Dragonfly2 icon indicating copy to clipboard operation
Dragonfly2 copied to clipboard
verified publisher icon dragonflyoss

How to change the preheat x509 error

Open gssjl2008 opened this issue 1 year ago • 2 comments

Configure deployment using the default helm

preheat

[root@xxxx ~]# curl  --location --request POST 'http://10.29.18.87:30175/api/v1/jobs'  --header 'Content-Type: application/json' -d '{"type": "preheat", "args": { "type": "image", "url": "https://10.29.0.41/v2/release.io/virtnest/system-images/ubuntu-22.04-x86_64/manifests/v1"}}'
{"message":"Get \"https://10.29.0.41/v2/\": tls: failed to verify certificate: x509: certificate has expired or is not yet valid: current time 2024-04-22T08:44:35Z is after 2024-01-02T11:47:53Z"}[root@xxxx ~]#

how to solve

gssjl2008 avatar Apr 22 '24 08:04 gssjl2008

image Refer to https://d7y.io/docs/next/reference/configuration/manager, https://github.com/dragonflyoss/helm-charts/blob/main/charts/dragonfly/values.yaml#L176.

gaius-qi avatar Apr 22 '24 09:04 gaius-qi

Can I skip certificates when post requests?

[root@master-18-86 ~]# cat /etc/containerd/certs.d/10.29.0.41/hosts.toml
server = "https://10.29.0.41"
[host."http://127.0.0.1:65001"]
  capabilities = ["pull", "resolve"]
  [host."http://127.0.0.1:65001".header]
  X-Dragonfly-Registry = ["https://10.29.0.41"]
[host."https://10.29.0.41"]
  capabilities = ["pull", "resolve"]
  skip_verify = true

I set skip_verify to true, but it has no effect on post requests

gssjl2008 avatar Apr 22 '24 13:04 gssjl2008

Refer to https://d7y.io/docs/next/advanced-guides/preheat/#harbor.

gaius-qi avatar Apr 23 '25 11:04 gaius-qi