Closed lordelph closed 8 years ago
lordelph
commented
8 years ago After I fixed that, I can see other things going wrong, and reviewing the install docs I can see things changed for how TLS is setup - I'll take nginx out of the equation and setup a standalone v2 registry and try this again!
lordelph
commented
8 years ago Closing - I set up a standalone v2 registry using TLS and basic authentication as documented here and the migration worked.
mbentley
commented
8 years ago Thanks for following up on your issue so thoroughly. Setting up everything natively in the single container is certainly ideal since that is one less hop everything has to go through. Just for future reference, I think the problem that you were seeing was due to this missing line in your nginx config:
https://github.com/docker/distribution/blob/89bedf1e7fdda9f7e8814e4d53947d8116b7a36f/contrib/compose/nginx/registry.conf#L32
add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always;
This header should be present always even if authentication fails as it is used for other checks from the engine as well I believe.
I'm running docker 1.9.1 and migrating from an old registry to v2.2.1 registry. The migrator pulls in all the images from the old repository, but fails to recognize the v2 repository is present
The registry is running behind an nginx front end which provides the SSL termination. I can access it in a browser, and if I provide the username and password, I can request https://docker2.example.com:5000/v2/ and get a
{}response, with aDocker-Distribution-Api-Version: registry/2.0header.If I look at what the migrate script is doing, in my nginx logs, I can see a HEAD request for /v2/ failing with a 401, indicating no credentials supplied - this request is made here https://github.com/docker/migrator/blob/master/migrator.sh#L456, and tracing back the V2_OPTIONS doesn't appear to use the V2_USERNAME or V2_PASSWORD