cancel
Showing results for 
Search instead for 
Did you mean: 
BODALIA
Mission Specialist
Mission Specialist
  • 12.1K Views

podman login command gives error:authenticating credentials

Jump to solution

Looks like a simple question with a simple answer but it is not working for me in my VMware Rhel9 machine that I have set up. I have successfully installed container-tools, but am unable to log in to the container registry. I am using my username and password that I used to register the machine, the same as the one I use to log in to my course RHCSA Rapid Track

Can anyone help me please?

Thanks,

Usha

Labels (1)
Tags (2)
24 Replies
BODALIA
Mission Specialist
Mission Specialist
  • 6,339 Views

Hi Tess,

thank you for your response. I have done the following as I suspected that too.

nmcli con add con-name new-con ifname ens160 type ethernet ipv4.method manual ipv4.addresses 192.168.83.133/24 ipv4.gateway192.168.83.2 ipv4.dns192.168.83.2 connection.autoconnect yes

nmcli con up new-con

nmcli con mod ens160 connection.autoconnect no 

nmcli con show....gives the following

NAME UUID TYPE DEVICE
new-con 89453323-c2ee-4a0f-a7fa-699b59daf26f ethernet ens160

I also reinstalled and restarted httpd, which started on port 80

and to make sure I ran

firewall-cmd --add-service http; firewall-cmd --add-port 80/tcp --permanent; firewall-cmd --reload

Please see output now. I still can not login to registry.access.redhat.com, when I run podman login --get-login it tells me it is not logged in. I used the same dns ipaddress that came with the orginal network connection that was set up when I installed Linux V9 - and ping works

BODALIA_0-1686758534271.png

 

 

0 Kudos
Tess
Flight Engineer
Flight Engineer
  • 6,305 Views

Many of the things you're describing have zero, no relation whatsoever, with podman login to a remote registry. Having a httpd running locally, or having the firewall open to your own httpd is not related at all. 

But, it's good that you included your screenshot, because it makes me realize something I'd overlooked: you're running RHEL inside a VMWare Fusion VM on MacOS. 

So now we know which aspects to troubleshoot. 

  1. Why are you manually configuring the NIC of your RHEL VM? VMWare Fusion could be giving all the required settings via DHCP.
  2. Since you're manually setting the configuration, are you sure these settings are correct? How do you know these settings are correct? 
  3. What settings have you applied to the virtual NIC of the VM in VMWare? Did you set it to NAT? To bridged? Or even host-only? 

 

EDIT: 

Your screenshot does not actually show the error message that you quoted earlier. In fact, your screenshot suggests that there is a working network connection. 

So can you confirm that you can correctly:

??

0 Kudos
BODALIA
Mission Specialist
Mission Specialist
  • 3,925 Views
Hi Tess, thank you for your response. I manually set it to make sure all the parameters in setting the network were included, that I learnt from the course, and it seems to work after a reboot – that’s all. The IP addresses that I used were the ones that were set on the original network connection, so I did not change the dns that was already given in the build of the Redhat machine vmware fusion. Could it be that this machine is an Alma Linux, or should that make no difference?

What settings have you applied to the virtual NIC of the VM in VMWare? Did you set it to NAT? I have not done this before, so I don’t really know what you mean or what I need to do here.

I only did the http settings because you asked me if I could ‘curl’ and I could not. So I set the firewall and selinux for it - the only setting I did not set for this was the “semanage -a -t http_port_t -p tcp 80” command.

Kind regards,
Usha

Unless otherwise stated above:

IBM United Kingdom Limited
Registered in England and Wales with number 741598
Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU
0 Kudos
Tess
Flight Engineer
Flight Engineer
  • 2,936 Views

I did not ask you to curl anything, that was @Chetan_Tiwary_ . But, you have misunderstood what they were asking. Chetan did not ask you if you can curl your own host, they asked if you can curl the registry server. 

Again, setting up a httpd (with firewall rules) on your RedHat workstation is not relevant to this situation. The problem with your VM is one of simple networking. 

 

> " I manually set it to make sure all the parameters in setting the network were included,
> that I learnt from the course, and it seems to work after a reboot – that’s all."

You cannot simply take settings that worked in the RedHat training labs and apply them to your own VM, while hoping they will work. Your VM on your VMWare Fusion has a different network configuration, than the VM in the RedHat training labs.

 

> " I have not done this before, so I don’t really know what you mean or what I need to do here."

In order for your RedHat VM on your Mac to have network access, it needs a number of things. 1) The VM needs to have a virtual network card (which it does!), 2) the virtual network card must be connected to your Mac's network (either in bridged mode or in NAT mode), 3) your VM must be configured to use the network settings that apply to the environment from step 2. 

If your VM is configured to provide networking via NAT, you must set your RedHat VM to use DHCP. If your VM is configured to provide networking via bridge mode, then you must first figure out what the network you are on requires: does it need hard-coded settings or DHCP?

If you cannot work with these instructions and guidance, then I suggest you first learn a bit more about TCP/IP networking in general. You need to understand how virtual machines and hypervisors work with network access. 

Once the networking setup is correct, the following three will work.

After that, you can retry the podman login

0 Kudos
BODALIA
Mission Specialist
Mission Specialist
  • 2,789 Views

apologies, just saw the last part of your message. In summary, I've checked that the NAT is set on vmware fusion, but I have not changed this, and all three

ping 8.8.8.8; nslookup www.google.com; ping www.google.com work
And although I am also able to bring up the webconsole from firefox, curl http://localhost:9090 from the command line does not work

 

0 Kudos
BODALIA
Mission Specialist
Mission Specialist
  • 2,955 Views
After trying out your suggests with ping 8.8.8.8;nslookup etc… and confirming that they were all working, I tried to login in to podman – it still does not work

[A screenshot of a computer Description automatically generated]

Unless otherwise stated above:

IBM United Kingdom Limited
Registered in England and Wales with number 741598
Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU
0 Kudos
Tess
Flight Engineer
Flight Engineer
  • 2,945 Views

Your post mentions a screenshot, but there's no screenshot. 

Anyway...

You can that a ping of 8.8.8.8 works and that you can nslookup for google.com.

So can you also test these (and then show us the output):

  1. nslookup registry.access.redhat.com
  2. curl https://registry.access.redhat.com/v2

The second one should give a HTTP 301 redirect with a little output.

I've also checked the documentation for the Red Hat registries.

->. https://access.redhat.com/RegistryAuthentication#red-hat-registries-1

Turns out that registry.access.redhat.com does not need authentication at all. You should be able to pull from there anonymously. It also does not used RedHat login. 

0 Kudos
BODALIA
Mission Specialist
Mission Specialist
  • 2,941 Views
Hi, thank you for your answer, sorry, I include screenshot here, showing that ping 8.8.8.8 and nslookup seems to work. I have also included the curl command you suggested, but the output is does not have HTTP 301 in it.
As you can see from the first screen, I have tried to see the images in the registry but it times out, which is why I thought I needed to login to the registry somehow. Really not sure why it’s not working.
Kind regards,
Usha

[A screenshot of a computer Description automatically generated]

Unless otherwise stated above:

IBM United Kingdom Limited
Registered in England and Wales with number 741598
Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU
0 Kudos
Tess
Flight Engineer
Flight Engineer
  • 2,934 Views

> "As you can see from the first screen"

Unfortunately we can't... Your screenshots are not showing up on this forum. 

0 Kudos
BODALIA
Mission Specialist
Mission Specialist
  • 2,926 Views

Hi Tess, included herein is a cut and paste of the above mentioned.

======================Output of requested commands BELOW

ushakant@kingfisher ~]$ nslookup registry.access.redhat.com
Server: 192.168.83.2
Address: 192.168.83.2#53

Non-authoritative answer:
registry.access.redhat.com canonical name = registry.access.redhat.com2.edgekey.net.
registry.access.redhat.com2.edgekey.net canonical name = registry.access.redhat.com2.edgekey.net.globalredir.akadns.net.
registry.access.redhat.com2.edgekey.net.globalredir.akadns.net canonical name = e40408.d.akamaiedge.net.
Name: e40408.d.akamaiedge.net
Address: 2.19.161.25
Name: e40408.d.akamaiedge.net
Address: 2.19.161.14

[ushakant@kingfisher ~]$ curl https://registry.access.redhat.com/v2
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to target URL: <a href="https://crane.registry.redhat.com/v2/">https://crane.registry.redhat.com/v2/</a>. If not click the link.[ushakant@kingfisher ~]$ ping -c3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=128 time=19.7 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=128 time=160 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=128 time=24.3 ms

======================TRYING TO ACCESS PODMAN REGISTRIES BELOW

joe@kingfisher ~]$ podman info|grep registries -A5
registries:
search:
- registry.access.redhat.com
- registry.redhat.io
- docker.io
store:
[joe@kingfisher ~]$ podman search registry.access.redhat.com
^C[joe@kingfisher ~]$
[joe@kingfisher ~]$ podman search registry.access.redhat.com/
Error: 1 error occurred:
* couldn't search registry "registry.access.redhat.com": pinging container registry registry.access.redhat.com: Get "https://registry.access.redhat.com/v2/": dial tcp: lookup registry.access.redhat.com on 192.168.83.2:53: read udp 192.168.83.133:39396->192.168.83.2:53: i/o timeout

 

 

0 Kudos
Join the discussion
You must log in to join this conversation.