Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sets kolla_docker_registry_insecure to true #297

Merged
merged 3 commits into from
Dec 29, 2022
Merged

Sets kolla_docker_registry_insecure to true #297

merged 3 commits into from
Dec 29, 2022

Conversation

jovial
Copy link
Contributor

@jovial jovial commented Dec 13, 2022

We currently don't configure TLS for the the local pulp registry. This adds the pulp server to the list of insecure-registries, so that we can pull images.

@jovial
Sets kolla_docker_registry_insecure to true
ecd14ae 
We currently don't configure TLS for the the local pulp registry.  This adds the pulp server to the list of insecure-registries, so that we can pull images.
@jovial jovial requested a review from a team as a code owner December 13, 2022 13:42
@markgoddard
Copy link
Contributor

We've set this in the ci-* environments, so it could be dropped there now.

@jovial
Copy link
Contributor Author

jovial commented Dec 14, 2022

We've set this in the ci-* environments, so it could be dropped there now.

Done. It did make me think we could have a better default rather than hard-coding true, but kolla_docker_registry has the protocol stripped, so you'd have to look at one of the intermediate variables e.g pulp_url and that seemed a bit fragile. What do you reckon? Anyone running pulp with https already will need to be careful syncing in this change.

@markgoddard
Copy link
Contributor

We've set this in the ci-* environments, so it could be dropped there now.

Done. It did make me think we could have a better default rather than hard-coding true, but kolla_docker_registry has the protocol stripped, so you'd have to look at one of the intermediate variables e.g pulp_url and that seemed a bit fragile. What do you reckon? Anyone running pulp with https already will need to be careful syncing in this change.

Yes, it's not ideal. I suppose we could use the same value that was in the environment config, which is most likely to be correct.

@jovial
Use a better default for kolla_docker_registry_insecure
a61cd9e 
Hoping this will prevent breakage for people already running pulp with TLS.
@jovial jovial enabled auto-merge (squash) December 14, 2022 15:31
@jovial jovial merged commit 78055cf into stackhpc/xena Dec 29, 2022
@jovial jovial deleted the bugfix/xena/insecure-registry branch December 29, 2022 12:24
@markgoddard markgoddard mentioned this pull request Jan 4, 2023
Merged
m-bull pushed a commit that referenced this pull request Jan 19, 2023
@jovial @m-bull
Sets kolla_docker_registry_insecure to true (#297)
0ab0acb 
* Sets kolla_docker_registry_insecure to true

We currently don't configure TLS for the the local pulp registry.  This adds the pulp server to the list of insecure-registries, so that we can pull images.

* Remove kolla_docker_registry_insecure override in CI environment

Based on comments in code review.

* Use a better default for kolla_docker_registry_insecure

Hoping this will prevent breakage for people already running pulp with TLS.

(cherry picked from commit 78055cf)
@markgoddard markgoddard mentioned this pull request Feb 7, 2023
Merged
@markgoddard markgoddard mentioned this pull request Sep 21, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@markgoddard markgoddard markgoddard approved these changes

@bbezak bbezak bbezak approved these changes

Assignees

@jovial jovial

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jovial @markgoddard @bbezak