cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to pull ActiveGate Docker image from Dynatrace Docker Registry?

STiAT
Helper

Hi there,

 

so dynatrace serves it's own docker registry instead of providing us with a public repository .. well, that makes me encounter issues with kubernetes deploying it because our dynatrace managed runs on internal certificates, so the kubernetes workers do not know about them.

 

Since we're using PKS and that's not supported / a beta feature at the moment to use private certificates we'd like to push the activegate docker images to our artifactory (which has an official certificate).

 

To be clear, I do not want to use demonsets in the namespace to provide root and SubCAs to work around PKS.

 

For that, I'll need to download the images and provide them in our artifactory. The issue is - I can not seem to do that, because it does not let me log in to the dynatrace docker registry:

 

Taken from there: https://www.dynatrace.com/support/help/setup-and-configuration/setup-on-container-platforms/kubernet...

 

I assume dynatrace serves the registry in the normal HTTPS environment URL (https://server/e/environmentid)

 

docker login ourdynatraceserver/e/our-environment-id --username ad
min --password <TOKEN>

WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: login attempt to https://ourdynatraceserver/v2/ failed with status: 401 Unauthorized

 

I'm using the admin user with the created PAAS token for accessing it. Since I can not login using docker, I suppose the generated secret for kubernetes wouldn't work either (I can not get around the certificate issue there at the moment, so I can't tell if docker could actually pull from kubernetes).

 

I also tried to do that via https://ourserver/e/ourenvironmentid/linux/activegate to see if it's served there - without luck either.

 

So: Where is the docker registry actually served in dynatrace? How to access it to pull the docker image?

 

Thanks!

1 REPLY 1

STiAT
Helper

Got it solved with the One Support guys..

 

actually, the user name for the login is the enviornment ID, not the owner of the PaaS token but the environment id!

 

Thanks!