Problem to solve
Describe your question in as much detail as possible:
Hello GitLab community!
I work at an entity where we want to create a private cloud using Red Hat OpenShift Container Platform (RHOCP).
But we do not want to use the RHOCP Internal Registry as much as possible.
The idea of the project is the following:
-
Create a container registry on a GitLab server installed on a virtual machine external to RHOCP.
-
Test uploading some containers to that registry from the RHOCP installation bastion using Podman.
-
Create some secrets to make RHOCP able to import container images hosted by hand or through GitLab CI.
-
Create the Deployments in RHOCP in .yml format and host them in GitLab.
-
Install and configure Argo CD.
-
Celebrate that we have a CI/CD system tailored to us.
I set the following in the file:
/etc/gitlab/gitlab.rb
- I’m going to use example.como as the FQDN, but I actually use the one for the entity
external_url ‘https://gitlab.example.com’
registry_external_url ‘https://gitlab.example.com:5005’
gitlab_rails[‘registry_enabled’] = true
gitlab_rails[‘registry_host’] = “gitlab.example.com”
gitlab_rails[‘registry_port’] = “5005”
gitlab_rails[‘registry_path’] = “/var/opt/gitlab/gitlab-rails/shared/registry”
gitlab_rails[‘registry_api_url’] = “http://127.0.0.1:5000”
gitlab_rails[‘registry_key_path’] = “/var/opt/gitlab/gitlab-rails/certificate.key”
registry[‘enable’] = true
registry[‘token_realm’] = “https://gitlab.example.com:443”
registry[‘registry_http_addr’] = “localhost:5000”
registry[‘log_directory’] = “/var/log/gitlab/registry”
registry[‘env_directory’] = “/opt/gitlab/etc/registry/env”
registry[‘env’] = {
‘SSL_CERT_DIR’ => “/opt/gitlab/embedded/ssl/certs/”
}
registry[‘log_level’] = “info”
registry[‘rootcertbundle’] = “/var/opt/gitlab/registry/gitlab-registry.crt”
registry_nginx[‘enable’] = true
registry_nginx[‘redirect_http_to_https’] = true
registry_nginx[‘listen_port’] = 5005
registry_nginx[‘ssl_certificate’] = “/etc/gitlab/ssl/example.com-chain.pem”
registry_nginx[‘ssl_certificate_key’] = “/etc/gitlab/ssl/example.key”
I open the ports in GitLab OS:
firewall-cmd --permanent --add-service=docker-registry
firewall-cmd --permanent --add-port=5005/tcp
firewall-cmd --reload
and restart the services:
gitlab-ctl reconfigure && gitlab-ctl restart
I connect to the RHOCP bastion using ssh:
I download the example image:
podman pull hello-world
We consult the data of the downloaded image:
podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
Quay latest 5dd467fce50b 8 weeks ago 787 kB
We authenticate ourselves to the GitLab registry using a Token:
Login Succeeded!
When trying to upload the example image to a repository, using the command:
podman push Quay gitlab.example.com/informatica/infraestructura/terraform
we found the following error message:
Getting image source signatures
Copying blob 2114fc8b7058 skipped: already exists
Copying config 5dd467fce5 done |
Writing manifest to image destination
Error: writing manifest: uploading manifest latest to gitlab.example.com/informatica/infraestructura/terraform: StatusCode: 404, “\n\n\n <meta content="wid …”
- What are you seeing, and how does that differ from what you expect to see?
- Consider including screenshots, error messages, and/or other helpful visuals
Steps to reproduce
Which troubleshooting steps have you already taken? Can you link to any docs or other resources so we know where you have been?
Configuration
Provide screenshots from the GitLab UI showing relevant configuration, if applicable.
On self-managed instances, add the relevant configuration settings or changes.
Versions
Please select whether options apply, and add the version information.
- [ X] Self-managed
- GitLab.com SaaS
Versions:
GitLab Ce on Premise Installed on Red Hat Enterprise Linux 9.4 (Plow) with Omni, Fapolicyd disabled,SELinux permissive on FIPS compliant S.O (DISA STIG)
GitLab v17.2.0
GitLab Shell 14.37.0
GitLab Workhorse v17.2.0
GitLab API v4
GitLab KAS 17.2.0
Ruby 3.1.5p253
Rails 7.0.8.4
PostgreSQL (main) 14.11
PostgreSQL (ci) 14.11
Redis 7.0.1
RHOCP Bastion:
S.O: Red Hat Enterprise Linux 9.4 (Plow)
Podman version: podman version 4.9.4-rhel