On Mon, Nov 11, 2019 at 11:27 PM Joel Pearson <japear...@agiledigital.com.au> wrote:
> I've now discovered that the cluster-samples-operator doesn't seem honour > the proxy settings, and I see lots of errors in the > cluster-samples-operator-xxxx pod logs > > time="2019-11-12T04:15:49Z" level=warning msg="Image import for > imagestream dotnet tag 2.1 generation 2 failed with detailed message > Internal error occurred: Get https://registry.redhat.io/v2/: x509: > certificate signed by unknown authority" > > Is there a way to get that operator to use the same user-ca-bundle? > Samples operator just reports the status of the sample imagestreams. It does not actually execute the imagestream import, and thus is not the controller that consumes the user-ca-bundle. Imagestream import is a function of the imagestream controller in the openshift-controller-manager and the internal image registry. That said, my understanding was those items should consume global CA / cluster image configuration as well. The folks on here already, plus Oleg, who I have now included, can elaborate. My quick scan of the docs did not find where that was explained. > On Tue, 12 Nov 2019 at 14:46, Joel Pearson <japear...@agiledigital.com.au> > wrote: > >> >> >> On Tue, 12 Nov 2019 at 06:56, Ben Parees <bpar...@redhat.com> wrote: >> >>> >>> >>>> >>>> Can I use the “trustedCA” part of the proxy configuration without >>>> actually specifying an explicit proxy? >>>> >>> >>> you should be able to. Daneyon can you confirm? (if you can't i'd >>> consider it a bug). >>> >>> It does work! Thanks for that. user-ca-bundle already existed and had my >> certificate in there, I just needed to reference user-ca-bundle in the >> proxy config. >> >> apiVersion: config.openshift.io/v1 >> kind: Proxy >> metadata: >> name: cluster >> spec: >> trustedCA: >> name: user-ca-bundle >> > > > _______________________________________________ > users mailing list > users@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/users >
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users
