Bug 1661019 - [Container Admin] docker pull does not work
Summary: [Container Admin] docker pull does not work
Status: VERIFIED
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Container Management   
(Show other bugs)
Version: 6.5.0
Hardware: Unspecified
OS: Unspecified
unspecified
urgent vote
Target Milestone: 6.5.0
Assignee: Justin Sherrill
QA Contact: Mirosław Zalewski
URL:
Whiteboard:
Keywords: Regression, Triaged
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-12-19 20:21 UTC by Mirosław Zalewski
Modified: 2019-02-04 13:02 UTC (History)
5 users (show)

Fixed In Version: tfm-rubygem-katello-3.10.0.16-1
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
List of packages installed on machine where feature did work in the past (26.02 KB, text/plain)
2018-12-19 20:21 UTC, Mirosław Zalewski
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
Foreman Issue Tracker 25922 None None None 2019-01-25 17:12 UTC

Description Mirosław Zalewski 2018-12-19 20:21:43 UTC
Created attachment 1515751 [details]
List of packages installed on machine where feature did work in the past

One of changes introduced in Satellite 6.5 allows users to execute docker commands against Satellite server (FQDN, not Crane exposed on specific port). `docker pull`, which is one of primary supported commands, does not work.

I have verified that this feature does not work on Satellite 6.5 snap 8, but it did work on forklift development box in late November (foreman commit: 3371bd6d380316588fccc740a41b293ccfc0f250 ; Katello commit: d83615fa0c523a10f1931a833a45f285e0e4e386; full list of installed packages in attachement). I was not able to setup environment with current Foreman master or with older Satellite snap, so I couldn't verify if that stopped working in recent Satellite snap, or somehow got broken during upstream -> downstream transition. Assigning Regression keyword because that feature was tested early in development cycle and was working back then.


Version-Release number of selected component (if applicable):
Satellite 6.5 snap 8
katello-3.10.0-0.6.rc1.el7sat.noarch
pulp-server-2.18.0-0.1.rc.el7sat.noarch
foreman-1.20.1.1-1.el7sat.noarch
satellite-6.5.0-5.beta.el7sat.noarch


Steps to Reproduce:
1. hammer product create --name="docker-prod" --organization-id="1"
2. hammer repository create --content-type docker --docker-upstream-name alpine --name alpine --product-id :id --url https://registry-1.docker.io/
3. hammer repository synchronize --id :id
4. Set Library "Unauthenticated pull" to true or use `docker login`
5. docker pull $HOSTNAME/default_organization-docker-prod-alpine
Using default tag: latest
Trying to pull repository $HOSTNAME/default_organization-docker-prod-alpine ...
error parsing HTTP 400 response body: invalid character '<' looking for beginning of value: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\n</p>\n</body></html>\n"
6. docker pull $HOSTNAME:5000/default_organization-docker-prod-alpine
Using default tag: latest
Trying to pull repository $HOSTNAME:5000/default_organization-docker-prod-alpine ...
sha256:621c2f39f8133acb8e64023a94dbdf0d5ca81896102b9e57c0dc184cadaf5528: Pulling from $HOSTNAME:5000/default_organization-docker-prod-alpine
4fe2ade4980c: Pull complete
Digest: sha256:621c2f39f8133acb8e64023a94dbdf0d5ca81896102b9e57c0dc184cadaf5528
Status: Downloaded newer image for $HOSTNAME:5000/default_organization-docker-prod-alpine:latest

Actual results:
It is possible to pull image directly from Crane, but pulling them from Satellite hostname is not possible.

Expected results:
Using Satellite FQDN as docker hub URL is working for pulling images.

Comment 1 Dennis Kliban 2018-12-20 14:15:21 UTC
The problem is that the web server is not forwarding requests coming in on port 443 to whatever port Crane is running on. I am guessing the installer is not configuring the web server to do that.

Comment 3 Justin Sherrill 2019-01-25 17:12:23 UTC
Created redmine issue https://projects.theforeman.org/issues/25922 from this bug

Comment 4 Bryan Kearney 2019-01-25 19:05:01 UTC
Upstream bug assigned to jsherril@redhat.com

Comment 5 Bryan Kearney 2019-01-25 19:05:02 UTC
Upstream bug assigned to jsherril@redhat.com

Comment 6 Bryan Kearney 2019-01-28 17:04:48 UTC
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/25922 has been resolved.

Comment 9 Mirosław Zalewski 2019-02-04 13:02:42 UTC
Fix verified.

I have tried pulling container images from Library, from new lifecycle environment and from new lifecycle environment with custom registry name pattern. Each time, I tried with unauthenticated pull set to on and after `docker login`. I tried on alpine (all tags) and nodejs ("latest" tag only). Each pull succeeded.


Version:
Satellite 6.5 snap 14
foreman-1.20.1.10-1.el7sat.noarch
pulp-server-2.18.0-0.1.rc.el7sat.noarch
satellite-6.5.0-6.beta.el7sat.noarch
katello-3.10.0-0.6.rc1.el7sat.noarch


Note You need to log in before you can comment on or make changes to this bug.