[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: accessing secure registry on master isn't possible?



Yes I performed the same steps on my master as on my nodes. This is the error:
sudo docker login -u admin -e mail mail com \
> -p token 172.30.xx.xx:5000
Error response from daemon: invalid registry endpoint https://172.30.109.95:5000/v0/: unable to ping registry endpoint https://172.30.xx.xx:5000/v0/
v2 ping attempt failed with error: Get https://172.30.xx.xx:5000/v2/: dial tcp 172.30.xx.xx:5000: i/o timeout
 v1 ping attempt failed with error: Get https://172.30.xx.xx:5000/v1/_ping: dial tcp 172.30.xx.xx:5000: i/o timeout. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry 172.30.xx.xx:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/172.30.xx.xx:5000/ca.crt

While on all my 3 nodes:

sudo docker login -u admin -e mail mail com \
> -p token 172.30.xx.xx:5000
WARNING: login credentials saved in /root/.docker/config.json
Login Succeeded


Date: Thu, 7 Apr 2016 22:02:06 +0200
Subject: Re: accessing secure registry on master isn't possible?
From: maszulik redhat com
To: dencowboy hotmail com
CC: users lists openshift redhat com

Per https://docs.openshift.org/latest/install_config/install/docker_registry.html#securing-the-registry, step 11 and 12,
I assume you've copied CA certificate to the Docker certificates directory on all nodes and restarted docker service,
did you also do that on master as well. Without it any docker operation will fail with certificate check failure.
What is the error you're seeing and what is the operation you're trying to do?


On Thu, Apr 7, 2016 at 4:20 PM, Den Cowboy <dencowboy hotmail com> wrote:
I've created a secur registry on 1.1.6
For the first time I've created my environment with 1 real master and 3 nodes (one infra). (The reason for this is because I'm using the community ansible aws setup. https://github.com/openshift/openshift-ansible/blob/master/README_AWS.md
Normally my master is also an unschedulable node. Now I've secured my registry.
I'm able to login and push to the registry from my nodes but not from my master?
Is this normal , if yes,  why is it that way?
I don't think it's an issue because the images will always be pulled and pushed on my nodes because only there can run my containers but I want to know if it's a known thing.

Thanks


_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]