Description of problem: After installing OpenShift in the disconnected environment at a customer side, all pods are ContainerCreating status. Version-Release number of selected component (if applicable): 3.19.14 How reproducible: Always in a customer's side Steps to Reproduce: 1. Install OpenShift in the disconnected environment Actual results: Containers are ContainerCreating status and we can see the following events. Warning DNSConfigForming kubelet, <domain> Search Line limits were exceeded, some search paths have been omitted, the applied search line is: openshift-web-console.svc.cluster.local svc.cluster.local cluster.local <customer_domain1> <customer_domain2> Warning FailedCreatePodSandBox kubelet, qomna03l.unix.anz Failed create pod sandbox: rpc error: code = Unknown desc = error creating pod sandbox with name \"k8s_webconsole-11111111-11111_openshift-web-console_<uuid>_0\": Error determining manifest MIME type for docker://kubernetes/pause:latest: pinging docker registry returned: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on <customer_ip>:53: no such host", Expected results: A container can be created without error Additional info: Will attach the customer's logs in private
is this Docker or CRI-O? it looks like everything is behaving as expected though, no network so if the pause image isn't on the host system, then the container runtime won't pull it. They should grab the pause image "somewhere", export it to a tarball, and import it on the disconnected host. I can't see how it could work otherwise.
What I've understood is that you guys installed CRI-O with OpenShift, but you have not setup everything for CRI-O. For instance, to block a registry in CRI-O you need to use /etc/crio/crio.conf, not /etc/sysconfig/docker. The pre-pulled images in the "docker images" output are not in the CRI-O storage, you first need to populate the CRI-O storage in the air-gapped host.
*** This bug has been marked as a duplicate of bug 1573693 ***