Closed frankp-squire closed 2 years ago
Can you please provide move information surrounding what error you are experiencing that makes you think you are being blocked?
It is a bit of an assumption on my part that we are blacklisted. We are getting the toomanyrequests: You have reached your pull rate limit.
message, even though there should be no pull requests from this VPC (aside from the hosts currently in question).
For some more context, I'm trying to deploy the base/sample docker application with Elastic Beanstalk, provided by AWS. As part of that initial deployment, it apparently pulls an image(s) from Docker Hub, but fails due to the rate limit. I'm wondering if whoever had that public IP previously had abused it?
Thanks again for the help.
There seems to be multiple things going on behind the IP you provided, but let me share some background about rate limiting and then I will detail the issue you are seeing.
Firstly, the error you posted of toomanyrequests: You have reached your pull rate limit
is an error message from the Docker Hub Rate Limiting we rolled out in November 2020. Each unauthenticated client gets 100 image pulls from Docker Hub per 6-hour time window. If you authenticate your image pull to Docker Hub then you get 200 image pulls (even on a Personal Plan). Once you have a Pro/Team/Business plan and you authenticate your requests, then you receive unlimited image pulls (up to our anti-abuse policies).
Now to the specific error message you are getting. When I look at the IP you provided, I see a lot of unauthenticated requests and then a lot of rate-limited requests for May 24th (yesterday as of this writing).
The same thing is continuing to happen today, so I don't think it is a bad public IP that you inherited:
They seem to be for the image prefecthq/prefect:0.15.13-python3.8
. Does that ring a bell?
If so, I recommend modifying whatever script you have to fail when the request errors (the 401 errors) and backoff when a 429 response code is received.
I hope this information helps!
Thank you- this is extremely helpful. We definitely have a problematic script that needs to be shut down. Thanks again!
Hello,
Can you please check for any block/blacklisting of 54.151.48.213? This is the EIP on our NAT Gateway. Thanks very much in advance!
Frank