I'm setting up a private docker registry, which I'm accessing via an nginx proxy. Am able to connect to the registry, but cannot push an image to it.
Here's the response that I'm getting from the docker Push command.
error parsing HTTP 413 response body: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>413 Request Entity Too Large</title></head>\r\n<body>\r\n<center><h1>413 Request Entity Too Large</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n"
The proxy that I'm running is using nginx, and takes care of the SSL Stuff.
Here's my nginx.conf file
worker_processes 1;
events { worker_connections 1024; }
http {
client_max_body_size 0;
sendfile on;
upstream registry {
server linux.lan.local:5000;
}
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
server {
listen 80;
server_name registry.cjdawson.com;
location / {
proxy_pass http://linux.lan.local:5000;
proxy_redirect off;
}
}
server {
listen 443;
server_name registry.cjdawson.com;
location / {
proxy_pass http://linux.lan.local:5000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_redirect off;
}
}
}
As you can see, I do have the entry
client_max_body_size 0;
which is supposed to be the normal answer to being able to upload large files. indeed, I'm using this successfully with other services that I'm running behind other proxies. (The nginx proxy is running as in Kubernetes as an ingress, which takes care of the SSL Stuff for me.)
In summary, I'm able to log into the registry via the proxy using the docker login command. The push is failing to upload the image.
Any ideas?
In case someone asks about my docker registry setup, here's my docker-compose.
version: '3.1'
services:
registry-server:
image: registry:2.8.2
restart: always
ports:
- 5000:5000
environment:
REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
volumes:
- ./registry/data:/var/lib/registry
- ./registry/config.yml:/etc/docker/registry/config.yml:ro
- ./registry/auth:/auth
container_name: registry-server
registry-ui:
image: joxit/docker-registry-ui:main
restart: always
ports:
- 8080:80
environment:
- REGISTRY_URL=http://linux.lan.local:5000
- DELETE_IMAGES=true
container_name: registry-ui
So what's supposed to be happening is as follows....
Docker on the client connected to registry.cjdawson.com using SSL (port 443) The encryption is removed by the proxy, and the body is forwarded on to linux.lan.local:5000 which is running the registry.
update: I decided to see if I can bypass the proxy as a test, and can confirm that images can be uploaded successfully to the registy when sent directly to linux.lan.local. However, it's not internet facing and I have to tweak my docker install to be able to interact via http.
