BODALIA
Mission Specialist
Mission Specialist
  • 7,830 Views

podman login command gives error:authenticating credentials

Jump to solution

Looks like a simple question with a simple answer but it is not working for me in my VMware Rhel9 machine that I have set up. I have successfully installed container-tools, but am unable to log in to the container registry. I am using my username and password that I used to register the machine, the same as the one I use to log in to my course RHCSA Rapid Track

Can anyone help me please?

Thanks,

Usha

Labels (1)
Tags (2)
21 Replies
BODALIA
Mission Specialist
Mission Specialist
  • 3,066 Views
Hi Tess, thank you for your response. I manually set it to make sure all the parameters in setting the network were included, that I learnt from the course, and it seems to work after a reboot – that’s all. The IP addresses that I used were the ones that were set on the original network connection, so I did not change the dns that was already given in the build of the Redhat machine vmware fusion. Could it be that this machine is an Alma Linux, or should that make no difference?

What settings have you applied to the virtual NIC of the VM in VMWare? Did you set it to NAT? I have not done this before, so I don’t really know what you mean or what I need to do here.

I only did the http settings because you asked me if I could ‘curl’ and I could not. So I set the firewall and selinux for it - the only setting I did not set for this was the “semanage -a -t http_port_t -p tcp 80” command.

Kind regards,
Usha

Unless otherwise stated above:

IBM United Kingdom Limited
Registered in England and Wales with number 741598
Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU
0 Kudos
Tess
Flight Engineer
Flight Engineer
  • 2,077 Views

I did not ask you to curl anything, that was @Chetan_Tiwary_ . But, you have misunderstood what they were asking. Chetan did not ask you if you can curl your own host, they asked if you can curl the registry server. 

Again, setting up a httpd (with firewall rules) on your RedHat workstation is not relevant to this situation. The problem with your VM is one of simple networking. 

 

> " I manually set it to make sure all the parameters in setting the network were included,
> that I learnt from the course, and it seems to work after a reboot – that’s all."

You cannot simply take settings that worked in the RedHat training labs and apply them to your own VM, while hoping they will work. Your VM on your VMWare Fusion has a different network configuration, than the VM in the RedHat training labs.

 

> " I have not done this before, so I don’t really know what you mean or what I need to do here."

In order for your RedHat VM on your Mac to have network access, it needs a number of things. 1) The VM needs to have a virtual network card (which it does!), 2) the virtual network card must be connected to your Mac's network (either in bridged mode or in NAT mode), 3) your VM must be configured to use the network settings that apply to the environment from step 2. 

If your VM is configured to provide networking via NAT, you must set your RedHat VM to use DHCP. If your VM is configured to provide networking via bridge mode, then you must first figure out what the network you are on requires: does it need hard-coded settings or DHCP?

If you cannot work with these instructions and guidance, then I suggest you first learn a bit more about TCP/IP networking in general. You need to understand how virtual machines and hypervisors work with network access. 

Once the networking setup is correct, the following three will work.

After that, you can retry the podman login

0 Kudos
BODALIA
Mission Specialist
Mission Specialist
  • 1,930 Views

apologies, just saw the last part of your message. In summary, I've checked that the NAT is set on vmware fusion, but I have not changed this, and all three

ping 8.8.8.8; nslookup www.google.com; ping www.google.com work
And although I am also able to bring up the webconsole from firefox, curl http://localhost:9090 from the command line does not work

 

0 Kudos
BODALIA
Mission Specialist
Mission Specialist
  • 2,096 Views
After trying out your suggests with ping 8.8.8.8;nslookup etc… and confirming that they were all working, I tried to login in to podman – it still does not work

[A screenshot of a computer Description automatically generated]

Unless otherwise stated above:

IBM United Kingdom Limited
Registered in England and Wales with number 741598
Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU
0 Kudos
Tess
Flight Engineer
Flight Engineer
  • 2,086 Views

Your post mentions a screenshot, but there's no screenshot. 

Anyway...

You can that a ping of 8.8.8.8 works and that you can nslookup for google.com.

So can you also test these (and then show us the output):

  1. nslookup registry.access.redhat.com
  2. curl https://registry.access.redhat.com/v2

The second one should give a HTTP 301 redirect with a little output.

I've also checked the documentation for the Red Hat registries.

->. https://access.redhat.com/RegistryAuthentication#red-hat-registries-1

Turns out that registry.access.redhat.com does not need authentication at all. You should be able to pull from there anonymously. It also does not used RedHat login. 

0 Kudos
BODALIA
Mission Specialist
Mission Specialist
  • 2,082 Views
Hi, thank you for your answer, sorry, I include screenshot here, showing that ping 8.8.8.8 and nslookup seems to work. I have also included the curl command you suggested, but the output is does not have HTTP 301 in it.
As you can see from the first screen, I have tried to see the images in the registry but it times out, which is why I thought I needed to login to the registry somehow. Really not sure why it’s not working.
Kind regards,
Usha

[A screenshot of a computer Description automatically generated]

Unless otherwise stated above:

IBM United Kingdom Limited
Registered in England and Wales with number 741598
Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU
0 Kudos
Tess
Flight Engineer
Flight Engineer
  • 2,075 Views

> "As you can see from the first screen"

Unfortunately we can't... Your screenshots are not showing up on this forum. 

0 Kudos
BODALIA
Mission Specialist
Mission Specialist
  • 2,067 Views

Hi Tess, included herein is a cut and paste of the above mentioned.

======================Output of requested commands BELOW

ushakant@kingfisher ~]$ nslookup registry.access.redhat.com
Server: 192.168.83.2
Address: 192.168.83.2#53

Non-authoritative answer:
registry.access.redhat.com canonical name = registry.access.redhat.com2.edgekey.net.
registry.access.redhat.com2.edgekey.net canonical name = registry.access.redhat.com2.edgekey.net.globalredir.akadns.net.
registry.access.redhat.com2.edgekey.net.globalredir.akadns.net canonical name = e40408.d.akamaiedge.net.
Name: e40408.d.akamaiedge.net
Address: 2.19.161.25
Name: e40408.d.akamaiedge.net
Address: 2.19.161.14

[ushakant@kingfisher ~]$ curl https://registry.access.redhat.com/v2
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to target URL: <a href="https://crane.registry.redhat.com/v2/">https://crane.registry.redhat.com/v2/</a>. If not click the link.[ushakant@kingfisher ~]$ ping -c3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=128 time=19.7 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=128 time=160 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=128 time=24.3 ms

======================TRYING TO ACCESS PODMAN REGISTRIES BELOW

joe@kingfisher ~]$ podman info|grep registries -A5
registries:
search:
- registry.access.redhat.com
- registry.redhat.io
- docker.io
store:
[joe@kingfisher ~]$ podman search registry.access.redhat.com
^C[joe@kingfisher ~]$
[joe@kingfisher ~]$ podman search registry.access.redhat.com/
Error: 1 error occurred:
* couldn't search registry "registry.access.redhat.com": pinging container registry registry.access.redhat.com: Get "https://registry.access.redhat.com/v2/": dial tcp: lookup registry.access.redhat.com on 192.168.83.2:53: read udp 192.168.83.133:39396->192.168.83.2:53: i/o timeout

 

 

0 Kudos
Tess
Flight Engineer
Flight Engineer
  • 2,060 Views

Alright! So, the first half of all that confirms that both your DNS and your Internet connection are in fact working correctly. That's good!

I also took the time to try your commands on my own RHEL box. 

That last command you type, also does not work for me. 

What does work for me is:

  • podman search alpine

I will look into why the search you're doing doesn't work. The man-page says it should work for v2 registries, which this is... 

0 Kudos
Tess
Flight Engineer
Flight Engineer
  • 2,058 Views

Darn, that wasn't it either. I need to curl the v2 URL with a / at the end.

 

% curl https://registry.access.redhat.com/v2/                  
{}% 

 

So, that URL works after all, but it returns a null set. 

 

EDIT: The stuff I posted here before is wrong afterall. 

Ha!! I've got it!

The problem is not you. The problem is with Red Hat! Their own registry is broken. 

Let's do that curl again!

 

$ curl https://registry.access.redhat.com/v2

You should be redirected automatically to target URL: https://crane.registry.redhat.com/v2/

 

This tells you that you are being redirected to crane.registry.redhat.com

Yeah, that server is unknown in DNS! 🤪

 

$ curl https://crane.registry.redhat.com/v2

curl: (6) Could not resolve host: crane.registry.redhat.com

 

 

0 Kudos
Join the discussion
You must log in to join this conversation.