search

distribution / distribution

The toolkit to pack, ship, store, and deliver container content
https://distribution.github.io/distribution
Apache License 2.0
8.86k stars 2.46k forks source link

Registry S3 driver failed to upload images to Swift3 (S3 compatible API entry) with both v2 and v4 signature #2326

Closed HugoKuo closed 5 months ago

HugoKuo commented 7 years ago

In my testing with registry 2, 2.6, 2.6.1. The s3 drvier doesn't work properly with OpenStack Swift's S3 API.

With v2, the push image always got http: no Host in request URL error. 

root@ubuntu1404-base:~# docker push localhost:5000/bbox
The push refers to a repository [localhost:5000/bbox]
3a1dff9afffd: Pushing [==================================================>]  1.309MB
http: no Host in request URL

For S3 v4 signature, the Invalid path: http%3A//192.168.1.42%3A80/docker-s3/docker/reg one comes from the aws-go-sdk that we discovered and reported to aws-go-sdk before. It was fixed in aws-go-sdk 1.5+. I pulled the latest docker registry and it's using go sdk 1.2.4 which has this issue. The AWS S3 can handle the encoded path but not Swift's Swift3 API. https://github.com/aws/aws-sdk-go/issues/944

v2 signature registry instance configuration as below. 

root@ubuntu1404-base:~# cat registry-container/local-aws-config.yml
version: 0.1
log:
  level: debug
  accesslog:
    disabled: false
fields:
  service: registry
storage:
  cache:
    blobdescriptor: inmemory
  s3:
    accesskey: docker
    secretkey: 847093a6840a944244c69eedcf379e4a
    region: US
    regionendpoint: http://rrdns.openstack.com.tw
    bucket: docker-s3
    encrypt: false
    #keyid:
    secure: false
    v4auth: false
    chunksize: 5242880
    multipartcopychunksize: 33554432
    multipartcopymaxconcurrency: 100
    multipartcopythresholdsize: 33554432
    rootdirectory: /
http:
  addr: :5000
  headers:
    X-Content-Type-Options: [nosniff]
health:
  storagedriver:
    enabled: true
    interval: 10s
    threshold: 3

v4 signature registry instance configuration as below : 

version: 0.1
log:
  level: debug
  accesslog:
    disabled: false
fields:
  service: registry
storage:
  cache:
    blobdescriptor: inmemory
  s3:
    accesskey: docker
    secretkey: 847093a6840a944244c69eedcf379e4a
    region: us-east-1
    regionendpoint: rrdns.openstack.com.tw
    bucket: docker-s3
    encrypt: false
    #keyid:
    secure: false
    v4auth: true
    chunksize: 5242880
    multipartcopychunksize: 33554432
    multipartcopymaxconcurrency: 100
    multipartcopythresholdsize: 33554432
    rootdirectory: /
http:
  addr: :5000
  headers:
    X-Content-Type-Options: [nosniff]
health:
  storagedriver:
    enabled: true
    interval: 10s
    threshold: 3
HugoKuo commented 7 years ago

From the commits logs, the aws-go-sdk was bumped to 1.6+. We gave a quick test by building the registry binary from the master of this repository on mac. Then run the registry server from mac.

The s3 driver with v4 signature works for Swift's S3 API. May I know the release cycle of registry image in official docker hub?

charz commented 7 years ago

I just built docker registry with ws-sdk-go/1.6.12 and go1.8.1 on my mac and it's running well with v4auth: true. But I have the same issue in v4auth: false.

milosgajdos commented 5 months ago

Closing as wildly outdated. Besides, the Swift driver has been deprecated in the latest release and is no longer supported.