Menu
I followed this guide to setup a Docker v2 Registry acting as a local proxy cache for Docker Hub images. My Docker daemon is configured with both --insecure-registry and --registry-mirror options pointing to the same registry instance.
When pulling images it works correctly by caching them to the local store.
The problem is that when I try to push an image to such local private registry, I get a weird UNSUPPORTED error. The registry log says:
time="2015-11-09T13:20:22Z" level=error msg="response completed with error" err.code=UNSUPPORTED err.message="The operation is unsupported." go.version=go1.4.3 http.request.host="my.registry.io:5000" http.request.id=b1faccb3-f592-4790-bbba-00ebb3a3bfc1 http.request.method=POST http.request.remoteaddr="192.168.0.4:57608" http.request.uri="/v2/mygroup/myimage/blobs/uploads/" http.request.useragent="docker/1.9.0 go/go1.4.2 git-commit/76d6bc9 kernel/3.16.0-4-amd64 os/linux arch/amd64" http.response.contenttype="application/json; charset=utf-8" http.response.duration=2.035918ms http.response.status=405 http.response.written=78 instance.id=79970ec3-c38e-4ebf-9e83-c3890668b122 vars.name="mygroup/myimage" version=v2.2.0
If I disable proxy setting on the registry then the push works correctly. Am I missing something on the configuration or it is just that a private registry cannot act as a proxy cache at the same time?
455
A caching proxy for Docker; allows centralised management of (multiple) registries and their authentication; caches images from any registry. Caches the potentially huge blob/layer requests (for bandwidth/time savings), and optionally caches manifest requests ("pulls") to avoid rate-limiting.
We simply need to set the http_proxy and https_proxy environmental variables during build time. We can do this with the docker build command itself. $ sudo docker build -t curl --build-arg http_proxy=http://192.168.33.10:3128 . Or we can specify the http_proxy value using the ENV instruction within the Dockerfile .
In a typical setup where you run your Registry from the official image, you can specify a configuration variable from the environment by passing -e arguments to your docker run stanza or from within a Dockerfile using the ENV instruction. This variable overrides the /var/lib/registry value to the /somewhere directory.
So we cannot push any Docker images over there which means we need to re-tag our image before pushing it to the registry. If we have an account on hub.docker.com then we get a default repository with our Docker Id so that we can push our Docker image on hub.docker.com and make it public or keep it private as our requirement.
Provide security to Docker images: We can digitally sign the Docker image before pushing it to the registry that helps us to avoid maliciouslyDocker images to be pushed to the registry and prevents unexpected outage.
The first time you request an image from your local registry mirror, it pulls the image from the public Docker registry and stores it locally before handing it back to you. On subsequent requests, the local registry mirror is able to serve the image from its own storage.
Run a Registry as a pull-through cache. The easiest way to run a registry as a pull through cache is to run the official Registry image. At least, you need to specify proxy.remoteurl within /etc/docker/registry/config.yml as described in the following subsection. Multiple registry caches can be deployed over the same back-end.
Just ran into this myself. Turns out pushing to a private registry configured as a proxy is not supported. See
https://docs.docker.com/registry/configuration/#proxy
"Pushing to a registry configured as a pull through cache is currently unsupported".
That is too bad. Now I will have to will have to setup the local proxy cache as a separate registry.
120
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
