OpenShift Docker login issue

Question

I have set up a local OpenShift instance and installed the docker registry according to the Red Hat instructions. I am having trouble logging into the internal docker registry, however. I'm sure it is some gap in my understanding of how Docker and/or OpenShift works. I have given my user the admin, cluster-admin, and system:registry roles, which is what I believe I need. I login via oc, and then attempt to log into the registry like so:

docker login -u $(oc whoami) -e 'xxxxxx' -p $(oc whoami -t) $(hostname):8443

and I get the following response:

Error response from daemon: Unexpected status code [403] : {
    "kind": "Status",
    "apiVersion": "v1",
    "metadata": {},
    "status": "Failure",
    "message": "User \"system:anonymous\" cannot \"post\" on \"/v1/users/\"",
    "reason": "Forbidden",
    "details": {},
    "code": 403
}

I'm not finding much about this particular error message, so I'm not sure what the heck I'm missing.

Answer 1

Should have been using the internal docker IP:

# oc get svc docker-registry -n default
NAME              CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE
docker-registry   172.30.10.52   <none>        5000/TCP   9h

Answer 2

If you are accessing the docker registry outside the openshift cluster. Theses are the things you will have to do.

Create a route for the service (either from cli or web console). oc create route --service=<registryName> If you are using self signed certs, add this route to your host machine's insecure docker registry options (depends on what host machine you are using). Then try doing a docker login to the docker registry. You said you installed a registry inside openshift, they already have a docker registry running inside openshift.