On Sun, Mar 6, 2016 at 10:13 PM, Michael Hrivnak mhrivnak@redhat.com wrote:
Mohammed,
The problem is revealed in this strange-looking error, seen on line 16 of your paste: "local error: no renegotiation".
Docker is written in Go, the network library for which famously and contentiously [0] does not support TLS renegotiation.
So the challenge with docker is that you must host the API (crane in this case) and the image files on web servers that will not require renegotiation.
[0] https://github.com/golang/go/issues/5742
Michael
On Sun, Mar 6, 2016 at 4:55 AM, Mohammed Zeeshan < mohammed.zee1000@gmail.com> wrote:
Hi,
I am Mohammed Zeeshan Ahmed, part of Container Tooling Team at Redhat, working on the registry component of the CentOS Container Pipeline.
I have been trying to get pulp/crane to work for sometime now to get it to fit into the pipeline. I have setup pulp/crane on a single node (self signed certificates) while a second node acts as a client (pulp-admin and docker) currently stuck at this point http://pastebin.centos.org/40926/ and would appreciate any help in getting things to work.
Thanks in advance.
-- *Mohammed Zeeshan Ahmed, * +919986458839 Bengaluru, India
https://mohammedzee1000.wordpress.com/ http://mohammed-zeeshan.strikingly.com
Pulp-list mailing list Pulp-list@redhat.com https://www.redhat.com/mailman/listinfo/pulp-list
Hi, I have managed to resove the certificate issue, thanks for that help Michael, however, I think work still needs to be done.
My current status, as things stand is http://pastebin.centos.org/40971/. Could use some more help to resolve this one.
On 07/03/16 05:49, Mohammed Zeeshan wrote:
Hi, I have managed to resove the certificate issue, thanks for that help Michael, however, I think work still needs to be done.
My current status, as things stand is http://pastebin.centos.org/40971/. Could use some more help to resolve this one.
line 11 on there implies your need to get the docker registry host certs installed on your client side, and/or skip the cert validation on the client .
Hi
Even with Insecure registry=theregistry, (which basically disables tls verfication from docker daemon side, we still get a not found.
DEBU[0088] Calling POST /images/create INFO[0088] POST /v1.20/images/create?fromImage=dev-32-38.lon1.centos.org %3A5000%2Fpulpdemo%2Fbusybox%3Alatest DEBU[0088] Trying to pull dev-32-38.lon1.centos.org:5000/pulpdemo/busybox from https://dev-32-38.lon1.centos.org:5000 v2 DEBU[0088] Pulling tag from V2 registry: "latest" DEBU[0088] Error trying v2 registry: Error parsing HTTP response: invalid character '<' looking for beginning of value: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p>The requested URL /pulp/docker/v2/busybox/manifests/latest was not found on this server.</p>\n</body></html>\n" DEBU[0088] Trying to pull dev-32-38.lon1.centos.org:5000/pulpdemo/busybox from https://dev-32-38.lon1.centos.org:5000 v1 DEBU[0088] attempting v2 ping for registry endpoint https://dev-32-38.lon1.centos.org:5000/v2/ DEBU[0088] Endpoint https://dev-32-38.lon1.centos.org:5000/v2/ is eligible for private registry. Enabling decorator. DEBU[0088] [registry] Calling GET https://dev-32-38.lon1.centos.org:5000/v1/repositories/pulpdemo/busybox/imag...
DEBU[0088] Not continuing with error: Error: image pulpdemo/busybox:latest not found
On Mon, Mar 7, 2016 at 1:12 PM, Karanbir Singh mail-lists@karan.org wrote:
On 07/03/16 05:49, Mohammed Zeeshan wrote:
Hi, I have managed to resove the certificate issue, thanks for that help Michael, however, I think work still needs to be done.
My current status, as things stand is http://pastebin.centos.org/40971/. Could use some more help to resolve this one.
line 11 on there implies your need to get the docker registry host certs installed on your client side, and/or skip the cert validation on the client .
-- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc _______________________________________________ CentOS-devel mailing list CentOS-devel@centos.org https://lists.centos.org/mailman/listinfo/centos-devel
On Mon, Mar 7, 2016 at 11:19 AM, Mohammed Zeeshan < mohammed.zee1000@gmail.com> wrote:
On Sun, Mar 6, 2016 at 10:13 PM, Michael Hrivnak mhrivnak@redhat.com wrote:
Mohammed,
The problem is revealed in this strange-looking error, seen on line 16 of your paste: "local error: no renegotiation".
Docker is written in Go, the network library for which famously and contentiously [0] does not support TLS renegotiation.
So the challenge with docker is that you must host the API (crane in this case) and the image files on web servers that will not require renegotiation.
[0] https://github.com/golang/go/issues/5742
Michael
On Sun, Mar 6, 2016 at 4:55 AM, Mohammed Zeeshan < mohammed.zee1000@gmail.com> wrote:
Hi,
I am Mohammed Zeeshan Ahmed, part of Container Tooling Team at Redhat, working on the registry component of the CentOS Container Pipeline.
I have been trying to get pulp/crane to work for sometime now to get it to fit into the pipeline. I have setup pulp/crane on a single node (self signed certificates) while a second node acts as a client (pulp-admin and docker) currently stuck at this point http://pastebin.centos.org/40926/ and would appreciate any help in getting things to work.
Thanks in advance.
-- *Mohammed Zeeshan Ahmed, * +919986458839 Bengaluru, India
https://mohammedzee1000.wordpress.com/ http://mohammed-zeeshan.strikingly.com
Pulp-list mailing list Pulp-list@redhat.com https://www.redhat.com/mailman/listinfo/pulp-list
Hi, I have managed to resove the certificate issue, thanks for that help Michael, however, I think work still needs to be done.
My current status, as things stand is http://pastebin.centos.org/40971/. Could use some more help to resolve this one.
-- *Mohammed Zeeshan Ahmed, * B.E Computer Science Engineering Certified IT & Cloud Architect & RHCSA +919986458839 Bengaluru, India
https://mohammedzee1000.wordpress.com/ http://mohammed-zeeshan.strikingly.com
Hi,
I have raised an issue along this problem that I am facing so that it becomes easier to track.
https://pulp.plan.io/issues/1750