Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Cannot pull image from secured private registry
See original GitHub issueI added the registry to /var/snap/microk8s/current/args/containerd-template.toml as follows
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.my.domain"]
endpoint = ["https://docker.my.domain"]
But it couldn’t resolve. So I changed the endpoint to use the IP.
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.my.domain"]
endpoint = ["https://#.#.#.#"]
There was an error with the cert where the IP address was not listed in the SANs - so I re-issued the cert with the IP address in the SANs. Went back to not resolving. Keep in mind, I can successfully pull the image specified using docker pull.
[plugins."io.containerd.grpc.v1.cri".registry.configs]
[plugins."io.containerd.grpc.v1.cri".registry.configs."docker.my.domain"]
[plugins."io.containerd.grpc.v1.cri".registry.configs."docker.my.domain".tls]
insecure_skip_verify = true
I even tried specifying the CA certificate as the path on the host, no change.
What am I missing?
Issue Analytics
- State:
- Created 3 years ago
- Comments:13
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Updating to Nexus 3.27 corrected the issue, I was able to pull the image successfully. Thank you!
Not yet - I’m researching it now, apparently it’s an issue with the registry server not responding to HEAD requests, which I can verify outside of microk8s. I’ll keep you updated, but for now this issue can be closed.