Hide Forgot
Description of problem: docker-1.12.6-34 is using "/etc/containers/registries.conf" instead of "/etc/sysconfig/docker" to defined registries. But installer is still add registries to "/etc/sysconfig/docker". Version-Release number of selected component (if applicable): docker-1.12.6-34.1.git3a6eaeb.el7.x86_64 openshift-ansible-3.6.99-1.git.0.42f2439.el7 How reproducible: 100% Steps to Reproduce: 1.Install OCP with docker-1.12.6-34 2. 3. Actual results: # cat /etc/sysconfig/docker ... # Do not add registries in this file anymore. Use /etc/containers/registries.conf # from the atomic-registries package. # ... ADD_REGISTRY='--add-registry ... --add-registry registry.access.redhat.com' BLOCK_REGISTRY='--block-registry registry.hacker.com' INSECURE_REGISTRY='--insecure-registry ...' Expected results: According to document in "/etc/sysconfig/docker", installer should add registries in "/etc/containers/registries.conf". Additional info:
Is this a mandatory change or will the old environment files work?
(In reply to Scott Dodson from comment #1) > Is this a mandatory change or will the old environment files work? According to my testing, the old environment file still works.
Mine too, moved to 3.7.
PR created in github: https://github.com/openshift/openshift-ansible/pull/5205
The original configuration file /etc/sysconfig/docker is still honored and there has been no discussion about EOL'ing it. The only difference is that registries in the sysconfig/docker file will not be usably by other container runtimes or skopeo.
@Brent There are some discussions on that PR regarding which container runtimes are currently consuming /etc/containers/registries.conf Having one registry configuration file for all runtimes would be beneficial to openshift-ansible users and allow our codebase to simplify.
When upgrade ocp 3.6 to 3.7 on atomic hosts, met the same issue. TASK [openshift_node_upgrade : Pre-pull node image] **************************** fatal: [x.x.x.x]: FAILED! => {"changed": false, "cmd": ["docker", "pull", "openshift3/node:v3.7.0"], "delta": "0:00:00.498253", "end": "2017-09-29 07:41:05.949663", "failed": true, "rc": 1, "start": "2017-09-29 07:41:05.451410", "stderr": "unauthorized: authentication required", "stderr_lines": ["unauthorized: authentication required"], "stdout": "Trying to pull repository docker.io/openshift3/node ... ", "stdout_lines": ["Trying to pull repository docker.io/openshift3/node ... "]} ansible-2.3.2.0-2.el7.noarch openshift-ansible-3.7.0-0.133.0.git.0.06c6bc7.el7.noarch docker-1.12.6-32.git88a4867.el7.x86_64
PR submitted: https://github.com/openshift/openshift-ansible/pull/5629 Since we're not check/enforcing docker version to incremental releases, we are gong to enable the settings in both files for the time being.
Verified with version openshift-ansible-3.7.0-0.143.1.git.0.89248df.el7, settings is in both files now.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2017:3188