Bug 1615337 - Pod was attempting to pull IP based image URL and getting a certificate error
Summary: Pod was attempting to pull IP based image URL and getting a certificate error
Keywords:
Status: CLOSED DUPLICATE of bug 1614025
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.11.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 3.11.0
Assignee: Scott Dodson
QA Contact: Johnny Liu
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-08-13 11:26 UTC by Johnny Liu
Modified: 2018-08-13 15:05 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-08-13 15:05:52 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
installation log with inventory file embedded (2.48 MB, text/plain)
2018-08-13 11:26 UTC, Johnny Liu 		no flags Details
View All

Description Johnny Liu 2018-08-13 11:26:04 UTC 
Created attachment 1475547 [details]
installation log with inventory file embedded

Description of problem:

Version-Release number of the following components:
openshift-ansible-3.11.0-0.13.0.git.0.16dc599None.noarch
# oc version
oc v3.11.0-0.13.0
kubernetes v1.11.0+d4cacc0
features: Basic-Auth GSSAPI Kerberos SPNEGO

Server https://qe-jialiu4-mrre-1:8443
openshift v3.11.0-0.13.0
kubernetes v1.11.0+d4cacc0


How reproducible:
Always

Steps to Reproduce:
1. Trigger an installation
2. after installation, new an app from template to trigger a s2i build.
3.

Actual results:
Pods failed to start.
# oc get po -n install-test
NAME                              READY     STATUS             RESTARTS   AGE
mongodb-1-sxczc                   1/1       Running            0          1h
nodejs-mongodb-example-1-build    0/1       Completed          0          1h
nodejs-mongodb-example-1-deploy   0/1       Error              0          58m
nodejs-mongodb-example-2-deploy   1/1       Running            0          3m
nodejs-mongodb-example-2-m4ccm    0/1       ImagePullBackOff   0          3m


# oc describe po nodejs-mongodb-example-2-m4ccm -n install-test
<--snip-->
Events:
  Type     Reason          Age              From                        Message
  ----     ------          ----             ----                        -------
  Normal   Scheduled       11s              default-scheduler           Successfully assigned install-test/nodejs-mongodb-example-2-m4ccm to qe-jialiu4-mrre-1
  Normal   Pulling         8s               kubelet, qe-jialiu4-mrre-1  pulling image "172.30.40.162:5000/install-test/nodejs-mongodb-example@sha256:2ce35eeeb37506a05ea425b3ee3329a2d22e666876a6e757d9137452addede62"
  Warning  Failed          8s               kubelet, qe-jialiu4-mrre-1  Failed to pull image "172.30.40.162:5000/install-test/nodejs-mongodb-example@sha256:2ce35eeeb37506a05ea425b3ee3329a2d22e666876a6e757d9137452addede62": rpc error: code = Unknown desc = Get https://172.30.40.162:5000/v2/: x509: certificate signed by unknown authority
  Warning  Failed          8s               kubelet, qe-jialiu4-mrre-1  Error: ErrImagePull
  Normal   BackOff         2s (x2 over 5s)  kubelet, qe-jialiu4-mrre-1  Back-off pulling image "172.30.40.162:5000/install-test/nodejs-mongodb-example@sha256:2ce35eeeb37506a05ea425b3ee3329a2d22e666876a6e757d9137452addede62"
  Warning  Failed          2s (x2 over 5s)  kubelet, qe-jialiu4-mrre-1  Error: ImagePullBackOff
  Normal   SandboxChanged  1s (x3 over 8s)  kubelet, qe-jialiu4-mrre-1  Pod sandbox changed, it will be killed and re-created.


Expected results:
Pods should pull image from docker-registry.default.svc:5000 to avoid such certificate issue.

Additional info:
I tried openshift v3.11.0-0.13.0 + openshift-ansible-3.11.0-0.11.0.git.0.3c66516None.noarch, does not hit such problem, so it is a installer regression bug.
Comment 1 Scott Dodson 2018-08-13 15:05:52 UTC 

*** This bug has been marked as a duplicate of bug 1614025 ***
Note You need to log in before you can comment on or make changes to this bug.