[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: OpenShift registry behind registry auth issues

On Tue, Nov 21, 2017 at 1:46 AM, Joel Pearson <japearson agiledigital com au> wrote:

I spend most of the day debugging why my OpenShift registry wasn’t working because the cluster lives behind a http proxy. I can see OpenShift ansible configured the registry with proxy settings including no_proxy, but in the error logs I could see during authentication it was trying to talk to the master api server at, but that wasn’t in the no_proxy env setting so the proxy was trying to resolve it and failing. 

I believe this is a known bug in the ansible installer.  Hopefully Scott can point to the issue.

So that can be fixed by adding to no_proxy, but it felt a bit hacky. A dns name would be better as they’re easier to wildcard in no_proxy. 

I want to know how the registry knows to use the IP address of the master api server instead of a dns name? I couldn’t see a reference to the api server in /etc/registry. Where does it get that from? Is it part of a docket secret?

the kubernetes api IP is provided in an env var to the registry pod.



users mailing list
users lists openshift redhat com

Ben Parees | OpenShift

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]