[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How is docker-registry found?



That value will resolve to the service portal ip which is random, so it's not possible to sign a cert for it ahead of time.


> On Feb 16, 2015, at 3:32 PM, Luke Meyer <lmeyer redhat com> wrote:
> 
> Thanks. I guess it should have been obvious you look for a docker-registry service with DOCKER_REGISTRY_SERVICE_HOST etc.
> 
> So, one could override this by setting OPENSHIFT_DEFAULT_REGISTRY. I guess I'm not following what would go wrong with which cert when we currently tell docker to use registries insecurely, but perhaps I will find out.
> 
> ----- Original Message -----
> From: "Clayton Coleman" <ccoleman redhat com>
> To: "Luke Meyer" <lmeyer redhat com>
> Cc: "Openshift Dev" <dev lists openshift redhat com>
> Sent: Monday, February 16, 2015 3:13:55 PM
> Subject: Re: How is docker-registry found?
> 
> https://github.com/openshift/origin/blob/master/pkg/cmd/server/origin/master.go#L242
> 
> You can set a service registry to anything, but you would need the cert to sign the internal DNS name, which is onerous.  
> 
> 
>> On Feb 16, 2015, at 2:46 PM, Luke Meyer <lmeyer redhat com> wrote:
>> 
>> When you create an ImageRepository in v3, if you don't fill in the dockerImageRepository attr, it seems to get populated with a "docker-registry" service in the default namespace, which would make sense. I'm just wondering why I can't find anywhere in the code that it does this. I'm sure I'm missing something simple... any pointers? I ask because it seems like the sort of thing that ought to be configurable...
>> 
>> _______________________________________________
>> dev mailing list
>> dev lists openshift redhat com
>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]