Note: lists.cloudfoundry.org will be down for maintenance on Monday, September 26th, starting at 9AM Pacific Time (4PM Monday September 26, 2022 UTC), for approximately one hour.
Re: Self-signed cert for registry failing on stager
Will Pragnell <wpragnell@...>
On the stager, the stager process is running with -insecureDockerRegistry-logLevel=info. Shouldn't theregistryname also be in stager arguments?
No, that flag is simply a boolean switch .
The error:2015-08-27T18:43:00.50-0400 [STG/0] ERR builder exited with error:
failed to fetch metadata from [theregistryname/tom/diegotest] with tag
[latest] and insecure registries  due to Invalid registry endpoint
https://theregistryname/v1/: Gethttps://theregistryname/v1/_ping: x509:
certificate signed by unknown authority. If this private registry supports
only HTTP or HTTPS with an unknown CA certificate, please add
`--insecure-registry theregistryname` to the daemon's arguments. In the
case of HTTPS, if you have access to the registry's CA certificate, no need
for the flag; simply place the CA certificate at /etc/docker/certs.d/
This message comes from `docker_app_lifecycle` . It looks like that's
called by the stager, but for some reason the stager isn't passing the
right args through to it in your case. I'm afraid I don't know the Diego
code well enough to speculate as to why, but if you want to continue
tracing it through, you might want to start at , which is where the
stager works out what args it will pass to `docker_app_lifecycle`.
Hope that helps!
On 28 August 2015 at 03:46, James Bayer <jbayer(a)pivotal.io> wrote:
perhaps see if the lattice instructions for private registries have any