[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Create image-stream for image from insecure private docker registry



I  try to create an image-stream for my image from a docker registry.
The registry is insecure (it's using selfsigned certificates) and there is a login + password on my registry.
I've put the certs on the nodes of my openshift cluster and I'm able to login and pull the images I want.
But I need to create image-streams for this.
My registry is: ec2-xx-xx-xx-xx.xx-xx-1.compute.amazonaws.com:5000

docker login ec2-xx-xx-xx-xx.xx-xx-1.compute.amazonaws.com:5000
Username: ****
Password:
Email: ****
WARNING: login credentials saved in /home/centos/.docker/config.json
Login Succeeded
$ docker pull ec2-xx-xx-xx-xx.xx-xx-1.compute.amazonaws.com:5000/test/my-image:83
Trying to pull repository ec2-xx-xx-xx-xx.xx-xx-1.compute.amazonaws.com:5000/test/my-image:83: Pulling from test/my-image
77e39ee82117: Pull complete
5eb1402f0414: Pull complete
9287fae7a16e: Pull complete
0288ae931294: Pull complete
9536cbaf1242: Pull complete
ddfb2360ce1e: Pull complete
8ab6f3fcbdb5: Pull complete
20ed370cdb6e: Pull complete
ebcf22a55440: Pull complete
5f8d821c760f: Pull complete
cfa77085638d: Pull complete
e154104e0560: Pull complete
9774ad57345c: Pull complete
fea97a1ec848: Pull complete
4b8c16278ead: Pull complete
dc18e7f95e9b: Pull complete
308e99456a16: Pull complete
e95130b212d6: Pull complete
7e48c416298a: Pull complete
Digest: sha256:03d4c5090dd06a29ba3473870efdbf6324c0074b94345b3a346d5a8e2dd0a141
Status: Downloaded newer image for ...

But okay. Now I have the image only on one of my nodes. So I have to create an image-stream for it:
I want it in my project testing:
$ oc new-project testing
I try to create a secret to make it possible to login on my registry for each node:
$ oc secrets new-dockercfg SECRET --docker-server=ec2-xx-xx-xx-xx.xx-xx-1.compute.amazonaws.com --docker-username=*** --docker-password=*** --docker-email=***
The Secret "SECRET" is invalid.
metadata.name: Invalid value: "SECRET": must be a DNS subdomain (at most 253 characters, matching regex [a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*): e.g. "example.com"

Why is it invalid?
After that I want to create my image-stream:
kind: ImageStream
apiVersion: v1
metadata:
  name: my-image
  annotations:
    openshift.io/image.insecureRepository: "true" 
  spec:
    dockerImageRepository: ec2-xx-xx-xx-xx.xx-xx-1.compute.amazonaws.com/test/my-image

Is this the right approach?

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]