Bug 1481251 - [3.6] Regression or change in how kubelet pull credentials are defined?
Summary: [3.6] Regression or change in how kubelet pull credentials are defined?
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Node
Version: 3.6.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 3.6.z
Assignee: Seth Jennings
QA Contact: Johnny Liu
Depends On:
Blocks: 1316341 1484063 1484068 1500642
TreeView+ depends on / blocked
Reported: 2017-08-14 12:43 UTC by Scott Dodson
Modified: 2020-06-11 13:56 UTC (History)
16 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1316341
Last Closed: 2017-09-08 03:15:23 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:2642 0 normal SHIPPED_LIVE OpenShift Container Platform 3.6.1 bug fix and enhancement update 2017-09-08 07:14:52 UTC

Comment 1 Scott Dodson 2017-08-14 12:45:17 UTC
According to QE, the .docker/config.json is no longer read by the kubelet to specify pull credentials.

Comment 4 Seth Jennings 2017-08-21 16:18:03 UTC
tl;dr switching to the dockershim client for the CRI changed this behavior

Upstream issue:

And fix (for kube 1.7);

Origin 1.6 PR

Comment 11 Johnny Liu 2017-09-06 10:40:49 UTC
Verified this bug with atomic-openshift-, and PASS.

In my previous verification - comment 6, the failure is because I saved docker registry creds in /var/lib/origin/, but not /var/lib/origin/.docker, after move it to /var/lib/origin/.docker, it works (though it also worked when docker registry creds is saved in /var/lib/origin/ before this regression was introduced, now user have to save docker registry creds in /var/lib/origin/).

Comment 12 Johnny Liu 2017-09-06 11:11:37 UTC
Also run the same testing with atomic-openshift-, also PASS.

Comment 14 errata-xmlrpc 2017-09-08 03:15:23 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.