0

I've exposed my openshift registry:

$ oc get routes -n default
NAME              HOST/PORT                                       PATH      SERVICES          PORT       TERMINATION   WILDCARD
docker-registry   docker-registry-default.192.168.99.104.nip.io             docker-registry   5000-tcp                 None

Nevertheless, I'm trying to get access on that registry, but I've not been able to figure out what's wrong:

docker login -p ngRslZJYJ40WxBA6YQbE5nMDK1Gh-cSWgnJCKR4EJ2I docker-registry-default.192.168.99.104.nip.io -u unused

This command keeps stuck.

Graham Dumpleton
  • 57,726
  • 6
  • 119
  • 134
Jordi
  • 20,868
  • 39
  • 149
  • 333
  • Is this with Minishift or just ``oc cluster up``? – Graham Dumpleton Jun 26 '18 at 20:45
  • minishift. This is my minishift command: `minishift start --openshift-version v3.7.0 --vm-driver=virtualbox --no-proxy=".cluster.local,.svc,172.30.0.1" --http-proxy=http://: --https-proxy=http://: --docker-env HTTP_PROXY=http://: --docker-env HTTPS_PROXY=http://:` – Jordi Jun 27 '18 at 06:23
  • If using Minishift, you can run ``minishift docker-env`` and access it direct instead of via the route. – Graham Dumpleton Jun 27 '18 at 06:37

2 Answers2

0

If the route is configured with HTTPS and the cert is a self-signed cert then docker has to be configured to trust the cert.

Steps:

  • On the host where docker is running, create a folder under /etc/docker/certs.d/ named after the OpenShift Docker Registry URL: mkdir -p /etc/docker/certs.d/docker-registry-default.192.168.99.104.nip.io
  • Place in that folder the cert of the CA that signed the cert of the OpenShift Docker Registry: /etc/docker/certs.d/docker-registry-default.192.168.99.104.nip.io/ca.crt
apisim
  • 4,036
  • 1
  • 10
  • 16
  • what exact file and location used to sign the Openshift Docker registry? Are you referring the ca.crt under ~/.minishift/ca.crt or /etc/docker/openshift.local.clusterup/kube-apiserver/ca.crt or /etc/docker/openshift.local.clusterup/openshift-apiserver/ca.crt – intechops6 Sep 26 '19 at 19:32
0

Add the following to your host /etc/hosts file:

<router IP> docker-registry-default.192.168.99.104.nip.io

You can get the router IP by:

oc get svc -n default
fcdt
  • 2,371
  • 5
  • 14
  • 26
Joe
  • 1