Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Private registry ambiguity when it has no explicit domain nor explicit port number declared. #36263

Open
wrkhenddher opened this issue Feb 9, 2018 · 1 comment
Open

Private registry ambiguity when it has no explicit domain nor explicit port number declared. #36263

wrkhenddher opened this issue Feb 9, 2018 · 1 comment
Labels
area/distribution

Comments

@wrkhenddher
Copy link

Description

docker login and docker push/pull seem to misinterpret registry hostname when it's missing domain and/or port number. Even when multiple components are given to the image name (e.g. registry/user/image:tag)

Steps to reproduce the issue:

See distribution/distribution#2511

  1. Login to a private registry running on an intranet private network (i.e. nb-docker-reg without domain nor port number). docker login nb-docker-reg.
me@NBPLANDEV-HP:~$ docker login nb-docker-reg
Username: hpedro
Password: 
Login Succeeded
  1. Try pushing (or pulling) a tagged image.
me@NBPLANDEV-HP:~/docker/p2server$ docker tag ubuntu nb-docker-reg/hp/ubuntu

me@NBPLANDEV-HP:~/docker$ docker image ls
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
nb-docker-reg/hp/ubuntu         latest              0458a4468cbc        13 days ago         112MB

me@NBPLANDEV-HP:~/docker/p2server$ docker push nb-docker-reg/hp/ubuntu
The push refers to repository [docker.io/nb-docker-reg/hp/ubuntu]
6f4ce6b88849: Preparing 
92914665e7f6: Preparing 
c98ef191df4b: Preparing 
9c7183e0ea88: Preparing 
ff986b10a018: Preparing 
denied: requested access to the resource is denied

Describe the results you received:

Notice that push always resolves to docker.io instead of private registry nb-docker-reg.

Describe the results you expected:

Image is pushed to (or pulled from) the private registry (nb-docker-reg).

Additional information you deem important (e.g. issue happens only occasionally):

See full original discussion in distribution/distribution#2511

So far, after all the tests I've done, it seems like declaring the port number is the only way that makes docker realize that the first component of the image name is a private registry.

As shown below, I'm not logged on to my private registry using 443 (see my config.json). I am only logged on to my private registry without a port number (443 by default and reverse-proxied by nginx - in theory).

me@NBPLANDEV-HP:~/docker/p2server$ docker logout nb-docker-reg:443
Not logged in to nb-docker-reg:443

me@NBPLANDEV-HP:~/docker/p2server$ cat ~/.docker/config.json 
{
	"auths": {
		"nb-docker-reg": {}
	},
	"HttpHeaders": {
		"User-Agent": "Docker-Client/17.12.0-ce (linux)"
	},
	"credsStore": "pass"
}

me@NBPLANDEV-HP:~/docker/p2server$ docker tag ubuntu nb-docker-reg/hp/ubuntu

me@NBPLANDEV-HP:~/docker/p2server$ docker image ls
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
pyramid_app                     latest              cf63c06bfea4        45 hours ago        1.44GB
pyramid_app                     1.0.5               88824dd44449        2 days ago          743MB
<none>                          <none>              d9c3f87bdc4d        2 days ago          743MB
<none>                          <none>              20c7ad72161d        2 days ago          636MB
<none>                          <none>              a50763030c3b        2 days ago          636MB
<none>                          <none>              aa8d8f891b9a        9 days ago          743MB
<none>                          <none>              bb9b9ad4b7f0        9 days ago          226MB
<none>                          <none>              1d83b2fce7d2        9 days ago          139MB
<none>                          <none>              665cd7bc19d5        9 days ago          226MB
nb-docker-reg:443/pyramid_app   1.0.5               1a39133676c1        9 days ago          800MB
<none>                          <none>              23b2f571b9d5        9 days ago          743MB
<none>                          <none>              ac5357ff5d0f        12 days ago         743MB
<none>                          <none>              68aef1d0efc6        12 days ago         743MB
<none>                          <none>              5b61c7495081        12 days ago         743MB
<none>                          <none>              d785e11a7e0c        12 days ago         743MB
<none>                          <none>              5ad5326e0b22        12 days ago         743MB
<none>                          <none>              48e662f793a7        12 days ago         743MB
<none>                          <none>              ee3b6c473ccc        12 days ago         743MB
<none>                          <none>              ac571fbf5c4e        12 days ago         715MB
<none>                          <none>              b1cab0c3a741        12 days ago         715MB
<none>                          <none>              d8ed41b0154b        12 days ago         715MB
<none>                          <none>              7843952ce4ca        12 days ago         715MB
<none>                          <none>              aeec3dcdc1b7        12 days ago         715MB
<none>                          <none>              75bc2a86f501        13 days ago         715MB
ubuntu                          latest              0458a4468cbc        13 days ago         112MB
nb-docker-reg/hp/ubuntu         latest              0458a4468cbc        13 days ago         112MB
nb-docker-reg/ubuntu            latest              0458a4468cbc        13 days ago         112MB
nb-docker-reg:443/ubuntu        latest              0458a4468cbc        13 days ago         112MB
<none>                          <none>              a960d76169c5        13 days ago         715MB
<none>                          <none>              c2350f706d1b        2 weeks ago         226MB
<none>                          <none>              b69f1c89c7bd        2 weeks ago         167MB
ubuntu                          16.04               2a4cca5ac898        3 weeks ago         111MB
nginx                           alpine              bb00c21b4edf        4 weeks ago         16.8MB
alpine                          latest              3fd9065eaf02        4 weeks ago         4.15MB
busybox                         latest              807fd4df40d1        4 weeks ago         1.14MB
friendlyhello                   latest              65ce3faa20ca        4 weeks ago         148MB
nginx                           latest              3f8a4339aadd        6 weeks ago         108MB
rabbitmq                        management          6cb6e2f951a8        6 weeks ago         151MB
rabbitmq                        latest              d53246bdedd1        6 weeks ago         127MB
redis                           latest              1e70071f4af4        8 weeks ago         107MB
python                          2-slim              4fd30fc83117        8 weeks ago         138MB
python                          2.7-slim            4fd30fc83117        8 weeks ago         138MB
postgres                        latest              ec61d13c8566        8 weeks ago         287MB
hello-world                     latest              f2a91732366c        2 months ago        1.85kB

me@NBPLANDEV-HP:~/docker/p2server$ docker push nb-docker-reg/hp/ubuntu
The push refers to repository [docker.io/nb-docker-reg/hp/ubuntu]
6f4ce6b88849: Preparing 
92914665e7f6: Preparing 
c98ef191df4b: Preparing 
9c7183e0ea88: Preparing 
ff986b10a018: Preparing 
denied: requested access to the resource is denied

As shown in the last command, it tried to push the image to docker.io.

Output of docker version:

me@nb-docker-reg:~/Docker/registry$ docker version
Client:
 Version:	17.12.0-ce
 API version:	1.35
 Go version:	go1.9.2
 Git commit:	c97c6d6
 Built:	Wed Dec 27 20:11:19 2017
 OS/Arch:	linux/amd64

Server:
 Engine:
  Version:	17.12.0-ce
  API version:	1.35 (minimum version 1.12)
  Go version:	go1.9.2
  Git commit:	c97c6d6
  Built:	Wed Dec 27 20:09:53 2017
  OS/Arch:	linux/amd64
  Experimental:	false

Output of docker info:

me@nb-docker-reg:~/Docker/registry$ docker info
Containers: 3
 Running: 1
 Paused: 0
 Stopped: 2
Images: 3
Server Version: 17.12.0-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 89623f28b87a6004d4b785663257362d1658a729
runc version: b2567b37d7b75eb4cf325b77297b140ea686ce8f
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.4.0-112-generic
Operating System: Ubuntu 16.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.85GiB
Name: nb-docker-reg
ID: ENUI:F52B:2HZW:CCDL:IX6O:I5SL:USWX:IFFT:4Z52:22PL:HELD:7A2D
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: No swap limit support

Docker Private Registry Version

me@nb-docker-reg:~/Docker/registry$ docker exec registry_registry_1 registry --version
registry github.com/docker/distribution v2.6.2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/distribution
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@thaJeztah @wrkhenddher @GordonTheTurtle