Bug 1514324

Summary: [3.7] installer need provide a way to add docker auth to kubelet for auto pulling infra image from an authenticated registry in system container env without cri-o enabled
Product: OpenShift Container Platform Reporter: Johnny Liu <jialiu>
Component: InstallerAssignee: Michael Gugino <mgugino>
Status: CLOSED ERRATA QA Contact: Johnny Liu <jialiu>
Severity: medium Docs Contact:
Priority: high    
Version: 3.7.0CC: aos-bugs, gpei, jokerman, mmccomas, wmeng
Target Milestone: ---Keywords: TestBlocker
Target Release: 3.7.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1534933 (view as bug list) Environment:
Last Closed: 2018-04-05 09:32:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1534933    

Comment 5 Michael Gugino 2018-01-02 16:58:05 UTC
PR Created in master: https://github.com/openshift/openshift-ansible/pull/6581

PR Created in 3.7: https://github.com/openshift/openshift-ansible/pull/6582

Comment 7 Michael Gugino 2018-01-08 15:33:09 UTC
This may be address this issue: https://github.com/openshift/openshift-ansible/pull/6646

Comment 8 Michael Gugino 2018-01-08 15:33:53 UTC
3.7 Backport: https://github.com/openshift/openshift-ansible/pull/6644

Comment 11 Johnny Liu 2018-01-26 14:29:33 UTC
Re-test this bug with openshift-ansible-3.7.26-1.git.0.f87f1af.el7.noarch, still reproduced.

Comment 13 Scott Dodson 2018-02-09 13:34:36 UTC
in openshift-ansible-3.7.29-1

Comment 14 Johnny Liu 2018-02-13 03:17:24 UTC
Verified this bug with openshift-ansible-3.7.29-1.git.0.e1bfc35.el7.noarch, and PASS.

# openshift version
openshift v3.7.29
kubernetes v1.7.6+a08f5eeb62
etcd 3.2.8


# oc get po
NAME                       READY     STATUS    RESTARTS   AGE
docker-registry-1-fhgdn    1/1       Running   0          1h
registry-console-1-5mmwv   1/1       Running   0          1h
router-1-7jssm             1/1       Running   0          1h

# cat /etc/sysconfig/atomic-openshift-node-dep 
DOCKER_ADDTL_BIND_MOUNTS=--volume=/usr/bin/docker-current:/usr/bin/docker-current:ro   --volume=/etc/sysconfig/docker:/etc/sysconfig/docker:ro   --volume=/etc/containers/registries:/etc/containers/registries:ro    --volume=/var/lib/origin/.docker:/root/.docker:ro

# runc exec atomic-openshift-node ls /root/.docker
config.json

Comment 18 errata-xmlrpc 2018-04-05 09:32:08 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0636