Description
Using a private registry which has a self-signed certificate cases a x509: certificate signed by unknown authority error when pulling an image. We have tried to add the certificate CA in /usr/local/share/ca-certificates like #2940 suggests but we cannot restart the containerd daemon as it is running on a Kubernetes node, to which we do not have access (it is running on the cloud provider's infrastructure).
Proposal
Create a way to provide the CA of a self signed certificate to containerd without restarting it, similar to how adding it to /etc/docker/certs.d/ works for the Docker daemon.
Steps to reproduce the issue:
- Start a private docker registry with a self-signed certificate
- Try to pull image from the registry
- See it fail
Describe the results you received:
Pulling an image causes a x509: certificate signed by unknown authority error
Describe the results you expected:
Successfully pulling the image
Output of containerd --version:
As containerd is running on the node, only thing we can provide is containerd://1.1.4
BestRegards,
@mnitchev && @alex-slynko
Description
Using a private registry which has a self-signed certificate cases a
x509: certificate signed by unknown authorityerror when pulling an image. We have tried to add the certificate CA in/usr/local/share/ca-certificateslike #2940 suggests but we cannot restart the containerd daemon as it is running on a Kubernetes node, to which we do not have access (it is running on the cloud provider's infrastructure).Proposal
Create a way to provide the CA of a self signed certificate to containerd without restarting it, similar to how adding it to
/etc/docker/certs.d/works for the Docker daemon.Steps to reproduce the issue:
Describe the results you received:
Pulling an image causes a
x509: certificate signed by unknown authorityerrorDescribe the results you expected:
Successfully pulling the image
Output of
containerd --version:As containerd is running on the node, only thing we can provide is
containerd://1.1.4BestRegards,
@mnitchev && @alex-slynko