Project

General

Profile

Bug #28698

docker registry in katello doesn't work with installed pulp3

Added by Justin Sherrill 5 months ago. Updated 5 months ago.

Status:
Closed
Priority:
Normal
Category:
Docker
Target version:
Difficulty:
Triaged:
Yes
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

Currently katello expects the smart proxy pulpcore.yaml to contain:

content_app_rul: http://localhost/24816

And then podman pull communicates like this:

podman ----> katello ----> pulp_content_app

There is a desire to not have katello know about or communicate directly with teh content app, so the communication needs to look like this:

podman ---> katello ---> apache ---> pulp_content_app

Right now, all auth ends at katello, so we will need apache to authorize katello to talk to the pulp_content_app registry. We can use an ssl cert to do this.

Associated revisions

Revision 60698344 (diff)
Added by Justin Sherrill 5 months ago

Fixes #28698 - route docker registry through apache

for pulp3

This change changes the expectation of the content_app_url setting
provided by the pulp3 smart proxy plugin. Now katello will be
proxying through apache to a special endpoint /pulpcore_registry/
that requires a client cert with a CN of 'admin'.

History

#1 Updated by The Foreman Bot 5 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/Katello/katello/pull/8499 added

#2 Updated by The Foreman Bot 5 months ago

  • Fixed in Releases Katello 3.16.0 added

#3 Updated by Justin Sherrill 5 months ago

  • Status changed from Ready For Testing to Closed

#4 Updated by Chris Roberts 5 months ago

  • Triaged changed from No to Yes
  • Target version set to Katello 3.15.0
  • Fixed in Releases Katello 3.15.0 added
  • Fixed in Releases deleted (Katello 3.16.0)

Also available in: Atom PDF