<div dir="ltr">Hi,<div><br></div><div>I added <span class="" style="white-space:pre"> </span>-e REGISTRY_AUTH_TOKEN_SERVICE="<a href="http://192.168.1.20:5000">192.168.1.20:5000</a>" as suggested above. And enabled debug mode with stout log massages as suggested. </div><div><br></div><div>Now i can see below logs,</div><div><br></div><div><div>time="2016-01-25T09:50:15.967721182+13:00" level=debug msg="filesystem.List(\"/\")" <a href="http://instance.id">instance.id</a>=92f79a6e-4330-422b-9833-03bd9201b3a6 service=registry trace.duration=125.467µs trace.file="/go/src/<a href="http://github.com/docker/distribution/registry/storage/driver/base/base.go">github.com/docker/distribution/registry/storage/driver/base/base.go</a>" trace.func="<a href="http://github.com/docker/distribution/registry/storage/driver/base.(*Base).List">github.com/docker/distribution/registry/storage/driver/base.(*Base).List</a>" <a href="http://trace.id">trace.id</a>=474f03d6-233f-4a6a-97d8-307fc389b594 trace.line=123 version=v2.1.1 </div><div><br></div><div>time="2016-01-25T09:50:25.806341211+13:00" level=debug msg="authorizing request" http.request.host="<a href="http://192.168.1.20:5000">192.168.1.20:5000</a>" <a href="http://http.request.id">http.request.id</a>=6b96abae-ecca-4891-ab53-18f9d5babe4a http.request.method=GET http.request.remoteaddr="<a href="http://192.168.1.30:21734">192.168.1.30:21734</a>" http.request.uri="/v2/" http.request.useragent="docker/1.9.1-fc23 go/go1.5.1 git-commit/110aed2-dirty kernel/4.3.3-300.fc23.x86_64 os/linux arch/amd64" <a href="http://instance.id">instance.id</a>=92f79a6e-4330-422b-9833-03bd9201b3a6 service=registry version=v2.1.1 </div><div><br></div><div>time="2016-01-25T09:50:25.806495043+13:00" level=info msg="response completed" http.request.host="<a href="http://192.168.1.20:5000">192.168.1.20:5000</a>" <a href="http://http.request.id">http.request.id</a>=6b96abae-ecca-4891-ab53-18f9d5babe4a http.request.method=GET http.request.remoteaddr="<a href="http://192.168.1.30:21734">192.168.1.30:21734</a>" http.request.uri="/v2/" http.request.useragent="docker/1.9.1-fc23 go/go1.5.1 git-commit/110aed2-dirty kernel/4.3.3-300.fc23.x86_64 os/linux arch/amd64" http.response.contenttype="application/json; charset=utf-8" http.response.duration=4.930233ms http.response.status=200 http.response.written=2 <a href="http://instance.id">instance.id</a>=92f79a6e-4330-422b-9833-03bd9201b3a6 service=registry version=v2.1.1 </div><div><br></div><div>192.168.1.30 -- [25/Jan/2016:09:50:25 +1300] "GET /v2/ HTTP/1.1" 200 2 "" "docker/1.9.1-fc23 go/go1.5.1 git-commit/110aed2-dirty kernel/4.3.3-300.fc23.x86_64 os/linux arch/amd64"<br></div><div><br></div><div>time="2016-01-25T09:50:25.967676129+13:00" level=debug msg="filesystem.List(\"/\")" <a href="http://instance.id">instance.id</a>=92f79a6e-4330-422b-9833-03bd9201b3a6 service=registry trace.duration=110.255µs trace.file="/go/src/<a href="http://github.com/docker/distribution/registry/storage/driver/base/base.go">github.com/docker/distribution/registry/storage/driver/base/base.go</a>" trace.func="<a href="http://github.com/docker/distribution/registry/storage/driver/base.(*Base).List">github.com/docker/distribution/registry/storage/driver/base.(*Base).List</a>" <a href="http://trace.id">trace.id</a>=9e90391a-ff1d-4122-a73e-188388ebd28b trace.line=123 version=v2.1.1 </div></div><div><br></div><div><br></div><div>we have proxy in network and its IP 192.168.1.30.</div><div><br></div><div>I am not using ssl certificate here and i set insecure-registry in configuration.</div><div><br></div><div>I enabled ldap in portus and i can do ldap authentication for portus interface access.</div><div><br></div><div>Here, my confusion is that, when i do docker login <a href="http://192.168.1.20:5000">192.168.1.20:5000</a> , is it goes to portus for ldap authentication check for entering username /passwd and email id in docker login command ? or </div><div><br></div><div>Here i haven't configure any nginx or any other setup.</div><div><br></div><div>Please let me know if i m missing anything here.</div><div><br></div><div>my docker registry command,</div><div><br></div><div><span style="color:rgb(80,0,80);font-size:12.8px">docker run \</span><br style="color:rgb(80,0,80);font-size:12.8px"><span style="color:rgb(80,0,80);font-size:12.8px">-d --restart=always --name registry \</span><br style="color:rgb(80,0,80);font-size:12.8px"><span style="color:rgb(80,0,80);font-size:12.8px">-e REGISTRY_LOG_LEVEL=debug \</span><br style="color:rgb(80,0,80);font-size:12.8px"><span style="color:rgb(80,0,80);font-size:12.8px">-p 5000:5000 \</span><br style="color:rgb(80,0,80);font-size:12.8px"><span style="color:rgb(80,0,80);font-size:12.8px">-e SEARCH_BACKEND=sqlalchemy \</span><br style="color:rgb(80,0,80);font-size:12.8px"><span style="color:rgb(80,0,80);font-size:12.8px">-e REGISTRY_AUTH_TOKEN_REALM="</span><a href="http://192.168.1.20:3000/v2/token" rel="noreferrer" target="_blank" style="font-size:12.8px">http://192.168.1.20:3000/v2/token</a><span style="color:rgb(80,0,80);font-size:12.8px">" \</span><br style="color:rgb(80,0,80);font-size:12.8px"><span style="color:rgb(80,0,80);font-size:12.8px">-e REGISTRY_AUTH_TOKEN_SERVICE="</span><a href="http://192.168.1.20:5000/" rel="noreferrer" target="_blank" style="font-size:12.8px">192.168.1.20:5000</a><span style="color:rgb(80,0,80);font-size:12.8px">" \</span></div><div>-e REGISTRY_AUTH_TOKEN_SERVICE="<a href="http://192.168.1.20:5000">192.168.1.20:5000</a>" \<span style="color:rgb(80,0,80);font-size:12.8px"><br></span></div><div><span style="color:rgb(80,0,80);font-size:12.8px">-v /home/test/data:/var/lib/regis</span><span style="color:rgb(80,0,80);font-size:12.8px">try \</span><br style="color:rgb(80,0,80);font-size:12.8px"><span style="color:rgb(80,0,80);font-size:12.8px">registry:2.1</span><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Jan 22, 2016 at 10:04 PM, Jordi Massaguer Pla <span dir="ltr"><<a href="mailto:jmassaguerpla@suse.de" target="_blank">jmassaguerpla@suse.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span class="">
<br>
<br>
<div>On 01/21/2016 09:41 PM, Benjamin
Fernandis wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi,
<div><br>
</div>
<div>I have docker registry on another host and portus i
opensuse vm.</div>
<div><br>
</div>
<div>currently I can do ldap authentication to access portus web
interface and i can see global name space and my own
namespace, all working in that.</div>
<div><br>
</div>
<div>but when i tried to do docker login
<docker_registry:5000> not working. And i got <span style="font-size:12.8px">Error response from daemon: no
successful auth challenge for </span><a href="http://192.168.1.20:5000/v2/" style="font-size:12.8px" target="_blank"></a><a href="http://192.168.1.20:5000/v2/" target="_blank">http://192.168.1.20:5000/v2/</a><span style="font-size:12.8px"> - errors: []</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px">portus (opensuse vm ) -
192.168.1.10</span></div>
<div><span style="font-size:12.8px">docker (registry container
on different host but it is accessible from portus ) - <a href="http://192.168.1.20:5000" target="_blank">192.168.1.20:5000</a></span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
<div><span style="font-size:12.8px">Do i require to do any other
configuration for this or ?</span></div>
<div><span style="font-size:12.8px"><br>
</span></div>
</div>
</blockquote>
<br></span>
Please try the following. On 192.168.1.20, stop registry as a daemon
and start it manually. If it is SUSE, you can do that with<br>
<br>
sudo registry /etc/config.yml<br>
<br>
This will show you the log in the stdout.<br>
<br>
Then try again and look for a better explanation of the error.<br>
<br>
You may want also to enable debug in config.yml file.<br>
<br>
My guess is that you may have some ssl certs issues. Communication
between portus and the registry is done using ssl certificates. You
can try running registry with and insecure flag (see registry
--help) to test if that is the case. If so, you need to add portus
certificate in your system.<br>
<br>
In order to do that, you need to add your certificate authority
(*ca.crt) into /etc/pki/trust/anchors/ and then run sudo
update-ca-certificates (assuming you are running suse).<br>
<br>
I hope this helps.<br>
<br>
Otherwise, send us the output of the registry command which may give
us a clue.<div><div class="h5"><br>
<br>
<blockquote type="cite">
<div dir="ltr">
<div><span style="font-size:12.8px"><br>
</span></div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Jan 21, 2016 at 11:32 PM, Jordi
Massaguer Pla <span dir="ltr"><<a href="mailto:jmassaguerpla@suse.de" target="_blank">jmassaguerpla@suse.de</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> <font size="-1">I
guess you have not run portusctl command.<br>
<br>
After installing the rpm, you need to run<br>
<br>
"portusctl setup --local-registry"<br>
<br>
I am assuming you have a docker registry running on your
box (install it with zypper install
docker-distribution-registry)<br>
<br>
Also, make sure you have mariadb installed and running.<br>
<br>
cheers<br>
</font>
<div>
<div><br>
<div>On 01/21/2016 03:12 AM, Benjamin Fernandis wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">i pass below variable to docker
registry container ,
<div><br>
</div>
<div>
<div>docker run \</div>
<div><span style="white-space:pre-wrap"> </span>-d
--restart=always --name registry \</div>
<div><span style="white-space:pre-wrap"> </span>-e
REGISTRY_LOG_LEVEL=debug \</div>
<div><span style="white-space:pre-wrap"> </span>-p
5000:5000 \</div>
<div><span style="white-space:pre-wrap"> </span>-e
SEARCH_BACKEND=sqlalchemy \</div>
<div><span style="white-space:pre-wrap"> </span>-e
REGISTRY_AUTH_TOKEN_REALM="<a href="http://192.168.1.20:3000/v2/token" target="_blank"></a><a href="http://192.168.1.20:3000/v2/token" target="_blank">http://192.168.1.20:3000/v2/token</a>"
\</div>
<div><span style="white-space:pre-wrap"> </span>-e
REGISTRY_AUTH_TOKEN_SERVICE="<a href="http://192.168.1.20:5000" target="_blank">192.168.1.20:5000</a>" \</div>
<div><span style="white-space:pre-wrap"> </span>-v
/home/test/data:/var/lib/registry \</div>
<div><span style="white-space:pre-wrap"> </span>
registry:2.1</div>
</div>
<div><br>
</div>
<div>where 192.168.1.20 is IP for docker registry.</div>
<div><br>
</div>
<div>but still i can not do login by docker login
command line. Do i require to add anything in
portus ?</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Jan 21, 2016 at
2:04 PM, Benjamin Fernandis <span dir="ltr"><<a href="mailto:benjo11111@gmail.com" target="_blank"></a><a href="mailto:benjo11111@gmail.com" target="_blank">benjo11111@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">I deployed portus on oepnsuse.
I can not find /etc/registry/cofig.yml file
in portus machine.
<div><br>
</div>
<div>do i require to add above lines in
docker registry container or in portus vm?</div>
<div><br>
</div>
</div>
<div>
<div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Jan 21,
2016 at 2:00 PM, Aleksa Sarai <span dir="ltr"><<a href="mailto:asarai@suse.de" target="_blank"></a><a href="mailto:asarai@suse.de" target="_blank">asarai@suse.de</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span>On
01/21/2016 11:53 AM, Benjamin
Fernandis wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> Hi
Miquel,<br>
<br>
I deployed rpm version on
opensuse and it is working fine.<br>
<br>
Can you please guide me what is
require to enable login in
docker<br>
command line.<br>
<br>
currently i tested portus
integration with docker registry
and ldap<br>
authentication to pourtus from
web interface.<br>
<br>
trying to do command line docker
login and getting below error.<br>
<br>
Error response from daemon: no
successful auth challenge for<br>
<a href="http://192.168.1.20:5000/v2/" rel="noreferrer" target="_blank">http://192.168.1.20:5000/v2/</a>
- errors: []<br>
</blockquote>
<br>
</span> Are you running Portus using
docker-compose? If so, you need
docker-compose version 1.5.2 or
later.<br>
<br>
Otherwise, please make sure that
your *daemon* can access the IP
address of the docker registry given
in in /etc/registry/config.yml<br>
in the "realm" field:<br>
<br>
auth:<br>
token:<br>
realm: <a href="http://172.17.0.1:3000/v2/token" rel="noreferrer" target="_blank"></a><a href="http://172.17.0.1:3000/v2/token" target="_blank">http://172.17.0.1:3000/v2/token</a><br>
service: <a href="http://172.17.0.1:5000" rel="noreferrer" target="_blank">172.17.0.1:5000</a><br>
<br>
And that the "service" is the same
as the one you registered when you
first started Portus (this is more
likely to be the cause).<span><font color="#888888"><br>
<br>
-- <br>
Aleksa Sarai<br>
Docker Core Specialist<br>
SUSE Australia<br>
<a href="https://www.cyphar.com/" rel="noreferrer" target="_blank">https://www.cyphar.com/</a></font></span>
<div>
<div><br>
_______________________________________________<br>
Containers mailing list<br>
<a href="mailto:Containers@lists.suse.com" target="_blank">Containers@lists.suse.com</a><br>
<a href="http://lists.suse.com/mailman/listinfo/containers" rel="noreferrer" target="_blank">http://lists.suse.com/mailman/listinfo/containers</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
Containers mailing list
<a href="mailto:Containers@lists.suse.com" target="_blank">Containers@lists.suse.com</a>
<a href="http://lists.suse.com/mailman/listinfo/containers" target="_blank">http://lists.suse.com/mailman/listinfo/containers</a>
</pre>
</blockquote>
<br>
</div>
</div>
</div>
<br>
_______________________________________________<br>
Containers mailing list<br>
<a href="mailto:Containers@lists.suse.com" target="_blank">Containers@lists.suse.com</a><br>
<a href="http://lists.suse.com/mailman/listinfo/containers" rel="noreferrer" target="_blank">http://lists.suse.com/mailman/listinfo/containers</a><br>
<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
Containers mailing list
<a href="mailto:Containers@lists.suse.com" target="_blank">Containers@lists.suse.com</a>
<a href="http://lists.suse.com/mailman/listinfo/containers" target="_blank">http://lists.suse.com/mailman/listinfo/containers</a>
</pre>
</blockquote>
<br>
</div></div></div>
<br>_______________________________________________<br>
Containers mailing list<br>
<a href="mailto:Containers@lists.suse.com">Containers@lists.suse.com</a><br>
<a href="http://lists.suse.com/mailman/listinfo/containers" rel="noreferrer" target="_blank">http://lists.suse.com/mailman/listinfo/containers</a><br>
<br></blockquote></div><br></div>