Distribution: Private Docker Registry Push "Blob Upload Unknown"

Created on 7 Feb 2018  路  2Comments  路  Source: distribution/distribution

Hi everyone,

I am trying to deploy a private docker registry on Kubernetes:

  • Docker Version: 17.12.0-ce
  • Registry Version: v2.6.2
  • Kubernetes: v1.9.2

If I set one replica, it works, I can pull and push images without any problems.
However if I set more replicas, I receive some errors:

018-02-07T12:20:15.053846504Z time="2018-02-07T12:20:15Z" level=error msg="response completed with error" err.code="blob upload invalid" err.detail="invalid secret" err.message="blob upload invalid" go.version=go1.7.6 http.request.host="name-machine:port 

user@name-machine:~# sudo docker push name-machine:port/apache2
The push refers to a repository [name-machine:port/apache2]
e94542d10da9: Pushing [==================================================>]  3.584kB
e24c9744fa3f: Retrying in 1 second
ab31df24cf72: Retrying in 3 seconds
7e41cdcec3c2: Pushing [==================================================>]   5.12kB
f57aec6a98ba: Pushing   2.56kB
540a7775e563: Waiting
4bcdffd70da2: Waiting
blob upload unknown

I attach registry manifests and information about Docker.

docker-info.txt
docker-version.txt
registry-deployment.txt
registry-service.txt

Thanks in advance,

Regards

picture rdrgporto
👍5

Most helpful comment

@rdrgporto The issue is that you need to set the http secret so the uploads can be resumed above different instances. It looks like a secret was generated at startup (should be in the logs).

The docs section for configuration on http should provide the details: https://github.com/docker/distribution/blob/master/docs/configuration.md#http. You'll need to set the secret such that all instances have the same secret.

picture stevvooe on 9 Feb 2018
👍6

All 2 comments

@rdrgporto The issue is that you need to set the http secret so the uploads can be resumed above different instances. It looks like a secret was generated at startup (should be in the logs).

The docs section for configuration on http should provide the details: https://github.com/docker/distribution/blob/master/docs/configuration.md#http. You'll need to set the secret such that all instances have the same secret.

stevvooe picture stevvooe on 9 Feb 2018
👍6

Thank you very much @stevvooe. I have created a configmap to replace the original file (/etc/docker/registry/config.yml) contained in the pod.

An example of config.yml:

version: 0.1
log:
  fields:
    service: registry
storage:
  cache:
    blobdescriptor: inmemory
  filesystem:
    rootdirectory: /var/lib/registry
http:
  addr: :5000
  secret: asecretforlocaldevelopment
  headers:
    X-Content-Type-Options: [nosniff]
  tls:
    certificate: /certs/domain.crt
    key: /certs/domain.key
health:
  storagedriver:
    enabled: true
    interval: 10s
    threshold: 3

Regards

rdrgporto picture rdrgporto on 9 Feb 2018
👍4
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Duoxilian picture Duoxilian  路  3Comments
zhaochenglan picture zhaochenglan  路  3Comments
tgross picture tgross  路  3Comments
paochiang picture paochiang  路  5Comments
ghost picture ghost  路  5Comments