Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: 4.17, 4.18
Component/s: oc
Labels:
None

Severity:
Moderate
Regression:
No
Release Blocker:
Rejected
Blocked:
False
Blocked Reason:

Hide

None

Show
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Description of problem:

    `oc image mirror` and `oc image info` don't support IDMS and ITMS, and there is no options like `--icsp-file` for using.

Version-Release number of selected component (if applicable):

oc version
Client Version: 4.18.0-0.nightly-2024-11-13-182254
Kustomize Version: v5.4.2
Server Version: 4.18.0-0.nightly-2024-11-13-182254
Kubernetes Version: v1.31.2

How reproducible:

    always

Steps to Reproduce:

    1.Create idms and itms for repository
$oc get itms tag-mirror-aosqe -o yaml
apiVersion: config.openshift.io/v1
kind: ImageTagMirrorSet
metadata:
  creationTimestamp: "2024-11-14T07:24:12Z"
  generation: 1
  name: tag-mirror-aosqe
  resourceVersion: "123395"
  uid: a7833ffd-1602-4585-a42a-b99f0a4478d4
spec:
  imageTagMirrors:
  - mirrors:
    - ec2-3-82-53-159.compute-1.amazonaws.com:5000/openshifttest
    source: quay.io/openshifttest

$oc get idms digest-mirror-aosqe -o yaml
apiVersion: config.openshift.io/v1
kind: ImageDigestMirrorSet
metadata:
  creationTimestamp: "2024-11-14T07:24:02Z"
  generation: 1
  name: digest-mirror-aosqe
  resourceVersion: "123336"
  uid: 981a95b2-305b-4741-a4c5-d5acfece1daf
spec:
  imageDigestMirrors:
  - mirrors:
    - ec2-3-82-53-159.compute-1.amazonaws.com:5000/openshifttest
    source: quay.io/openshifttest
$oc debug node/ip-10-9-1-202.ec2.internal
sh-5.1# chroot /host
sh-5.1#  cat /etc/containers/registries.conf  | grep openshifttest -A 3 -B 3
[[registry]]
  prefix = ""
  location = "quay.io/openshifttest"  
[[registry.mirror]]
    location = "ec2-3-82-53-159.compute-1.amazonaws.com:5000/openshifttest"
    pull-from-mirror = "digest-only"  
[[registry.mirror]]
    location = "ec2-3-82-53-159.compute-1.amazonaws.com:5000/openshifttest"
    pull-from-mirror = "tag-only"

    2.Check the two commands

    3.

Actual results:

$oc image info quay.io/openshifttest/busybox@sha256:c5439d7db88ab5423999530349d327b04279ad3161d7596d2126dfb5b02bfd1f   --loglevel=8  -a .dockerconfigjson
I1114 16:12:54.413429   17212 client_mirrored.go:175] Attempting to connect to quay.io/openshifttest/busybox
I1114 16:12:54.413538   17212 round_trippers.go:463] GET https://quay.io/v2/
I1114 16:12:54.413543   17212 round_trippers.go:469] Request Headers:
I1114 16:12:54.413551   17212 round_trippers.go:473]     User-Agent: oc/4.18.0 (darwin/amd64) kubernetes/5110357
I1114 16:12:54.921585   17212 round_trippers.go:574] Response Status:  in 508 milliseconds
I1114 16:12:54.921640   17212 round_trippers.go:577] Response Headers:
I1114 16:12:54.921722   17212 workqueue.go:143] about to send work queue error: unable to read image quay.io/openshifttest/busybox@sha256:c5439d7db88ab5423999530349d327b04279ad3161d7596d2126dfb5b02bfd1f: Get "https://quay.io/v2/": Service Unavailable
error: unable to read image quay.io/openshifttest/busybox@sha256:c5439d7db88ab5423999530349d327b04279ad3161d7596d2126dfb5b02bfd1f: Get "https://quay.io/v2/": Service Unavailable
I1114 16:12:54.921796   17212 workqueue.go:54] worker 0 stopping    

$ oc image mirror quay.io/openshifttest/busybox@sha256:c5439d7db88ab5423999530349d327b04279ad3161d7596d2126dfb5b02bfd1f=default-route-openshift-image-registry.apps.wxj-c2s14.govcloudemu.devcluster.openshift.com/wxj/busybox:latest -a
.dockerconfigjson --insecure --loglevel=8
I1114 16:13:18.115417   17291 mirror.go:462] Using scopes for registry {docker default-route-openshift-image-registry.apps.wxj-c2s14.govcloudemu.devcluster.openshift.com}: [repository:wxj/busybox:pull,push]
I1114 16:13:18.115472   17291 mirror.go:257] Find source=true registry with imagesource.TypedImageReference{Type:"docker", Ref:reference.DockerImageReference{Registry:"quay.io", Namespace:"openshifttest", Name:"busybox", Tag:"", ID:""}}
I1114 16:13:18.115601   17291 client_mirrored.go:175] Attempting to connect to quay.io/openshifttest/busybox
I1114 16:13:18.115784   17291 round_trippers.go:463] GET https://quay.io/v2/
I1114 16:13:18.115808   17291 round_trippers.go:469] Request Headers:
I1114 16:13:18.115818   17291 round_trippers.go:473]     User-Agent: oc/4.18.0 (darwin/amd64) kubernetes/5110357
I1114 16:13:18.709029   17291 round_trippers.go:574] Response Status:  in 593 milliseconds
I1114 16:13:18.709063   17291 round_trippers.go:577] Response Headers:
I1114 16:13:18.709101   17291 client.go:322] Falling back to an HTTP check for an insecure registry https://quay.io: Get "https://quay.io/v2/": Service Unavailable
I1114 16:13:18.709154   17291 round_trippers.go:463] GET http://quay.io/v2/
I1114 16:13:18.709162   17291 round_trippers.go:469] Request Headers:
I1114 16:13:18.709173   17291 round_trippers.go:473]     User-Agent: oc/4.18.0 (darwin/amd64) kubernetes/5110357
I1114 16:13:19.322736   17291 round_trippers.go:574] Response Status: 503 Service Unavailable in 613 milliseconds
I1114 16:13:19.322773   17291 round_trippers.go:577] Response Headers:
I1114 16:13:19.322787   17291 round_trippers.go:580]     Via: 1.1 ip-10-9-0-59.ec2.internal (squid/4.9)
I1114 16:13:19.322801   17291 round_trippers.go:580]     Server: squid/4.9
I1114 16:13:19.322814   17291 round_trippers.go:580]     Date: Thu, 14 Nov 2024 08:13:19 GMT
I1114 16:13:19.322823   17291 round_trippers.go:580]     Content-Type: text/html;charset=utf-8
I1114 16:13:19.322831   17291 round_trippers.go:580]     Vary: Accept-Language
I1114 16:13:19.322839   17291 round_trippers.go:580]     Content-Language: en
I1114 16:13:19.322845   17291 round_trippers.go:580]     X-Cache: MISS from ip-10-9-0-59.ec2.internal
I1114 16:13:19.322851   17291 round_trippers.go:580]     X-Cache-Lookup: MISS from ip-10-9-0-59.ec2.internal:3128
I1114 16:13:19.322857   17291 round_trippers.go:580]     Mime-Version: 1.0
I1114 16:13:19.322865   17291 round_trippers.go:580]     Content-Length: 3822
I1114 16:13:19.322871   17291 round_trippers.go:580]     X-Squid-Error: ERR_DNS_FAIL 0
I1114 16:13:19.322877   17291 round_trippers.go:580]     Connection: keep-alive
I1114 16:13:19.322898   17291 client.go:336] Registry responded to v2 Docker endpoint, but has no header for Docker Distribution http://quay.io/v2/: 503, http.Header{"Connection":[]string{"keep-alive"}, "Content-Language":[]string{"en"}, "Content-Length":[]string{"3822"}, "Content-Type":[]string{"text/html;charset=utf-8"}, "Date":[]string{"Thu, 14 Nov 2024 08:13:19 GMT"}, "Mime-Version":[]string{"1.0"}, "Server":[]string{"squid/4.9"}, "Vary":[]string{"Accept-Language"}, "Via":[]string{"1.1 ip-10-9-0-59.ec2.internal (squid/4.9)"}, "X-Cache":[]string{"MISS from ip-10-9-0-59.ec2.internal"}, "X-Cache-Lookup":[]string{"MISS from ip-10-9-0-59.ec2.internal:3128"}, "X-Squid-Error":[]string{"ERR_DNS_FAIL 0"}}error: unable to retrieve source image quay.io/openshifttest/busybox manifest sha256:c5439d7db88ab5423999530349d327b04279ad3161d7596d2126dfb5b02bfd1f: endpoint "http://quay.io" does not support v2 API (got 503 Service Unavailable)
error: an error occurred during planning
I1114 16:13:19.323255   17291 workqueue.go:54] worker 4 stopping

Expected results:

The two commands should support IDMS and ITMS

Additional info:

is cloned by

OCPBUGS-44634 Need deprecate --icsp-file and add --idms-file option for `oc image info`

Assignee:: Arda Guclu

Reporter:: XiuJuan Wang

QA Contact:: XiuJuan Wang

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2024/11/14 8:15 AM

Updated:: 2024/11/18 1:41 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates