x509: certificate signed by unknown authority; manifest unknown: manifest unknown;
Коллеги, актуальный статус.
- На текущий момент у меня проблема при деплое пода с postgres:
Error syncing pod, skipping: failed to "StartContainer" for "postgresql-95-centos7" with ImagePullBackOff: "Back-off pulling image \"172.30.175.150:5000/agent-dev/postgresql-95-centos7:latest\""
Error syncing pod, skipping: failed to "StartContainer" for "postgresql-95-centos7" with ErrImagePull: "manifest unknown: manifest unknown"
Приложение создается следующей коммандой, которая работала ранее:
oc new-app -e POSTGRESQL_USER=agent-portal -e POSTGRESQL_PASSWORD=P@ssw0rd -e POSTGRESQL_DATABASE=agent-portal --docker-image="172.30.175.150:5000/agent-dev/postgresql-95-centos7:latest"
Пробовал различные workaround, которые смог найти в сети - ничего не помогает. Например при попытке создать новое приложение из образа через UI консоль получаю такую ошибку:
см. вложение
- Так же есть проблема при создании ImageStream, необходимых для билда и деплоя контенеров. Приведу пример для s2i-java. Этот Image необходим для билда. Я создаюImageStream коммандой oc tag 172.30.175.150:5000/agent-dev/s2i-java:2.0 s2i-java:2.0, ошибок нет, но imagestrema нормально не создается:
[payuser@msk-pay-master01 ~]$ oc describe is s2i-java
Name: s2i-java
Namespace: agent-dev
Created: About a minute ago
Labels:
Annotations: openshift.io/image.dockerRepositoryCheck=2017-08-30T10:57:02Z
Docker Pull Spec: 172.30.175.150:5000/agent-dev/s2i-java
Unique Images: 0
Tags: 1
2.0
tagged from 172.30.175.150:5000/agent-dev/s2i-java:2.0
! error: Import failed (InternalError): Internal error occurred: Get https://172.30.175.150:5000/v2/: x509:
certificate signed by unknown authority
About a minute ago
Responses
Hello Dimitry,
Using a mixture of English and Russian is confusing for non Russians. Is it possible for you to use English? I ask this because most of the community members have trouble reading/writing Russian. Using English will give you a greater change to get help.
Personally I can only determine that you write Russian by using Google translate.
Regards,
Jan Gerrit Kootstra
P.S. I am sorry , if the Russian text is confusing, it is due to Google translate.Привет, Димитрий,
Использование смеси английского и русского языков путается для нерусских. Можно ли использовать английский? Я спрашиваю об этом, потому что у большинства членов сообщества есть проблемы с чтением / написанием русского языка. Использование английского языка даст вам больше изменений, чтобы получить помощь.
Лично я могу только определить, что вы пишете русский язык с помощью Google translate.
С Уважением,
Ян Геррит Кутстра Постскриптум Извините, если русский текст запутан, это связано с переводом Google.
Jan, thanks for your reply. I'll try to translate the mesasge above.
We are facing uknown issue cause by 509x certificate. When I am trying to create new-app using following command in OC I got error:
oc new-app -e POSTGRESQL_USER=agent-portal -e POSTGRESQL_PASSWORD=P@ssw0rd -e POSTGRESQL_DATABASE=agent-portal --docker-image="172.30.175.150:5000/agent-dev/postgresql-95-centos7:latest" W0831 11:51:14.901522 48792 dockerimagelookup.go:220] Docker registry lookup failed: Get https://172.30.175.150:5000/v2/: x509: certificate signed by unknown authority error: no match for "172.30.175.150:5000/agent-dev/postgresql-95-centos7:latest"
The 'oc new-app' command will match arguments to the following types:
- Images tagged into image streams in the current project or the 'openshift' project
- if you don't specify a tag, we'll add ':latest'
- Images in the Docker Hub, on remote registries, or on the local Docker engine
- Templates in the current project or the 'openshift' project
- Git repository URLs or local paths that point to Git repositories
--allow-missing-images can be used to point to an image that does not exist yet.
The error actualy is: "Docker registry lookup failed: Get https://172.30.175.150:5000/v2/: x509: certificate signed by unknown authority" The weak before same command worked fine and there were no issues.
Other way that I am using to create app is with UI, but I face the same error: Internal error occurred. Get https://172.30.175.150:500/v2/: x509: certificate signed by unknown authority Image name that I use: 172.30.175.150:500/agent-dev/postgresql-95-centos7:latest
Also when I create ImageStream using OC: oc tag 172.30.175.150:5000/agent-dev/s2i-java:2.0 s2i-java:2.0 I got no errors but the same error occures later: [payuser@msk-pay-master01 ~]$ oc describe is s2i-java Name: s2i-java Namespace: agent-dev Created: About a minute ago Labels: Annotations: openshift.io/image.dockerRepositoryCheck=2017-08-30T10:57:02Z Docker Pull Spec: 172.30.175.150:5000/agent-dev/s2i-java Unique Images: 0 Tags: 1
2.0 tagged from 172.30.175.150:5000/agent-dev/s2i-java:2.0
! error: Import failed (InternalError): Internal error occurred: Get https://172.30.175.150:5000/v2/: x509: certificate signed by unknown authority About a minute ago
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
