[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Deploying Docker registry



On Wed, May 11, 2016 at 12:39 PM, David Dimas <david dimas333 gmail com> wrote:
Hi,

I'm doing some integration work with Openshift Origin 1.1.6 and I'm running across this issue (occurs both with a binary built from source and using the binary release):

# oc logs -f dc/docker-registry

F0509 21:10:07.958966       1 deployer.go:70] couldn't get deployment default/docker-registry-1: Get https://172.30.0.1:443/api/v1/namespaces/default/replicationcontrollers/docker-registry-1: dial tcp172.30.0.1:443: i/o timeout

Unless I'm misinterpreting something, that's a straight up TCP/IP timeout, yet when I use curl against this URL I get this:

{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {},
  "status": "Failure",
  "message": "User \"system:anonymous\" cannot get replicationcontrollers in project \"default\"",
  "reason": "Forbidden",
  "details": {
    "name": "docker-registry-1",
    "kind": "replicationcontrollers"
  },
  "code": 403
}

Which I suppose is to be expected since I haven't supplied credentials, but clearly the service is reachable.

​An easy unauth'd health check path is curl REGISTRY:5000/healthz
 
I've done nothing in this case but set up docker, run the openshift binary, and attempt to deploy the registry using these commands:

#oc create serviceaccount registry -n default
#oadm policy add-scc-to-user privileged system:serviceaccount:default:registry
#oadm registry --service-account=registry \
              --config=openshift.local.config/master/admin.kubeconfig \
              --credentials=openshift.local.config/master/openshift-registry.kubeconfig \
              --mount-host=/opt/registry



​The registry command has been simplified so you shouldn't need to create the sa and update policy. You should be able to run oadm registry --mount-host=/opt/registry and be good to go. That will use a service account in the registry pod. You can get logs from the registry pod:
oc get pods
oc logs <name-of-registry-pod>

 
Can anyone help me?

Thanks in advance.

David

_______________________________________________
dev mailing list
dev lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/dev



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]