https://bugzilla.redhat.com/show_bug.cgi?id=1511870 is the bug, we haven't fixed it yet. We're debating whether or not to switch to using the dns name, though if environment variables evaluate as expected perhaps we should just add NO_PROXY=${KUBENETES_SERVICE_HOST} and then we can address whether or not to switch to dns later.
On Tue, Nov 21, 2017 at 9:45 AM, Ben Parees <[email protected]> wrote: > > > On Tue, Nov 21, 2017 at 1:46 AM, Joel Pearson < > [email protected]> wrote: > >> Hi, >> >> I spend most of the day debugging why my OpenShift registry wasn’t >> working because the cluster lives behind a http proxy. I can see OpenShift >> ansible configured the registry with proxy settings including no_proxy, but >> in the error logs I could see during authentication it was trying to talk >> to the master api server at 172.30.0.1, but that wasn’t in the no_proxy env >> setting so the proxy was trying to resolve it and failing. >> > > I believe this is a known bug in the ansible installer. Hopefully Scott > can point to the issue. > > >> So that can be fixed by adding 172.30.0.1 to no_proxy, but it felt a bit >> hacky. A dns name would be better as they’re easier to wildcard in >> no_proxy. >> >> I want to know how the registry knows to use the IP address of the master >> api server instead of a dns name? I couldn’t see a reference to the api >> server in /etc/registry. Where does it get that from? Is it part of a >> docket secret? >> > > > the kubernetes api IP is provided in an env var to the registry pod. > KUBERNETES_SERVICE_HOST=172.30.0.1 > > > >> Thanks, >> >> Joel >> >> _______________________________________________ >> users mailing list >> [email protected] >> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >> >> > > > -- > Ben Parees | OpenShift > >
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
