More on this - it looks like the faulty certificate only happens when
you are using custom certificates (specifying the
openshift_master_named_certificate parameter). Without this the
registry.crt has the correct host name.
Presumably this is a bug?
Tim
On 22/08/2017 17:15, Tim Dudgeon
Actually I should have looked closer.
The error on EC2 was different:
error: build error: Failed to push image: Get
https://docker-registry.default.svc:5000/v1/_ping: x509: certificate
is valid for docker-registry-default.router.default.svc.cluster.local,
172.30.224.210, not
This is what my /etc/resolv.conf looks like:
# nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
# Generated by NetworkManager
search localdomain cluster.local
nameserver 10.0.0.245
That was with EC2. However, on Scaleway the line starting with search
was missing.
I
Yeah, we set OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000 in
/etc/sysconfig/origin-master you can remove that and restart the master and
it will revert back to pushing via the service IP.
However the installer will deploy certificates, secure the registry, and
should be adding
I saw the same thing on a new cluster. I resolved it manually by:
1) adding ‘search cluster.local’ to the node’s /etc/resolv.conf
2) adding docker-registry.default.svc and
docker-registry.default.svc.cluster.local to the docker daemon’s insecure
registries
then stopped the node service,
Hi All,
I'm having problems with the ansible installer.
I've created a very simple 1 node cluster using an inventory file like this:
OSEv3:children]
masters
nodes
[OSEv3:vars]
ansible_ssh_user=root
openshift_deployment_type=origin
openshift_disable_check=docker_storage,memory_availability