-
Notifications
You must be signed in to change notification settings - Fork 40.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issues with private Docker Cloud repos and the 1.9.0 CLI #57427
Comments
@kubernetes/sig-cli-bugs |
@pluttrell: Reiterating the mentions to trigger a notification: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
I have same problem, and I "solved" it creating a docker-registry secret in an old kubernetes version and pasting it on new kubernetes |
I'm recently (I know it worked perfectly about last month) facing issues with I was able to confirm, that this is a kubernetes CLI related issue and not end user. Based on this guide and this article I was able to create properly formatted auth information looking like this: Confirmed working with kubectl 1.8.5 and server 1.8.4 (guess 1.7.9 as well) |
looks like there's an extra "auths" element when adding the secret using 1.9 kubectl
|
Added in #53916 /assign @juanvallejo |
…stries Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Fix problem accessing private docker registries **What this PR does / why we need it**: In 027c8b9, we added code to move from .dockercfg to config.json file. But we forgot to use the right secret type and the key to store the base64'ed creds **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Fixes #57427 #57273 **Special notes for your reviewer**: **Release note**: ```release-note Fixes issue creating docker secrets with kubectl 1.9 for accessing docker private registries. ```
@dims Many thanks for the quick fix on this. Any idea when this might get rolled out? Also, it might be a good idea if this was added to the known issue list for v1.9.0. It would have saved us a bunch of time trying to track down the root cause. Just trying to make sure no one else needs to do the same. |
linking to the "v1.9.0 known issues" list #57159 |
@pluttrell ack, asking Mehdy since he is the patch manager for v1.9 branch. @mbohlool Mehdy, any idea when we can ship 1.9.1 with this fix? |
workarounds for folks until 1.9.1 is released: if you have a .dockerconfigjson for your private registry already, you can manually specify the type and data key (e.g. if you don't have a .dockerconfigjson file already, you can fix up the secret produced by
|
1.9.1 will be released tomorrow |
I can confirm @liggitt's solution works, thanks so much! |
I am still having issues in 1.9.1. This worked in the 1.8.x branches:
|
you have to remove the gitlab-registry secret before you can apply an update... type is immutable, and the fix in 1.9.1 required changing the type of the secret |
/kind bug
We're having trouble retrieving images from a private registry on DockerCloud. For nearly a year the following has worked flawlessly. Last Friday I pulled down the 1.9.0 CLI (via brew) and since then have not been able to access any image in a private registry on DockerCloud. I've tried this on 10+ brand new clusters created with kops v1.8.0. The Kubernetes cluster version have been 1.8.0, 1.8.4, 1.8.5 and 1.9.0 (which is not supported by kops yet) and all exhibit the same problem.
We create the secret as such:
And verify it using:
Which yields:
And create a test service with
kubectl create -f
with these contents:The pod fails immediatly with:
I've reviewed the 1.9.0 release notes and nothing jumps out as the root cause.
For reference I've tried putting quotes around the
{my-password}
value when creating the secret to no avail.I've also tried prefixing the
spec.template.spec.containers.[0].image
value withindex.docker.io
, so the full value would read:image: index.docker.io/{my-org}/{my-repo-name}:{my-tag}
also to no avail.Environment:
Kubernetes version:
Cloud provider and installation info:
The text was updated successfully, but these errors were encountered: