On Apr 19, 2018, at 4:44 AM, [email protected] wrote: Hello everyone
I was asking this question already on the Openshift Google Group but was redirected to this list in the hope to find someone who knows the details about the current "oc cluster up" command. I am facing some trouble using the "oc cluster up" command within our corporate environment. The main pain-point is that no external registry is available from inside our network. The only way to pull images is via a proxy registry (which mirror dockerhub and the redhat registry). So I configured my local Docker daemon to use this registry by specifying "insecure-registries" and "registry-mirrors". Especially the mirror is important because it causes Docker to look at the specified registry first. By configuring Docker this way, the command "oc cluster up" can pull the necessary images. Unfortunately, when running Openshift and adding a deployment based on an template/imagestream, no deployment happens. Message is: A new deployment will start automatically when an image is pushed to openshift/jenkins:2 <https://10.0.75.2:8443/console/project/openshift/browse/images/jenkins>. When checking the imagestreams I can see $ oc get is -n openshift NAME DOCKER REPO TAGS UPDATED dotnet 172.30.1.1:5000/openshift/dotnet 2.0 dotnet-runtime 172.30.1.1:5000/openshift/dotnet-runtime 2.0 httpd 172.30.1.1:5000/openshift/httpd 2.4 jenkins 172.30.1.1:5000/openshift/jenkins 1,2 mariadb 172.30.1.1:5000/openshift/mariadb 10.1,10.2 mongodb 172.30.1.1:5000/openshift/mongodb 2.4,2.6,3.2 + 1 more... mysql 172.30.1.1:5000/openshift/mysql 5.7,5.5,5.6 nginx 172.30.1.1:5000/openshift/nginx 1.10,1.12,1.8 nodejs 172.30.1.1:5000/openshift/nodejs 0.10,4,6 + 1 more... perl 172.30.1.1:5000/openshift/perl 5.16,5.20,5.24 php 172.30.1.1:5000/openshift/php 5.5,5.6,7.0 + 1 more... postgresql 172.30.1.1:5000/openshift/postgresql 9.4,9.5,9.6 + 1 more... python 172.30.1.1:5000/openshift/python 3.4,3.5,3.6 + 2 more... redis 172.30.1.1:5000/openshift/redis 3.2 ruby 172.30.1.1:5000/openshift/ruby 2.0,2.2,2.3 + 1 more... wildfly 172.30.1.1:5000/openshift/wildfly 10.0,10.1,8.1 + 1 more... It seems the Images are not available in the internal docker registry (inside kubernetes) and they are not pulled on the host either. $ docker images REPOSITORY TAG IMAGE ID CREATED SIZE openshift/origin-web-console v3.9.0 60938911a1f9 11 days ago 485MB openshift/origin-docker-registry v3.9.0 2663c9df9123 11 days ago 455MB openshift/origin-haproxy-router v3.9.0 c70d45de5384 11 days ago 1.27GB openshift/origin-deployer v3.9.0 378ccd170718 11 days ago 1.25GB openshift/origin v3.9.0 b5f178918ae9 11 days ago 1.25GB openshift/origin-pod v3.9.0 1b36bf755484 11 days ago 217MB I would expect that the containerized Openshift variant uses the configuration provided by the Docker installation on the host-system. I've also tried to Import an imagestream manually but it failed because our proxy-registry is not whitelisted $ oc import-image my-jenkins --from=docker-proxy.de:5000/openshift/jenkins-2 -centos7 --confirm The ImageStream "my-jenkins" is invalid: spec.tags[latest].from.name: Forbidden: registry "*docker-proxy.de:5000* <http://docker-proxy.de:5000/>" not allowed by whitelist: "*172.30.1.1:5000* <http://172.30.1.1:5000/>", " *docker.io:443* <http://docker.io:443/>", "*.*docker.io:443* <http://docker.io:443/>", "*.*redhat.com:443* <http://redhat.com:443/>", and 5 more .. Is there any way to redirect the pull of the imagestreams to our corporate Proxy? Or can I modify the imagestreams somehow to hardcode the registry? You can update the image streams to change the registry. best regards Marc _______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
