Details
-
Bug
-
Resolution: Done
-
Normal
-
None
-
4.14
-
None
-
No
-
ODC Sprint 239
-
1
-
False
-
Description
Description of problem:
Deploy Image Form throws error related to registry "docker.io" whitelist forbidden (sometimes)
Version-Release number of selected component (if applicable):
4.14
How reproducible:
When the Docker Rate Limit hits (I guess)! ( NOT ALWAYS OBSERVED )
Steps to Reproduce:
1. Go to Deploy Image form from Add Page 2. Type any image name: eg. docker.io/openshift/hello-openshift 3. Press Create Button
Actual results:
Error "Forbidden: registry "docker.io" not allowed by whitelist: "image-registry.openshift-image-registry.svc:5000", "quay.io:443"" for field "spec.tags[latest].from.name".
Screenshot:
https://drive.google.com/file/d/1UI14RNAq4NoBmHW-9jAvCFA-38qhZFYJ/view?usp=sharing
Expected results:
Form should Submit successfully
Additional info:
oc new-app --image=bitnami/nginx --> Found container image 7a094f9 (2 days old) from Docker Hub for "bitnami/nginx" * An image stream tag will be created as "nginx:latest" that will track this image--> Creating resources ... error: ImageStream.image.openshift.io "nginx" is invalid: spec.tags[latest].from.name: Forbidden: registry "docker.io:443" not allowed by whitelist: "image-registry.openshift-image-registry.svc:5000", "quay.io:443" W0531 21:50:01.299184 644492 warnings.go:70] would violate PodSecurity "restricted:latest": seccompProfile (pod or container "nginx" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps "nginx" created service "nginx" created --> Failed