Skip to content
This repository has been archived by the owner on Sep 12, 2018. It is now read-only.

Error "417 Expectation Failed" when running behind proxy with S3 storage #460

Closed
afex opened this issue Jul 5, 2014 · 4 comments
Closed

Error "417 Expectation Failed" when running behind proxy with S3 storage #460

afex opened this issue Jul 5, 2014 · 4 comments
Labels
bug drivers
Milestone
Paradise

Comments

@afex
Copy link

afex commented Jul 5, 2014

i'm using this command to start the registry on my server which sits behind an http proxy

docker run -d \
-e SETTINGS_FLAVOR=s3 \
-e AWS_BUCKET=BUCKET \
-e AWS_KEY=KEY \
-e AWS_SECRET=SECRET \
-e SEARCH_BACKEND=sqlalchemy \
-e HTTP_PROXY=http://PROXY/ \
-e http_proxy=http://PROXY/ \
-e HTTPS_PROXY=http://PROXY/ \
-e https_proxy=http://PROXY/ \
-p 5000:5000 \
registry:0.7.3

the registry starts fine. when i attempt to push an image, i get the following error:

2014-07-05 08:13:26,968 ERROR: Exception on /v1/repositories/IMAGE/ [PUT]
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1817, in wsgi_app
    response = self.full_dispatch_request()
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1477, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1381, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1475, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1461, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/usr/local/lib/python2.7/dist-packages/docker_registry/toolkit.py", line 290, in wrapper
    return f(namespace, repository, *args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/docker_registry/toolkit.py", line 264, in wrapper
    return f(*args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/docker_registry/index.py", line 102, in put_repository
    update_index_images(namespace, repository, flask.request.data)
  File "/usr/local/lib/python2.7/dist-packages/docker_registry/index.py", line 84, in update_index_images
    store.put_content(path, data)
  File "/usr/local/lib/python2.7/dist-packages/docker_registry/drivers/s3.py", line 106, in put_content
    content, encrypt_key=(self._config.s3_encrypt is True))
  File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 1379, in set_contents_from_string
    encrypt_key=encrypt_key)
  File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 1246, in set_contents_from_file
    chunked_transfer=chunked_transfer, size=size)
  File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 725, in send_file
    chunked_transfer=chunked_transfer, size=size)
  File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 914, in _send_file_internal
    query_args=query_args
  File "/usr/local/lib/python2.7/dist-packages/boto/s3/connection.py", line 633, in make_request
    retry_handler=retry_handler
  File "/usr/local/lib/python2.7/dist-packages/boto/connection.py", line 1046, in make_request
    retry_handler=retry_handler)
  File "/usr/local/lib/python2.7/dist-packages/boto/connection.py", line 919, in _mexe
    request.body, request.headers)
  File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 852, in sender
    response.status, response.reason, body)
S3ResponseError: S3ResponseError: 417 Expectation Failed

i've tried this flow on a different server (not behind a proxy), and was able to push the same image with no errors.
@dmp42
Copy link
Contributor

dmp42 commented Jul 5, 2014

So, boto is complaining about not being able to reach your bucket.

I'm not 100% positive, but this:

-e HTTP_PROXY=http://PROXY/
-e http_proxy=http://PROXY/
-e HTTPS_PROXY=http://PROXY/
-e https_proxy=http://PROXY/ \

likely doesn't have any effect, and boto just choke on your proxy trying to reach your bucket.

Quite frankly, I would rather discourage the use of the registry like that, separated from the bucket by a proxy - you are likely opening a huge can of worm, and this is entirely untested (and unlikely to receive much love / development focus <- unless by you?)...

@dmp42 dmp42 added this to the Paradise milestone Jul 5, 2014
@dmp42 dmp42 added bug labels Jul 5, 2014
@afex
Copy link
Author

afex commented Jul 5, 2014

Setting those environment variables is required for anything to even begin to function, since without them the S3 request times out. This is expected and is the reason why the proxy is being used.

@dmp42
Copy link
Contributor

dmp42 commented Jul 5, 2014

Setting those environment variables is required for anything to even begin to function, since without them the S3 request times out. This is expected and is the reason why the proxy is being used.

Yes, I get that.

Then again:

  • working from behind a proxy is not supported or tested, nor developed for - which means other parts of the registry are likely to simply ignore proxy settings
  • this is likely a boto bug (look at the stack trace), not a registry (per-se) bug

If you have a patch, it's certainly welcome, sure.

@dmp42
Copy link
Contributor

dmp42 commented Aug 16, 2014

I'm closing this for now, as no work is planned on this:

  • for the lack of a test environment, to boot with
  • likely a boto bug
  • no interest in supporting such a configuration

although like stated, we would certainly accept a PR.

@dmp42 dmp42 closed this as completed Aug 16, 2014
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug drivers
Projects
None yet
Milestone
Paradise
Development

No branches or pull requests
2 participants
@afex @dmp42