Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes #28698 - route docker registry through apache #8499

Merged
merged 1 commit into from
Jan 10, 2020
Merged

Fixes #28698 - route docker registry through apache #8499

merged 1 commit into from
Jan 10, 2020

Conversation

jlsherrill
Copy link
Member

for pulp3

This change changes the expectation of the content_app_url setting
provided by the pulp3 smart proxy plugin. Now katello will be
proxying through apache to a special endpoint /pulpcore_registry/
that requires a client cert with a CN of 'admin'.

@theforeman-bot
Copy link

Issues: #28698

@jlsherrill
Copy link
Member Author

jlsherrill commented Jan 8, 2020
edited
Loading

To Test:

  1. redeploy my forklift pr here: Add a test role for Pulp3 theforeman/forklift#980
    This will add the following apache config:
<Location /pulpcore_registry/v2/>
   SSLRequire %{SSL_CLIENT_S_DN_CN} eq "adminz"
</Location>

ProxyPass /pulpcore_registry/v2/ http://127.0.0.1:24816/v2/
ProxyPassReverse /pulpcore_registry/v2 http://127.0.0.1:24816/v2

and will change your content_app_url in the smart proxy plugin config

  1. refresh the smart proxy
  2. restart httpd
  3. create and sync a docker repository
  4. find the docker pull url and pull it with podman (without the :5000)
podman login devel.balmora.example.com
podman pull devel.balmora.example.com/default_organization-docker_test-docker

@jlsherrill
Fixes #28698 - route docker registry through apache
287c73d 
for pulp3

This change changes the expectation of the content_app_url setting
provided by the pulp3 smart proxy plugin.  Now katello will be
proxying through apache to a special endpoint /pulpcore_registry/
that requires a client cert with a CN of 'admin'.
ianballou
ianballou reviewed Jan 9, 2020
View reviewed changes
Copy link
Member

@ianballou ianballou left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was able to do podman login and podman search to find my container image but podman pull failed and the server had these errors: https://gist.github.com/ianballou/15794034276e7f54da13d1340e7db968

Edit: Never mind this, it worked just fine. Reviewing the code now!

@jlsherrill
Copy link
Member Author

[test katello]

@jlsherrill jlsherrill merged commit 6069834 into Katello:master Jan 10, 2020
@jlsherrill jlsherrill deleted the 28698 branch January 10, 2020 19:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ianballou ianballou ianballou approved these changes

Assignees
No one assigned
Labels
Needs testing Not yet reviewed
Projects
None yet
Milestone
No milestone
3 participants
@jlsherrill @theforeman-bot @ianballou