Bug 1584494
Summary: | OpenShift installation on AWS fails to pull image with relative path from AWS registry | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Ravi Sankar <rpenta> |
Component: | Node | Assignee: | Seth Jennings <sjenning> |
Status: | CLOSED DUPLICATE | QA Contact: | DeShuai Ma <dma> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 3.10.0 | CC: | aos-bugs, bbennett, jokerman, mmccomas |
Target Milestone: | --- | ||
Target Release: | 3.10.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-05-31 17:48:48 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1572182 |
Description
Ravi Sankar
2018-05-31 04:24:41 UTC
Tried adding AWS registry to /etc/containers/registries.conf, restarted docker and atomic-openshift-node service but that did not resolve the issue. More details from openshift node: [root@ip-172-18-3-185 ~]# cat /etc/containers/registries.conf ... [registries.search] registries = ['registry.access.redhat.com', 'registry.reg-aws.openshift.com:443'] ... [registries.insecure] registries = ['registry.reg-aws.openshift.com:443'] ------------- [root@ip-172-18-3-185 ~]# docker info ... Insecure Registries: brew-pulp-docker01.web.prod.ext.phx2.redhat.com:8888 registry.reg-aws.openshift.com:443 virt-openshift-05.lab.eng.nay.redhat.com:5000 virt-openshift-05.lab.eng.nay.redhat.com:5001 asb-registry.usersys.redhat.com:5000 127.0.0.0/8 ... Registries: registry.reg-aws.openshift.com:443 (insecure), registry.access.redhat.com (secure), registry.access.redhat.com (secure), registry.reg-aws.openshift.com:443 (insecure), docker.io (secure) --------------- [root@ip-172-18-3-185 ~]# cat /run/containers/registries.conf REGISTRIES="--add-registry registry.access.redhat.com --add-registry registry.reg-aws.openshift.com:443 --insecure-registry registry.reg-aws.openshift.com:443 This is a change in behavior of 3.10. You need to use fully qualified image references for your pods as far as I know but moving to Image component to verify this. The image references the kubelet uses is not the domain of the Image component. I think you need to do: systemctl restart registries after changing /etc/containers/registries.conf I'll validate this with @weliang and see. *** This bug has been marked as a duplicate of bug 1583500 *** |