Image Pull fails and is rejected due to policy in OpenShift Container Platform 4

Solution Verified - Updated -

Issue

  • When trying to deploy a container image, the deployment fails with ImagePullBackOff and the following error message:

    Failed to pull image "registry.example.com:5000/my-project/myimage@sha256:c7be7ee7e61afee1618c09271db59f846aa5a9e17487f909793cef5f722303c0": rpc error: code = Unknown desc = Source image rejected: Running image docker://registry.example.com:5000/my-project/myimage@sha256:c7be7ee7e61afee1618c09271db59f846aa5a9e17487f909793cef5f722303c0 is rejected by policy.

  • When trying to deploy a container image, the deployment fails with ImagePullBackOff and the following error message is observed:

    Failed to pull image "example.com/my-image/my-image@sha256:xxxxxxx": rpc error: code = Unknown desc = SignatureValidationFailed: copying system image from manifest list: Source image rejected: Running image docker://example.com/my-image/my-image@sha256:xxxxxxx is rejected by policy.

Environment

  • Red Hat OpenShift Container Platform 4.x
  • The cluster Image controller configuration restricts image registries using an allowedRegistries list

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content