This repository has been archived by the owner. It is now read-only.

[Proposal] Add S3 use-sigv4 Configurable #675

Closed
schmitch opened this Issue Nov 4, 2014 · 5 comments

Comments

Projects
None yet
3 participants
@schmitch
Contributor

schmitch commented Nov 4, 2014

Currently the AWS S3 Auth sigv4 isn't supported with the docker-registry. So any new Bucket that is created on the new AWS Datacenters aren't supported.

My suggestion is, to introduce AWS_SIGV4 environment variable which could be either True or False and is False by default (the current).
Also AWS_SIGV4 could only be SET, when AWS_HOST is set, it won't work without since the SIGV4 needs an host to be specified.

The other route would be to automatically set SIGV4, when the user sets the HOST via AWS_HOST.

Both solution are currently blocked by #674.

@dmp42

This comment has been minimized.

Show comment
Hide comment
@dmp42

dmp42 Nov 4, 2014

Member

@sday @wking @chuegle what do you think?
I'm ok with the extra env var

Member

dmp42 commented Nov 4, 2014

@sday @wking @chuegle what do you think?
I'm ok with the extra env var

@chuegle

This comment has been minimized.

Show comment
Hide comment
@chuegle

chuegle Nov 5, 2014

I believe you can just set:
-e S3_USE_SIGV4=1
and tell boto directly to use sigv4 for s3.

Another idea may just be to make it clear/easier to inject a boto.cfg into the default registry container.
e.g.

make_boto_config > boto.cfg
docker run -v /boto -v $PWD:/mnt --name boto_cfg busybox cp /mnt/boto.cfg /boto/boto.cfg
docker run ... --volumes-from boto_cfg -e BOTO_CONFIG=/boto/boto.cfg docker-registry

chuegle commented Nov 5, 2014

I believe you can just set:
-e S3_USE_SIGV4=1
and tell boto directly to use sigv4 for s3.

Another idea may just be to make it clear/easier to inject a boto.cfg into the default registry container.
e.g.

make_boto_config > boto.cfg
docker run -v /boto -v $PWD:/mnt --name boto_cfg busybox cp /mnt/boto.cfg /boto/boto.cfg
docker run ... --volumes-from boto_cfg -e BOTO_CONFIG=/boto/boto.cfg docker-registry
@dmp42

This comment has been minimized.

Show comment
Hide comment
@dmp42

dmp42 Nov 5, 2014

Member

+1 for -e S3_USE_SIGV4=1 (needs to be documented).

Savvy people can still do some acrobatic stuff with boto.cfg, but I don't want to promote that as the main way to go (although, I'm ok adding some infos about that into ADVANCED.md).

@c-schmitt yours to take if you want :-)

Member

dmp42 commented Nov 5, 2014

+1 for -e S3_USE_SIGV4=1 (needs to be documented).

Savvy people can still do some acrobatic stuff with boto.cfg, but I don't want to promote that as the main way to go (although, I'm ok adding some infos about that into ADVANCED.md).

@c-schmitt yours to take if you want :-)

@schmitch

This comment has been minimized.

Show comment
Hide comment
@schmitch

schmitch Nov 5, 2014

Contributor

@dmp42 yeah I will do it on weekend

Contributor

schmitch commented Nov 5, 2014

@dmp42 yeah I will do it on weekend

@dmp42 dmp42 added this to the 1.0 milestone Nov 5, 2014

@schmitch

This comment has been minimized.

Show comment
Hide comment
@schmitch

schmitch Nov 9, 2014

Contributor

I created a pull request at #705 currently it will fail hard if no AWS_HOST/boto_host is specified.
It's configurable via -e AWS_USE_SIGV4 or in the config file with s3_use_sigv4.
Other variables are alled like this, too so I used the same scheme.

Contributor

schmitch commented Nov 9, 2014

I created a pull request at #705 currently it will fail hard if no AWS_HOST/boto_host is specified.
It's configurable via -e AWS_USE_SIGV4 or in the config file with s3_use_sigv4.
Other variables are alled like this, too so I used the same scheme.

@dmp42 dmp42 closed this in e47ebad Nov 13, 2014

dmp42 added a commit that referenced this issue Nov 13, 2014

Merge pull request #705 from envisia/master
Fixed #675: Added an ENV/Option to Configure USE_SIGV4
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.