Not super familiar with the kolla docker part, but the code seems pretty straightforward.

What is the IP of your registry? I dont think you should use localhost as the tasks are running on the computes/controllers? Can you use the registry IP in the same subnet/reachable subnet?

Tracing the code

- name: Ensure fluentd image is present for label check
vars:
service_name: "fluentd"
service: "{{ common_services[service_name] }}"
become: true
kolla_docker:
action: "ensure_image"
common_options: "{{ docker_common_options }}"
image: "{{ service.image }}"
when:
- fluentd_version is not defined or fluentd_binary is not defined
- enable_fluentd | bool

This calls

def ensure_image(self):
if not self.check_image():
self.pull_image()

This then calls (if the image is not there)

def pull_image(self):
if self.params.get('auth_username'):
self.dc.login(
username=self.params.get('auth_username'),
password=self.params.get('auth_password'),
registry=self.params.get('auth_registry'),
email=self.params.get('auth_email')
)

image, tag = self.parse_image()
old_image_id = self.get_image_id()

statuses = [
json.loads(line.strip().decode('utf-8')) for line in self.dc.pull(
repository=image, tag=tag, stream=True
)
]

for status in reversed(statuses):
if 'error' in status:
if status['error'].endswith('not found'):
self.module.fail_json(
msg="The requested image does not exist: {}:{}".format(
image, tag),
failed=True
)
else:
self.module.fail_json(
msg="Unknown error message: {}".format(
status['error']),
failed=True
)

new_image_id = self.get_image_id()
self.changed = old_image_id != new_image_id

On Mon, Feb 28, 2022 at 6:26 PM Laurent Dumont <laurentfdumont@gmail.com> wrote:

Can you pull from that registry manually? If that doesn't work, Kolla won't work either.

On Mon, Feb 28, 2022 at 6:47 AM A Monster <amonster369@gmail.com> wrote:
I'm getting the following error while trying to deploy openstack using kolla-ansible.
I've set up a local docker registry and enabled insecure registries in daemon.json file and I even tried to pull fluentd docker image but I still get the following error

TASK [common : Ensure fluentd image is present for label check]
fatal: [localhost]: FAILED! => {"changed": true, "msg": "'Traceback (most recent call last):\\n File \"/usr/local/lib/python3.6/site-packages/docker/api/client.py\", line 268, in _raise_for_status\\n response.raise_for_status()\\n File \"/usr/lib/python3.6/site-packages/requests/models.py\", line 940, in raise_for_status\\n raise HTTPError(http_error_msg, response=self)\\nrequests.exceptions.HTTPError: 500 Server Error: Internal Server Error for url: http+docker://localhost/v1.41/images/create?tag=xena&fromImage=quay.io%2Fkolla%2Fcentos-source-fluentd\\n\\nDuring handling of the above exception, another exception occurred:\\n\\nTraceback (most recent call last):\\n File \"/tmp/ansible_kolla_docker_payload_xizndx9s/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 1241, in main\\n File \"/tmp/ansible_kolla_docker_payload_xizndx9s/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 1116, in ensure_image\\n File \"/tmp/ansible_kolla_docker_payload_xizndx9s/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 692, in pull_image\\n File \"/usr/local/lib/python3.6/site-packages/docker/api/image.py\", line 430, in pull\\n self._raise_for_status(response)\\n File \"/usr/local/lib/python3.6/site-packages/docker/api/client.py\", line 270, in _raise_for_status\\n raise create_api_error_from_http_exception(e)\\n File \"/usr/local/lib/python3.6/site-packages/docker/errors.py\", line 31, in create_api_error_from_http_exception\\n raise cls(e, response=response, explanation=explanation)\\ndocker.errors.APIError: 500 Server Error for http+docker://localhost/v1.41/images/create?tag=xena&fromImage=quay.io%2Fkolla%2Fcentos-source-fluentd: Internal Server Error (\"unauthorized: access to the requested resource is not authorized\")\\n'"}