Project

General

Profile

Feature #7925

As a docker user, I'd like to be able to 'docker pull' content from katello

Added by Brad Buckingham over 7 years ago. Updated almost 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Container
Target version:
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Modifications are being made to the katello-installer to configure pulp's crane web application; however, in order to run 'docker pull' from the client, changes are needed on the client as well. The reason being, the apache configuration for crane utilizes SSL for communication with the client.

With the current configuration, the client needs to have the CA certificate added to the /etc/pki/tls/certs/ca-bundle.crt; however, it may be possible that solution will be slightly different once the subscription/entitlement support is added.

The following will enable the user to run 'docker pull' with the current configuration:

1. append the CA certificate (e.g. /etc/rhsm/ca/katello-server-ca.pem) to /etc/pki/tls/certs/ca-bundle.crt

-----BEGIN CERTIFICATE-----
MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB
rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV
BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa
Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl
LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u
MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl
ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm
gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8
YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf
b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9
9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S
zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk
OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV
HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA
2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW
oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu
t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c
KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM
m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu
MdRAGmI0Nj81Aa6sY6A=
-----END CERTIFICATE-----

2. restart docker

systemctl restart docker

3. attempt to pull a repo

docker pull fortello.devel:5000/default_organization-docker-busybox


Related issues

Related to Katello - Tracker #7125: Docker Content SupportReady For Testing

Blocked by Katello - Bug #8636: Need to include katello-default-ca-cert for dockerClosed2014-12-09

History

#1 Updated by Brad Buckingham over 7 years ago

#2 Updated by Partha Aji over 7 years ago

  • Category set to Container

#3 Updated by Partha Aji over 7 years ago

  • Bugzilla link set to 1192595

#4 Updated by Partha Aji about 7 years ago

  • Status changed from New to Closed

This should be resolved as of http://projects.theforeman.org/issues/8636

#5 Updated by Eric Helms about 7 years ago

  • Blocked by Bug #8636: Need to include katello-default-ca-cert for docker added

#6 Updated by Eric Helms about 7 years ago

  • Status changed from Closed to Resolved
  • Triaged changed from No to Yes

#7 Updated by Eric Helms almost 6 years ago

  • Legacy Backlogs Release (now unused) set to 166

Also available in: Atom PDF