VCH Configure to add new registry whitelist option missing

Question

VCH Configure to add new registry whitelist option missing

aviratna opened this issue 5 years ago · 1 comments

VIC 1.5.4
VCH Configure to add new registry whitelist option missing

Usecase: To add new registry to existing running VCH

Command given in doc:
vic-machine-operating_system configure
--target vcenter_server_address
--user Administrator@vsphere.local
--password password
--thumbprint certificate_thumbprint
--id vch_id
--registry-ca path_to_ca_cert_for_existing_registry
--registry-ca path_to_ca_cert_for_new_registry

Issue: There is no option to specify the whitelist registry

Error: Command gets completed successfully but not able to pull from new registry
Access denied to unauthorized registry while VCH is in whitelist mode

@malikkal

Answer 1 · 2020-03-10T04:32:32.000Z

Following powershell could help, while the VIC folks could provide a permanent fix by tweaking vic-machine configure.

Function setGuestInfo ($guestVMName, $guestKey, $guestKeyValue){
    $vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec
    $extra = New-Object VMware.Vim.optionvalue
    $extra.Key = $guestKey
    $extra.Value = $guestKeyValue
    $vmConfigSpec.extraconfig += $extra
    $vm = Get-View -ViewType VirtualMachine | where { $_.name -eq $guestVMName }
    $vm.ReconfigVM($vmConfigSpec)
}

$vCenterServer = "<your vcenter>"
Connect-VIServer -Server $vCenterServer
setGuestInfo ("<vch name>") ("guestinfo.vice./registry/whitelist_registries~") ("<registry1>|<registry2>")
Disconnect-VIServer -Server $vCenterServer -confirm:$False | Out-Null