Can i disable Tls verify on minikube?

2
votes

I have a local minikube cluster on hyper-v, when i try to pull images from my private repository i get this error :

Failed to pull image "my-repolink/image": rpc error: code = Unknown desc = Error response from daemon: Get my-repolink/v2/: x509: certificate signed by unknown authority

When running minikube docker-env i get:

$Env:DOCKER_TLS_VERIFY = "1"
$Env:DOCKER_HOST = "tcp://IP:2376"
$Env:DOCKER_CERT_PATH = "C:\Users\myuser\.minikube\certs"
$Env:MINIKUBE_ACTIVE_DOCKERD = "minikube"

I was wanderring if i can change the DOCKER_TLS_VERIFY to "0" (if yes how plz?) and if it will have any effect on this error?

2
kubernetesminikube

2 Answers

0
votes

minikube docker-env is used to configure the shell:

$ minikube docker-env
...
# Run this command to configure your shell:
# eval $(minikube docker-env)

These envs are not set in docker but these are envs you can set in your shell to connect to the docker that is inside of a minikube vm from local machine.

So if you want to change it you can run: export DOCKER_TLS_VERIFY="0" in the shell.

But notice what is written in docker documentation:

Setting the DOCKER_TLS_VERIFY environment variable to any value other than the empty string is equivalent to setting the --tlsverify flag.

So setting this value to "0" is the same as setting is to "1" so it's not going to change anything. So no, it won't have any effect on this error.

0
votes

You need to tell minikube which certificates to trust. The official doc mentions this specific issue.

The suggestion is to put the appropriate self-signed ceritificate of your private registry into ~/.minikube/files/etc/ssl/certs; then run minikube delete followed by minikube start.