[podman] User guide for setting up kind with local registry does not work

[gitnakar]

What would you like to be documented:

Trying to follow the user guide on setting up Kind cluster with local registry does not seem to work. After running the script as is, I get an error on step 3 Then we’ll push it to the registry docker push localhost:5001/hello-app:1.0. Error is pinging container registry localhost:5001: Get "https://localhost:5001/v2/": http: server gave HTTP response to HTTPS client.

Why is this needed: Following the documentation should simply work and common pitfalls should be addressed in the documentation.

[BenTheElder]

Error is pinging container registry localhost:5001: Get "https://localhost:5001/v2/": http: server gave HTTP response to HTTPS client.

Can you please share the exact steps used and the full output? Are you using docker or podman? What version etc (docker info or podman info output)

[gitnakar]

Steps: podman machine init --cpus 8 -m 4096 podman machine start

Then I execute the script provided in the link above. Also from the link, I followed up to step 1 and 2. Running step 3 gives me the above error.

I am using podman and podman info result is here.

Error is on running this command as per the link - docker push localhost:5001/hello-app:1.0 and the error is Getting image source signatures Copying blob sha256:e624a5370eca2b8266e74d179326e2a8767d361db14d13edd9fb57e408731784 Copying blob sha256:54ad2ec71039b74f7e82f020a92a8c2ca45f16a51930d539b56973a18b8ffe8d Copying blob sha256:6fbdf253bbc2490dcfede5bdb58ca0db63ee8aff565f6ea9f918f3bce9e2d5aa Copying blob sha256:7bea6b893187b14fc0a759fe5f8972d1292a9c0554c87cbf485f0947c26b8a05 Copying blob sha256:ff5700ec54186528cbae40f54c24b1a34fb7c01527beaa1232868c16e2353f52 Copying blob sha256:d52f02c6501c9c4410568f0bf6ff30d30d8290f57794c308fe36ea78393afac2 Copying blob sha256:1a73b54f556b477f0a8b939d13c504a3b4f4db71f7a09c63afbc10acb3de5849 Copying blob sha256:d2d7ec0f6756eb51cf1602c6f8ac4dd811d3d052661142e0110357bf0b581457 Copying blob sha256:f33e343848bd9064955eb26f7cdaa1a313116ff7cbae32b1b539dbcee622a593 Copying blob sha256:714f56238fb5a6e9cde67167648f2d4af7702c2fa07b9de428970fb9b0693e4c Copying blob sha256:c8beeff22ce7a27d75ad5f57277fc1859f7107f02a2c0548b9e892fe53fffb5d Copying blob sha256:2883002ec21d60c793fddf41727f5461337857fb2f24c8a0ac76ce6ea98df50c Copying blob sha256:4cb10dd2545bd173858450b80853b850e49608260f1a0789e0d0b39edf12f500 Error: trying to reuse blob sha256:54ad2ec71039b74f7e82f020a92a8c2ca45f16a51930d539b56973a18b8ffe8d at destination: pinging container registry localhost:5001: Get "https://localhost:5001/v2/": http: server gave HTTP response to HTTPS client

[BenTheElder]

Podman has somewhat limited support, we just only have so much time and podman has been a far less stable target and Kubernetes/Kubernetes develops with docker.

This is a configuration difference in the podman client, docker allows HTTP on localhost by default, apparently podman does not.

I don't think there's any easy solution in the guide, podman should allow HTTP on loopback. It's not going to be reasonable to provision HTTPS certs for a machine-local registry.

[BenTheElder]

As far as I know this is configurable in podman, so it's possible you have some local config vs podman defaults as well.

I think you can add --tls-verify=false to the push command, but that's a podman specific flag.

[idletea]

A workaround I'm using:

read -r -d '' registry_conf <<EOF
[[registry]]
location = "localhost:5001"
insecure = true
EOF
podman machine ssh --username=root sh -c 'cat > /etc/containers/registries.conf.d/local.conf' <<<$registry_conf