configuring-registry-storage-azure-user-infrastructure.adoc
@@ -6,6 +6,9 @@ include::_attributes/common-attributes.adoc[]
 
 toc::[]
 
+[role="_abstract"]
+Save your container images to a durable storage location by configuring the built-in image registry to use dedicated Azure storage. This setup provides persistent scalable storage for your registry, separate from ephemeral cluster storage.
+
 
 include::modules/registry-operator-config-resources-secret-azure.adoc[leveloffset=+1]
 
diff --git a/registry/configuring_registry_storage/configuring-registry-storage-gcp-user-infrastructure.adoc b/registry/configuring_registry_storage/configuring-registry-storage-gcp-user-infrastructure.adoc
diff --git a/registry/configuring_registry_storage/configuring-registry-storage-openstack-user-infrastructure.adoc b/registry/configuring_registry_storage/configuring-registry-storage-openstack-user-infrastructure.adoc
