Comments (6)
Hi @gokhansengun thanks for the report and sorry for taking so long to look at this.
I do use a few private registries with auth and its working (its the whole point of this).
The thing is those registries are not the official DockerHub, but simple private registries hosted by myself.
I don't have a private/paid DockerHub account to test with, and it seems that this problem only affects that specific use case: from the logs you posted, it seems like docker goes both to registry-1
as well as auth
, both under .docker.io
.
You could try adding some more hostnames to auth against, for example:
docker run --rm --name docker_registry_proxy -it \
-p 0.0.0.0:3128:3128 \
-v $(pwd)/docker_mirror_cache:/docker_mirror_cache \
-v $(pwd)/docker_mirror_certs:/ca \
-e REGISTRIES="k8s.gcr.io gcr.io quay.io" \
-e AUTH_REGISTRIES="registry-1.docker.io:gsengun:THE_PASS auth.docker.io:gsengun:THE_PASS" \
rpardini/docker-registry-proxy:latest
Could try that and post the logs again?
If that solves it, I could implement a way to avoid having to do it twice, or at least document that.
Thanks.
from docker-registry-proxy.
I met this problem too. it seems that token from auth.docker.io should not be cached or not valid for too long. it will expire and cause such problem.
from docker-registry-proxy.
Interesting. I will investigate ASAP.
from docker-registry-proxy.
I am having trouble authenticating to Quay, not entirely sure the issue is related. Quay doesn't redirect to other URLs, it only uses /v2 and /v2/auth
HIT [02/Nov/2018:18:50:16 +0000] "/v2/" 401 40 "HOST:quay.io" "PROXY-HOST:quay.io" "UPSTREAM:-"
HIT [02/Nov/2018:18:50:17 +0000] "/v2/auth" 200 1063 "HOST:quay.io" "PROXY-HOST:quay.io" "UPSTREAM:-"
MISS [02/Nov/2018:18:50:18 +0000] "/v2/<repository-redacted>/<image-name-redacted>/manifests/4.2.0-8" 401 40 "HOST:quay.io" "PROXY-HOST:quay.io" "UPSTREAM:50.16.237.72:443"
You'll see that /v2 is a HIT (401), /v2/auth is a HIT (200) (is it supposed to cache it?), but the image itself is a MISS (401).
Docker will say: Error response from daemon: unauthorized: authentication required
Authentication was configured:
Adding Auth for registry 'quay.io' with user '<redacted>'.
Pulling from public registries obviously works just fine, as does the caching.
from docker-registry-proxy.
@outworlder I opened a separate issue #5 for this case. I've released 0.2.1 which could maybe help.
@gokhansengun and @manlme, 0.2.1 should fix DockerHub authentication issue. Please take a look at README.md for the instructions for DockerHub auth, please test and report back ;-)
from docker-registry-proxy.
<Removed, commenting on the correct issue>
from docker-registry-proxy.
Related Issues (20)
- Gitlab Registry: unauthorized: authentication required HOT 2
- How to configure containerd? HOT 4
- Verifying a docker-registry-proxy deployment
- Question: how to use this amazing image with proxy peers HOT 1
- Helm chart for deploy into k8s HOT 1
- Bad Gateway HOT 4
- Docker proxy failover option HOT 1
- Can S3 be used and main storage? HOT 1
- Broken `k8s.gcr.io`
- Failure to follow changed netloc while maintaining redir's path during interleaved recursive redirections
- docker-registry-proxy behind another proxy
- how to authenticate this proxy for ECR? HOT 2
- error pulling image configuration: download failed after attempts=1: unknown blob HOT 1
- How to secure access to the proxy when my cluster needs to connect through a public url / ip? HOT 2
- Does anybody have configuration for cri-o? HOT 1
- Proxy with mirror config
- Add ghcr.io to the default list of cached registries HOT 2
- gcr.io: Your client does not have permission to get URL
- Create releases
- docker hub login is not working
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-registry-proxy.