IPv6 Distributed Cloud: System Controller cannot access external docker registry after ssl_ca and docker_registry certificates updated
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Andy |
Bug Description
Brief Description
-----------------
After ssl_ca and docker_registry certificates updated, system controller is not able to access cumulus
Severity
--------
Critical
Steps to Reproduce
------------------
generate new pair of certificate of ssl_ca & docker_registry
install both of them on system controller and wait for them sync over to subcloud
try to access to cumulus from system controller failed
Also tried
combine original ca_cert.pem with new ca-cert.pem
and install combined pem
only the one certificate is installed
TC-name:
Expected Behavior
------------------
access to cumulus success
Actual Behavior
----------------
access to cumulus failed
Reproducibility
---------------
Reproducible
System Configuration
-------
DC system
Lab-name: wcp_80-91
Branch/Pull Time/Commit
-------
2020-01-28_18-49-15
Last Pass
---------
unknow
Timestamp/Logs
--------------
[sysadmin@
+------
| Property | Value |
+------
| uuid | 5948c4e5-
| certtype | ssl_ca |
| signature | ssl_ca_
| start_date | 2018-08-
| expiry_date | 2021-06-
+------
[sysadmin@
[sysadmin@
v1.0: Pulling from gwaines/hellokitty
Digest: sha256:
Status: Image is up to date for tis-lab-
[sysadmin@
[sysadmin@
WARNING: For security reasons, the original certificate,
containing the private key, will be removed,
once the private key is processed.
+------
| Property | Value |
+------
| uuid | 5948c4e5-
| certtype | ssl_ca |
| signature | ssl_ca_
| start_date | 2020-01-30 16:15:40+00:00 |
| expiry_date | 2022-11-19 16:15:40+00:00 |
+------
[sysadmin@
Error response from daemon: Get https:/
[sysadmin@
Test Activity
-------------
Sanity Testing
summary: |
- IPv6 DC: System Controller not access to public registry after ssl_ca - and docker_registry certificates updated + IPv6 DC: System Controller not access to cumulus after ssl_ca and + docker_registry certificates updated |
summary: |
- IPv6 DC: System Controller not access to cumulus after ssl_ca and - docker_registry certificates updated + IPv6 DC: System Controller cannot access external docker registry after + ssl_ca and docker_registry certificates updated |
tags: | added: stx.distcloud |
summary: |
- IPv6 DC: System Controller cannot access external docker registry after - ssl_ca and docker_registry certificates updated + IPv6 Distributed Cloud: System Controller cannot access external docker + registry after ssl_ca and docker_registry certificates updated |
Changed in starlingx: | |
status: | Triaged → In Progress |
log @ /files. starlingx. kube.cengn. ca/launchpad/ 1861438
https:/