After setting up the proxy in oc cluster up as well as the daemon (including the necessary bypass) the problem remains.
So I created a admin user to which I gave the cluster-admin role and this one can see all image-streams and I can update them in the webconsole. And here I can see the root cause which is actually caused by SSL Internal error occurred: Get https://registry-1.docker.io/v2/: x509: certificate signed by unknown authority. Timestamp: 2018-04-20T06:33:47Z Error count: 2 Of course we have our own CA :-) Is there a way to import our ca-bundle? I did not see anything in "oc cluster up --help" Von: Ben Parees <[email protected]> An: [email protected] Kopie: users <[email protected]> Datum: 19.04.2018 16:10 Betreff: Re: Re: Origin 3.9 (oc cluster up) doesnt use registry-mirror for internal registry On Thu, Apr 19, 2018 at 9:14 AM, <[email protected]> wrote: Thanks for the quick replies. The http-proxy is not enough to get out, since the daemon uses also other protocols than http. right but it will get the imagestream imported. After that it's up to your daemon configuration as to whether the pull can occur, and it sounded like you had already configured your daemon. Changing the image-streams seems to be a valid approach, unfortunately I cannot export them in order to edit them...because they are not there yet According to the documentation I need to export the image-stream by <name>@<id> In order to get the id, I can use oc describe...but see $ oc describe is jenkins Error from server (NotFound): imagestreams.image.openshift.io "jenkins" not found So I cannot run $ oc export isimage jenkins@??? I am wondering why the containerized version isnt honoring the settings of the docker-daemon running on my machine. Well it does when it is pulling the openshift images docker images REPOSITORY TAG IMAGE ID CREATED SIZE openshift/origin-web-console v3.9.0 60938911a1f9 2 weeks ago 485MB openshift/origin-docker-registry v3.9.0 2663c9df9123 2 weeks ago 455MB openshift/origin-haproxy-router v3.9.0 c70d45de5384 2 weeks ago 1.27GB openshift/origin-deployer v3.9.0 378ccd170718 2 weeks ago 1.25GB openshift/origin v3.9.0 b5f178918ae9 2 weeks ago 1.25GB openshift/origin-pod v3.9.0 1b36bf755484 2 weeks ago 217MB but the image-steams are not pulled. Nonetheless, When I pull the image-stream manually (docker pull openshift/jenkins-2-centos7) it works. So why is the pull not working from inside Openshift? regards Marc You can update the image streams to change the registry. You can also set a proxy for the master, which is the process doing the imports and which presumably needs the proxy configured, by passing these args to oc cluster up: --http-proxy='': HTTP proxy to use for master and builds --https-proxy='': HTTPS proxy to use for master and builds I believe that should enable your existing imagestreams (not the ones pointing to the proxy url) to import. best regards Marc _______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users _______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users -- Ben Parees | OpenShift _______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users -- Ben Parees | OpenShift
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
