-
Notifications
You must be signed in to change notification settings - Fork 233
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CRC Image Registry docker login issue on Windows - 127.0.0.1:80 connection refused #2354
Comments
@ShrayRastogi Are you using the vsock as part of config? Can you provide output of |
In crc 1.25.0, the registry on the port 80 is not exposed. It is fixed in 1.26.0. Can you give it a try? Thanks. |
I upgraded the CRC to v4.7.8 and 1.26.0+31f06c09, still same error |
crc config view
|
@praveenkumar @guillaumerose - |
Have you deleted the old crc instance and started fresh with new version. I just tested
|
@praveenkumar - Yes, I deleted the old instance and started fresh. It is working on linux for me as well, however, not working on Windows Enterprise. Please help! Let me know if you need any other logs or something. I am also able to login to default image registry via VSCode Docker Extension (using URL like https://default-route-openshift-image-registry.apps-crc.testing). However, via command line - docker login or docker push, I get same error as above. Via command-line docker by default is going to http://default-route-openshift-image-registry.apps-crc.testing instead of https. |
This is because you are using Docker Desktop or running docker/podman in WSL I guess. |
@guillaumerose @praveenkumar - Yes, I am using Docker Desktop. However, I am getting this error now - |
You need to configure certificates then. Follow this: https://docs.docker.com/docker-for-windows/#adding-tls-certificates |
@praveenkumar @guillaumerose - So there is no any other alternative than to use host.docker.internal during docker login and docker push commands? |
I can't find an alternative. But for sure, we can simplify this and crc could configure that for you. |
@praveenkumar @guillaumerose - That would be super helpful. So, by using host.docker.internal, do I need to select external image registry and creating image pull secret while creating an app or would the image be pushed to default internal openshift registry? |
@praveenkumar @guillaumerose - I have tried the following based on your suggestion with docker -
docker tag myimage:v1 host.docker.internal:4430/myproject/myimage:v1 But I don't see the images in Openshift internal image registry Could you please help with this, if possible? How could I solve this docker login using host.docker.internal on 443 port? |
@guillaumerose @praveenkumar - could you help with this? |
@ShrayRastogi what is the output of |
@praveenkumar - I am not able to login to openshift internal registry itself using docker. I tried multiple things but to no avail. If you could, then help me with docker login issue on Windows Enterprise... else you can close the bug... |
the certificate does not work for this name; SNI will deny this... please only try to use something using |
@ShrayRastogi I found a solution for you:
You will be able to login with Each time you restart Docker you will have to run step 2 and 3 again. I also tried on macOS and it works fine by default. Directly docker login. |
@gbraad - Thank you for input, however, the default route for internal registry goes to http instead of https when running crc with vsock. That's why need to use host.docker.internal which goes to https but that causes an issue with certificate. I tried creating multiple certificates that has subject with alt names for both host.docker.internal and default route but nothing worked. |
@guillaumerose - Thanks for providing the way. I will try this out and let you know if it's works. |
@guillaumerose - IT WORKED!!!!!!!!!!!!!!!!!!!!!!!!!!!! THANK YOU SO MUCH.........................!!!!!!!!!!!!!!!!!!!!!!!!!!! Able to now docker login and push images to internal registry. Could you please explain a bit more, if that's ok, as to what this docker container is doing and what made it work? |
@ShrayRastogi Oh wait, that is on the docker's runtime image of course... So, this is something specific to Docker for Windows. BUT, if we add this entry to the host itself, would this get taken? |
@gbraad @guillaumerose - Thanks for the explanation. If CRC would be able to do it by default, it would help a lot or at least a documentation of this process to help Windows Enterprise users. I think we can close the bug now. |
On macOS, dockerd is configured to use the built-in http proxy of VPNKit. That means that all HTTP requests made by dockerd are in reality, made on the host: DNS resolution, connection etc. On Windows, there is no http proxy configured for dockerd, so: the DNS resolution happens and VPNKit answers 127.0.0.1 for default-route-openshift-image-registry.apps-crc.testing. |
Which means this issue is due to missing functionality from DfW; there is no feature parity. Perhaps an oversight (forgotten use-case as it is not often needed) |
I'm having the same error with PODMAN on MacOS with latest version of CRC, login worked built image with podman but push to internal registry with CRC failed. |
@rprakashg can you open a new issue, and provide the details listed in the issue template? Thanks! |
OS: Windows 10
Hyper-V
Laptop
When trying to docker login to CRC internal image registry default-route-openshift-image-registry.apps-crc.testing throws error.
Its only happening on windows. Works fine when running on Linux.
Version
Client Version: 4.7.5
Kubernetes Version: v1.20.0+bafe72f
Steps To Reproduce
crc daemon
crc start (Windows)
docker login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.apps-crc.testing
Current Result
Get http://default-route-openshift-image-registry.apps-crc.testing/v2/: dial tcp 127.0.0.1:80: connect: connection refused
Expected Result
Login Succeeded!
Additional Information
I have tried the following -
The text was updated successfully, but these errors were encountered: