1. 首页
  2. 问答
  3. 如何使用来自私有Docker注册表和自签名SSL证书的Docker镜像部署到Cloud Foundry?

如何使用来自私有Docker注册表和自签名SSL证书的Docker镜像部署到Cloud Foundry?

2017-04-03 134 views
0

如何将自签名证书添加到Cloud Foundry(PCFDev),这样我就可以使用来自私人Docker Registry的Docker Image进行部署?如何使用来自私有Docker注册表和自签名SSL证书的Docker镜像部署到Cloud Foundry?

在这个例子中我使用PCFDev:

[email protected]:(0):~/Documents/$ cf push app-ui -o nexus-dev/app/app-ui:latest 
Creating app app-ui in org pcfdev-org/space pcfdev-space as user... 
OK 

Creating route app-ui.local.pcfdev.io... 
OK 

Binding app-ui.local.pcfdev.io to app-ui... 
OK 


Starting app app-ui in org pcfdev-org/space pcfdev-space as user... 
Creating container 
Successfully created container 
Staging... 
Staging process started ... 
Failed to talk to docker registry: Get https://nexus-dev/v2/: x509: certificate signed by unknown authority 
Failed getting docker image by tag: Error parsing HTTP response: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"whit 
e\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.10.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n" 
Staging process failed: Exit trace for group: 
builder exited with error: failed to fetch metadata from [app/app-ui] with tag [latest] and insecure registries [] due to Error parsing HTTP response: invalid character '<' looking for beginning of value: "<html>\r\n<head><title> 
400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.10.0 
(Ubuntu)</center>\r\n</body>\r\n</html>\r\n" 
Exit status 2 
Staging Failed: Exited with status 2 
Destroying container 
Successfully destroyed container 

FAILED 
Error restarting application: StagingError 

TIP: use 'cf logs app-ui --recent' for more information

来源

2017-04-03 luka5z

回答

1

您可以用-r选项启动pcfdev, 例如

cf dev start -r host.pcfdev.io:5000

Insecure Docker Registries

来源

2017-04-04 01:16:29

+0

是否有可能被应用到任何CF安装更普遍的方式是什么? – luka5z

+0

根据https://docs.cloudfoundry.org/adminguide/docker.html#private和https://docs.cloudfoundry.org/adminguide/docker.html#push-docker,Opensource CF不支持码头注册表,但没有有效的ssl证书 Pivotal CF根据https://docs.pivotal.io/pivotalcf/1-9/opsguide/docker-registry.html#ert 支持不受信任的注册管理机构的白名单。但要澄清 - 任何Docker注册表仍需具有SSL端点(自签名aka非truster)和您的错误点缺席它。 –

相关问题

 相关问题