Bug 1474446
| Summary: | [3.5][Backport] oadm prune command fails with TLS issues after adding --confirm | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Michal Minar <miminar> |
| Component: | Image Registry | Assignee: | Michal Minar <miminar> |
| Status: | CLOSED ERRATA | QA Contact: | Dongbo Yan <dyan> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 3.5.1 | CC: | aos-bugs, bparees, dyan, erjones, geliu, maszulik, mfojtik, miminar, misalunk, mmariyan, wsun |
| Target Milestone: | --- | Keywords: | Unconfirmed |
| Target Release: | 3.5.z | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
Cause: Neither documentation nor cmd help talked about insecure connections to the secured registry. Errors used to be hard to decipher when user attempted to prune secured registry with bad CA certificate.
Consequence: Users had troubles running image prune against (in)secured registries.
Fix: Errors are now printed with hints, cmd help has been updated, new flags have been provided to allow for insecure fall-back.
Result: User can now easily enforce both secure and insecure connection. He will also be able to understand https errors and what to do when he hits them.
|
Story Points: | --- |
| Clone Of: | 1448595 | Environment: | |
| Last Closed: | 2017-10-25 13:04:36 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1448595, 1475306, 1476779 | ||
| Bug Blocks: | |||
|
Comment 1
Michal Minar
2017-07-24 15:48:41 UTC
backport PR has merged. Moving to modified. $ ./oc version oc v3.5.5.31.34 kubernetes v1.5.2+43a9be4 features: Basic-Auth GSSAPI Kerberos SPNEGO Server https://:8443 openshift v3.5.5.31.34 kubernetes v1.5.2+43a9be4 # oadm prune images --certificate-authority=ca.crt --keep-younger-than=10m --registry-url=docker-registry-default.com --confirm Deleting registry layer blobs ... BLOB sha256:f6e9d8c70d39ea5d80cd5109922421b0423325897623753afb6fa703a9fb5727 Deleting images from server ... IMAGE sha256:eb57752d19f50b7534856dde574efd5101b7f5e179afbf4d474caad3db24a989 move this bug to verified Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:3049 |