Problem: When defining the docker repository via the gui, there are options to enter SSL Client Cert and SSL Client Key. However, they are not text box entries, but rather appear to be drop-down lists and are empty. How is one supposed to enter the client cert and key?
Expected outcome: Either a populated drop down list, or a text box to enter the locations.
Foreman and Proxy versions: foreman 2.4.1, katello 4.0.3
The account on the docker repository is created using the server certificate from our satellite server. In content credentials, I created my-cert with the certificate contents and my-key with the key of the certificate.
I created a product for docker repositories. Within that I created a repository for this particular external docker repository. For SSL Client Cert I used my-cert. For SSL Client Key I used my-key. When I try to sync, I get error:
Doing a little research seems to indicate that the private key does not match the server certificate. I don’t think that is it. I ran:
openssl rsa -check -noout -in myserver.key
# and got RSA key is ok. I then ran:
openssl rsa -modulus -noout -in myserver.key | openssl md5
# and received an md5 sum. I then ran:
openssl x509 -modulus -noout -in myserver.crt | openssl md5
# and got back the same md5 sum.
So, I do not believe it is a miss-match between key and certificate.
Is there an updated version of foreman-docker-plugin. It says to run foreman-installer –enable-foreman-plugin-docker but that just gives back: ERROR: Unrecognised option '--enable-foreman-plugin-docker'
That depends what you’re after. Afaik the foreman-docker plugin was only useful for running containers. If you want to use foreman with katello as a registry, then you shouldn’t really need it.
Well, that is what I am trying to do. We have many racks of servers in a remote location. Our satellite server is in that same location. The docker registry they use is back at the main campus. We believe it would greatly improve performance if our satellite server could host the docker images needed by the servers so that they could all pull over a local network rather than have them all pull across the WAN. The docker registry allows pulling with an account created from a signed server certificate - using docker. I can not get foreman-katello to even authenticate to it correctly and I can’t seem to find any documentation on how to correctly set up the authentication to a docker registry.