[英]Gitlab docker registry pull failed EOF
I've got Gitlab setup using a docker image https://github.com/sameersbn/docker-gitlab (sameersbn/docker-gitlab) and want to setup gitlab private registry. 我已经使用docker镜像https://github.com/sameersbn/docker-gitlab(sameersbn / docker-gitlab)设置了Gitlab,并且想要设置gitlab私有注册表。
All of this is behind reverse proxy load balancer using nginx
. 所有这些都是使用
nginx
反向代理负载均衡器。 I am able to push into registry, but pull has some problem I am not able to resolve. 我能够进入注册表,但拉有一些问题,我无法解决。
The output tells me retrying in 5sec
and then increases over time, but after about minute it outputs Download complete
on some layers. 输出告诉我
retrying in 5sec
然后随着时间的推移而增加,但是大约一分钟后它会在某些层上输出Download complete
。 When all layers outputs Download complete
. 当所有图层输出
Download complete
。 Pull results then like Unexpected EOF
. 拉结果然后像
Unexpected EOF
。
Infrastructure goes like this: 基础设施如下:
Proxy load balancer -----> gitlab registry | | Another proxy load balancer -----> Gitlab
Docker login and push works fine. Docker登录和推送工作正常。 The problem is with pull.
问题在于拉动。
root@server:~# docker pull registry.dalten.com/docker/php5.6-cli/image
Using default tag: latest
latest: Pulling from docker/php5.6-cli/image
10a267c67f42: Already exists
370377701f89: Pulling fs layer
455c73a122bc: Pulling fs layer
2cdcd82f5338: Pulling fs layer
3ac634f20449: Waiting
a19eeb6546ae: Waiting
4ca536f5a464: Waiting
4788559f39db: Waiting
cc1917e72a80: Waiting
42feb0ca362a: Pull complete
f74f29b91bbc: Pull complete
d104213bfd22: Pull complete
6db9d2d35d48: Pull complete
806b8ac2f0b7: Pull complete
661bb76178ac: Pull complete
3727be25d45f: Pull complete
04fed213644a: Pull complete
a78f18e044f7: Pull complete
849a2f576c66: Pull complete
259300decf26: Pull complete
0d9f42b121be: Pull complete
2483d273017a: Pull complete
3dfaf57e1d54: Pull complete
92fbf8438206: Pull complete
7d5100ec575c: Pull complete
52b1dff7320d: Pull complete
500fa7f84392: Pull complete
aff937c2773b: Pull complete
92f8bc1201f3: Pull complete
Digest: sha256:d3d06d2cebd333af21565639503ddded64db47d5641ee9ff93167200b5fcad7a
Status: Downloaded newer image for registry.dalten.com/docker/php5.6-cli/image:latest
docker pull registry.dalten.com/docker/php5.6-cli/image
Using default tag: latest
latest: Pulling from docker/php5.6-cli/image
10a267c67f42: Already exists
370377701f89: Pulling fs layer
455c73a122bc: Pulling fs layer
2cdcd82f5338: Pulling fs layer
3ac634f20449: Waiting
a19eeb6546ae: Waiting
a19eeb6546ae: Downloading 4.398 MB/4.398 MB
4788559f39db: Downloading 102.6 MB/102.6 MB
cc1917e72a80: Download complete
42feb0ca362a: Download complete
f74f29b91bbc: Download complete
d104213bfd22: Download complete
6db9d2d35d48: Download complete
806b8ac2f0b7: Download complete
661bb76178ac: Download complete
3727be25d45f: Download complete
04fed213644a: Download complete
a78f18e044f7: Download complete
849a2f576c66: Download complete
259300decf26: Download complete
0d9f42b121be: Download complete
2483d273017a: Downloading 24.12 MB/24.12 MB
3dfaf57e1d54: Download complete
92fbf8438206: Download complete
7d5100ec575c: Download complete
52b1dff7320d: Download complete
500fa7f84392: Download complete
aff937c2773b: Download complete
92f8bc1201f3: Download complete
unexpected EOF
sudo docker login registry.dalten.com
Username (xxxxxx):
Password:
Login Succeeded
sudo docker push registry.dalten.com/docker/php5.6-cli/image
The push refers to a repository [registry.dalten.com/docker/php5.6-cli/image]
d8b353eb3025: Pushed
f2e85bc0b7b1: Pushed
fc9e1e5e38f7: Pushed
fe9a3f9c4559: Pushed
6a8bf8c8edbd: Pushed
latest: digest: sha256:ea1d854d38be82f54d39efe2c67000bed1b03348bcc2f3dc094f260855dff368 size: 1357
Configurations contains docker-compose.yml files which I use for running services. 配置包含我用于运行服务的docker-compose.yml文件。 Gitlab is running fine.
Gitlab运行正常。 Every configuration works.
每个配置都有效。 The only problem is with registry.
唯一的问题是注册表。
Another thing is that registry works while in insecured state. 另一件事是注册表在不安全的状态下工作。 The problem must be hidden somewhere inside load balancer (nginx) configuration.
必须在负载均衡器(nginx)配置内的某处隐藏该问题。 (Some header has not been sent, limit exceeded, or so)
(某些标头尚未发送,超出限制,或者等)
Note: I cutted compose of irrelevant information 注意:我削减了无关信息
version: '2'
services:
registry:
image: registry:latest
environment:
REGISTRY_AUTH_TOKEN_ISSUER: gitlab-issuer
REGISTRY_AUTH_TOKEN_REALM: https://git.dalten.cz/jwt/auth
REGISTRY_AUTH_TOKEN_SERVICE: container_registry
REGISTRY_LOG_LEVEL: debug
REGISTRY_STORAGE_DELETE_ENABLED: 'true'
REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE: /certs/fullchain.pem
REGISTRY_HTTP_SECRET: secret
volumes:
- /mnt/storage/srv/gitlab1/data/shared/registry:/registry
- /mnt/storage/srv/gitlab1/certs:/certs
ports:
- 5000:5000/tcp
gitlab:
image: sameersbn/gitlab:latest
hostname: git.dalten.cz
environment:
GITLAB_REGISTRY_ENABLED: 'true'
GITLAB_REGISTRY_HOST: registry.dalten.com
GITLAB_REGISTRY_API_URL: http://registry:5000
GITLAB_REGISTRY_ISSUER: gitlab-issuer
GITLAB_REGISTRY_CERT_PATH: /certs/fullchain.pem
GITLAB_REGISTRY_KEY_PATH: /certs/privkey.pem
volumes:
- /mnt/storage/srv/gitlab1/certs:/certs
- /mnt/storage/srv/gitlab1/data:/home/git/data/
ports:
- 8643:80/tcp
- 1022:22/tcp
version: '2'
services:
nginx:
image: sameersbn/nginx:1.10.3
volumes:
- /srv/nginx/sites-enabled:/etc/nginx/sites-enabled
- /mnt/storage/lb/letsencrypt:/etc/nginx/ssl
ports:
- 80:80/tcp
- 443:443/tcp
I use Nginx for my reverse proxy configuration (Load Balancer). 我使用Nginx进行反向代理配置(Load Balancer)。 There are stored all certificates for https traffic.
存储了https流量的所有证书。
# For versions of Nginx > 1.3.9 that include chunked transfer encoding
# support Replace with appropriate values where necessary
upstream docker-registry {
server 10.126.0.242:5000;
}
server {
listen 80;
server_name registry.dalten.com
return 301 https://$http_host:$request_uri;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
}
server {
listen 443 default_server;
server_name registry.dalten.com
add_header Docker-Distribution-Api-Version registry/2.0 always;
ssl on;
ssl_certificate /etc/nginx/ssl/live/registry.dalten.com/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/live/registry.dalten.com/privkey.pem;
ssl_session_timeout 5m;
client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image
uploads
# required to avoid HTTP 411: see Issue #1486
# (https://github.com/dotcloud/docker/issues/1486)
chunked_transfer_encoding on;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header Docker-Distribution-Api-Version registry/2.0;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location /
{
# let Nginx know about our auth file
proxy_pass http://docker-registry;
proxy_set_header Host $host; # required for docker client's sake
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /_ping {
proxy_pass http://docker-registry;
}
location /v1/_ping {
proxy_pass http://docker-registry;
}
location /v2/ {
# To add basic authentication to v2 use auth_basic setting plus
# add_header
add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always;
proxy_pass http://docker-registry;
proxy_set_header Host $http_host; # required for docker client's sake
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 900;
}
}
If you require any more logs feel free to ask! 如果您需要更多日志,请随时询问!
Problem solved by adding proxy_max_temp_file_size 0;
通过添加
proxy_max_temp_file_size 0;
解决问题proxy_max_temp_file_size 0;
inside nginx virtual host configuration! 在nginx内部虚拟主机配置!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.