0

I am installing DI 3.2 on my OpenShift environment. Installation continues up to the 60% mark and then gives me the following errors

2022-03-30T09:21:27.485Z INFO cmd/cmd.go:324 1> 2022-03-30T09:21:27+0000 [INFO] Starting Modeler for vflowvalidationtestuser user of nuta tenant...
2022-03-30T09:21:52.691Z INFO cmd/cmd.go:324 1> ID TemplateId Space Tenant User StartTime Status Age
2022-03-30T09:21:52.691Z INFO cmd/cmd.go:324 1> pipeline-modeler-2cebdc201a79980bcf455e pipeline-modeler user nutanix vflowvalidationtestuser Wed, 30 Mar 2022 09:21:27 +0000 ready 25s
2022-03-30T09:21:52.694Z INFO cmd/cmd.go:324 1> 2022-03-30T09:21:52+0000 [INFO] Modeler is started successfully!
2022-03-30T09:21:52.696Z INFO cmd/cmd.go:324 1> 2022-03-30T09:21:52+0000 [INFO] Starting Modeler graph for vflowvalidationtestuser user of nuta tenant...
2022-03-30T09:21:54.752Z INFO cmd/cmd.go:324 1> 2022-03-30T09:21:54+0000 [ERROR] Couldn't start the graph!
2022-03-30T09:21:54.752Z INFO cmd/cmd.go:324 1> The response: failed to deploy graph: failed to prepare graph images: failed to prepare image: cannot connect to docker registry https://nexus.ntnx-sap.com: Get "https://nexus.XXXX.com/v2/": x509: certificate signed by unknown authority
2022-03-30T09:21:54.752Z INFO cmd/cmd.go:324 1> Error: http status code 400 Bad Request (400).

Now obviously the error is that the custom CA that I have is not trusted and therefore a pull/push to/from that registry isn't working. I did add the CA to my openshift cluster, and this also holds all of the images it downloaded during the start of the installation so the registry works, but this step doesn't seem to be aware of the CA I added. Is there a specific parameter I can set prior to installation to add the CA for this check, or is there a secret that I can update to add the CA/CA-chain?

Unfortunately I didn't find much about this in the documentation I was able to find so far. I've also modified the URL of the repo above, but it points to the correct one in the actual log. 🙂