您好我们正在使用openshift-origin来部署和运行我们的docker springboot应用程序。 我们想从maven和中央构建器引擎推送我们的图像到私人openshift docker-registry。
但实际上我设法从主节点登录,但我无法从外部登录到docker-registry。
我创建了用于公开docker-registry的pod,服务和路由但不起作用
示例KO
docker login -u admin -p ftt9woC6CYavh4tnCmKdUe4-y-Vr3EVmTIxNnSuZY9g -e admin@siav.it docker-registry.os.siav.it
Error response from daemon: invalid registry endpoint <<https://>>docker-registry.os.siav.it/v0/: unable to ping registry endpoint <<https://>>docker-registry.os.siav.it/v0/
v2 ping attempt failed with error: Get <<https://>>docker-registry.os.siav.it/v2/: x509: certificate has expired or is not yet valid
v1 ping attempt failed with error: Get <<https://>>docker-registry.os.siav.it/v1/_ping: x509: certificate has expired or is not yet valid.
If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry docker-registry.os.siav.it` to the daemon's arguments.
In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/docker-registry.os.siav.it/ca.crt
示例确定
[root@sitorimstlx01 customconfig]# docker login -u admin -p ftt9woC6CYavh4tnCmKdUe4-y-Vr3EVmTIxNnSuZY9g -e admin@siav.it 172.30.31.250:5000
WARNING: login credentials saved in /root/.docker/config.json
登录成功
有用的数据 POD
oc describe pod docker-registry-2-6ewdd
Name: docker-registry-2-6ewdd
Namespace: default
Node: sitorimstlx01.jarvis.net/192.168.36.1
Start Time: Fri, 17 Jun 2016 09:23:26 +0200
Labels: deployment=docker-registry-2,deploymentconfig=docker-registry,docker-registry=default
Status: Running
IP: 10.1.0.2
Controllers: ReplicationController/docker-registry-2
Containers:
registry:
Container ID: docker://31d147215a526d09c6f120760a466313d172cd5953f0cf79806f2bf26767c32a
Image: openshift/origin-docker-registry:v1.2.0-rc1
Image ID: docker://0d167b277299b9aa6084cd74ae64e2cc9f6a1968f7a999e0aad580da1adcb02f
Port: 5000/TCP
QoS Tier:
cpu: BestEffort
memory: BestEffort
State: Running
Started: Fri, 17 Jun 2016 12:05:26 +0200
Last State: Terminated
Reason: Error
Exit Code: 2
Started: Fri, 17 Jun 2016 09:23:30 +0200
Finished: Fri, 17 Jun 2016 12:05:06 +0200
Ready: True
Restart Count: 0
Liveness: http-get http://:5000/healthz delay=10s timeout=5s period=10s #success=1 #failure=3
Readiness: http-get http://:5000/healthz delay=0s timeout=5s period=10s #success=1 #failure=3
Environment Variables:
OPENSHIFT_CA_DATA: -----BEGIN CERTIFICATE-----
--
-----END CERTIFICATE-----
OPENSHIFT_CERT_DATA: -----BEGIN CERTIFICATE-----
--
-----END CERTIFICATE-----
OPENSHIFT_INSECURE: false
OPENSHIFT_KEY_DATA: -----BEGIN RSA PRIVATE KEY-----
--
-----END RSA PRIVATE KEY-----
OPENSHIFT_MASTER: https://sitorimstlx01.jarvis.net:8443
REGISTRY_HTTP_ADDR: :5000
REGISTRY_HTTP_NET: tcp
REGISTRY_HTTP_SECRET: ePV81gcWaS2dXY8qX5V0nbl0TEod5lkhvn5pr6WZj/w=
Conditions:
Type Status
Ready True
Volumes:
registry-storage:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
v1:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: dock-reg-claim
ReadOnly: false
registry-token-mq5cv:
Type: Secret (a volume populated by a Secret)
SecretName: registry-token-mq5cv
No events.
**Service**
oc describe service docker-registry
Name: docker-registry
Namespace: default
Labels: docker-registry=default
Selector: docker-registry=default
Type: ClusterIP
IP: 172.30.31.250
Port: 5000-tcp 5000/TCP
Endpoints: 10.1.0.2:5000
Session Affinity: ClientIP
No events.
**Route**
oc describe route docker-registry-route
Name: docker-registry-route
Created: 2 minutes ago
Labels: <none>
Annotations: <none>
Requested Host: docker-registry.os.siav.it
exposed on router router 2 minutes ago
Path: <none>
TLS Termination: <none>
Insecure Policy: <none>
Service: docker-registry
Endpoint Port: <all endpoint ports>
Endpoints: 10.1.0.2:5000
有什么问题? 提前致谢, 最好的问候