- When attempting to use SmartState Analysis to scan images in an OpenShift repository, either provided by Red Hat or hosted elsewhere, the SmartState Analysis pod will never complete, instead producing an error similar to the following in the CloudForms appliance's
[----] E, [2018-01-18T16:48:01.807391 #13031:515130] ERROR -- : Q-task_id([dba3150e-fca9-11e7-8e7d-005056bc964f]) MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::Scanning::Job#collect_compliance_data) collecting compliance data for registry.access.redhat.com/openshift3/ose-deployer@sha256:3c6cbe1ea169748849513b8495918b4c04d760e62550923c260d636820d63253 with error: HTTP status code 500, OpenSCAP Error: Unable to run OpenSCAP: Unable to retreive the CVE file: Could not download file https://www.redhat.com/security/data/metrics/ds/com.redhat.rhsa-RHEL7.ds.xml.bz2: Get https://www.redhat.com/security/data/metrics/ds/com.redhat.rhsa-RHEL7.ds.xml.bz2: dial tcp 22.214.171.124:443: getsockopt: connection refused
- If this occurs in an environment where a proxy is necessary to connect to outside resources such as the image repository being utilized by OpenShift, adding proxy credentials to the OpenShift pod created by the CloudForms SmartState Analysis process may be required.
- Alternatively, SmartState Analysis may complete, but OpenSCAP data may not be populated in either the CloudForms user interface or reports.
- Red Hat CloudForms 4.5 and earlier
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.