vic icon indicating copy to clipboard operation
vic copied to clipboard
verified publisher icon vmware

VCH Configure to add new registry whitelist option missing

Open aviratna opened this issue 5 years ago • 1 comments

VIC 1.5.4 VCH Configure to add new registry whitelist option missing

Usecase: To add new registry to existing running VCH

Command given in doc: vic-machine-operating_system configure --target vcenter_server_address --user [email protected] --password password --thumbprint certificate_thumbprint --id vch_id --registry-ca path_to_ca_cert_for_existing_registry --registry-ca path_to_ca_cert_for_new_registry

Issue: There is no option to specify the whitelist registry

Error: Command gets completed successfully but not able to pull from new registry Access denied to unauthorized registry while VCH is in whitelist mode

@malikkal

aviratna avatar Mar 09 '20 09:03 aviratna

Following powershell could help, while the VIC folks could provide a permanent fix by tweaking vic-machine configure.

Function setGuestInfo ($guestVMName, $guestKey, $guestKeyValue){
    $vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec
    $extra = New-Object VMware.Vim.optionvalue
    $extra.Key = $guestKey
    $extra.Value = $guestKeyValue
    $vmConfigSpec.extraconfig += $extra
    $vm = Get-View -ViewType VirtualMachine | where { $_.name -eq $guestVMName }
    $vm.ReconfigVM($vmConfigSpec)
}

$vCenterServer = "<your vcenter>"
Connect-VIServer -Server $vCenterServer
setGuestInfo ("<vch name>") ("guestinfo.vice./registry/whitelist_registries~") ("<registry1>|<registry2>")
Disconnect-VIServer -Server $vCenterServer -confirm:$False | Out-Null

malikkal avatar Mar 10 '20 04:03 malikkal