diff options
| author | Tom Atkins <tatkins@gitlab.com> | 2019-02-11 16:33:32 +0000 |
|---|---|---|
| committer | Tom Atkins <tatkins@gitlab.com> | 2019-02-11 16:33:32 +0000 |
| commit | 36854b9714f51a154f33c594fdb09c7da25be0e3 (patch) | |
| tree | f5e914d5c693057f8e72cd3fb92eff165c917e89 | |
| parent | d76ee907ecfa7e67ddea90015552e2e5ca987c47 (diff) | |
| parent | b88c93a53b5a87f040c2680970d8af44f3f443d1 (diff) | |
| download | gitlab-ce-36854b9714f51a154f33c594fdb09c7da25be0e3.tar.gz | |
Merge branch 'docs-abuango-registry-selfsigned-certs' into 'master'
Update on using self-signed certs with registry
See merge request gitlab-org/gitlab-ce!25086
| -rw-r--r-- | doc/administration/container_registry.md | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/doc/administration/container_registry.md b/doc/administration/container_registry.md index db0b3e1270c..60f1911fa2a 100644 --- a/doc/administration/container_registry.md +++ b/doc/administration/container_registry.md @@ -587,7 +587,9 @@ notifications: backoff: 1000 ``` -## Using self-signed certificates with Container Registry +## Troubleshooting + +### Using self-signed certificates with Container Registry If you're using a self-signed certificate with your Container Registry, you might encounter issues during the CI jobs like the following: @@ -599,12 +601,18 @@ Error response from daemon: Get registry.example.com/v1/users/: x509: certificat The Docker daemon running the command expects a cert signed by a recognized CA, thus the error above. -While GitLab doesn't support using self-signed certificates with Container -Registry out of the box, it is possible to make it work if you follow -[Docker's documentation][docker-insecure-self-signed]. You may find some additional -information in [issue 18239][ce-18239]. +While GitLab doesn't support using self-signed certificates with Container Registry out of the box, it is possible to make it work by [instructing the docker-daemon to trust the self-signed certificates][docker-insecure-self-signed], mounting the docker-daemon and setting `privileged = false` in the runner's `config.toml`. Setting `privileged = true` takes precedence over the docker-daemon. -## Troubleshooting +``` + [runners.docker] + image = "ruby:2.1" + privileged = false + volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"] +``` + +Additional information about this: [issue 18239][ce-18239]. + +### AWS S3 with the GitLab registry error when pushing large images When using AWS S3 with the GitLab registry, an error may occur when pushing large images. Look in the Registry log for the following error: |