1. Messages
  2. Diego Docker private repository not working

Re: Diego Docker private repository not working

Ted Young
 

Sorry. I meant to say we don't support private repositories which require
credentials, not private (non-hub) registries. I believe
password-protected private
repositories on docker hub (or elsewhere) is what Anuj is asking about.

On Wednesday, December 16, 2015, Tom Sherrod <tom.sherrod(a)gmail.com> wrote:

A 0.1441.0 install without the docker cache, pulled from a private
registry, no auth, no problems.

I'm confused by this thread.

On Dec 16, 2015, at 1:56 PM, Anuj Jain <anuj17280(a)gmail.com
<javascript:_e(%7B%7D,'cvml','anuj17280(a)gmail.com');>> wrote:

Thanks for the quick reply - is there any workaround till the time long
term solution will be in place.
On Dec 17, 2015 12:17 AM, "Ted Young" <tyoung(a)pivotal.io
<javascript:_e(%7B%7D,'cvml','tyoung(a)pivotal.io');>> wrote:

We don't currently support private docker registries, because as far as
we are aware the only auth scheme currently supported by private docker
registries is username/password. It is a violation of our security
protocols to flow through and retain user credentials, such as passwords,
in our system. We are waiting for an access token or similar scheme to be
offered.

On Wed, Dec 16, 2015 at 7:13 AM, Anuj Jain <anuj17280(a)gmail.com
<javascript:_e(%7B%7D,'cvml','anuj17280(a)gmail.com');>> wrote:

Hi,

I could not able to run docker containers using docker's v2 private
repository - I am using CF V226, Diego V0.1443.0 and Diego docker cache
V0.1021.0 (with stemcell V3146 - across all components).

I also found on your site that private is not supported with V2 yet (
https://docs.pivotal.io/pivotalcf/concepts/docker.html and/or
https://github.com/cloudfoundry-incubator/docker_app_lifecycle/issues/5)
- please confirm is that still the case or is there any workaround.

I can launch the docker app/container from Docker Hub public v2
registory - but while trying to use with private it is giving following
error:

=============
ef797df93a34: Pull complete
af28fa31b54b: Pull complete
Digest:
sha256:e45cc262f5d783ecbe07b7fe1a634342205d4a9eae209f9a9731a94b09493146
Status: Downloaded newer image for anuj17280/public:v1
Docker image pulled.
Docker image will be cached as
docker-registry.service.cf.internal:8080/b0aad5a4-50e7-46d7-7085-b7e7fb0b2abf
Tagging docker image anuj17280/public:v1 as
docker-registry.service.cf.internal:8080/b0aad5a4-50e7-46d7-7085-b7e7fb0b2abf
...
Docker image tagged.
Pushing docker image
docker-registry.service.cf.internal:8080/b0aad5a4-50e7-46d7-7085-b7e7fb0b2abf
The push refers to a repository
[docker-registry.service.cf.internal:8080/b0aad5a4-50e7-46d7-7085-b7e7fb0b2abf]
(len: 1)
unable to ping registry endpoint
https://docker-registry.service.cf.internal:8080/v0/
v2 ping attempt failed with error: Get
https://docker-registry.service.cf.internal:8080/v2/: tls: oversized
record received with length 20527
v1 ping attempt failed with error: Get
https://docker-registry.service.cf.internal:8080/v1/_ping: tls:
oversized record received with length 20527
failed to cache image anuj17280/public:v1 exit status 1
Staging process failed: Exit trace for group:
builder exited with error: exit status 1
docker_daemon exited with nil
Exit status 2
Staging Failed: Exited with status 2

FAILED
StagingError
============================



- Anuj

?
attachment.html

Join {cf-dev@lists.cloudfoundry.org to automatically receive all group messages.