lotto24 / aws-ecr-http-proxy Goto Github PK

Thank for sharing aws-ecr-http-proxy.

When I do docker push an error occurred.

error parsing HTTP 400 response body: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>openresty/1.13.6.1</center>\r\n</body>\r\n</html>\r\n"

I have no idea why suddenly all swarm nodes started to do this.
Manual testing returned timeout.
Error response from daemon: Get http://localhost:5000/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
Testing with postman returned valid responses.
esailors/aws-ecr-http-proxy:latest is deployed in single container with 5000 port published as ingress (to all nodes).

Where the nginx stores the cached images? I want to mount an ebs volume to it

Hi,
I using Kubernetes in AWS, but I would like to expose some docker images for people in my office.
I would like to use your software with IAM Role instead of pass AWSKey and AWSSecret to the Docker. is there any chance to configure without AWSKey.

Currently, Docker doesn't want to start when I don't provide the AWSKey

+ '[' -z xxxxxxxxxx.dkr.ecr.eu-west-1.amazonaws.com ]
+ '[' -z 5000 ]
+ '[' -z 8.8.8.8 ]
+ '[' -z eu-west-1 ]
+ '[' -z  ]
+ '[' -z  ]
+ echo 'AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY not set.'
+ exit 1
AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY not set.

any guidance on how to completely disable the caching feature? woud setting CACHE_MAX_SIZE to 0 work?

I am using ecr proxy to connect Apache Camel K, it seems can not find V2 path.

http://ecr-proxy.dev-support:80/v2/: unexpected status code 404 Not Found: 404 page not found\n"

When I try to login, same error:
docker login ecr-proxy.dev-support:80
Username: admin
Password:
Error response from daemon: login attempt to http://ecr-proxy.dev-support:80/v2/ failed with status: 404 Not Found

Any suggestion ?

Hi - could you add a simple endpoint /ping or /health or /healthz/readiness / /healthz/liveness so that the image can run under k8s with health checking?

This is great but what I would like to do is have support for more than one AWS account. I would prefer to provide it profiles and have each profile updated and cached.

This is currently possible but you would need to have an instance for every profile you wanted to use. I want a single instance of this with multiple profiles.

I do plan to look into adding this support. Will let you know what I find

Can I develop with this locally before hosting it on a live remote proxy server? Is there a doc (I can't find one) on how to test this locally? When I run locally my docker image builds but I get error message:

are not shared from OS X and are not known to Docker.

When I reduce the docker build command to only specify the following, the docker image runs:

docker run -d --name docker-registry-proxy --net=host \
  -v /tmp/dockerdbg/cache:/cache \
  -e PORT=5000 \
  -e RESOLVER=8.8.8.8 \
  -e UPSTREAM=https://<AWS address>.amazonaws.com \
  -e AWS_ACCESS_KEY_ID=<my access key> \
  -e AWS_SECRET_ACCESS_KEY<my secret access key> \
  -e AWS_REGION=us-east-1 \
  -e ENABLE_SSL=false \
  esailors/aws-ecr-http-proxy:latest

But I dont get a response when I try to query.

For IPV4 I make the most promising results:
->docker pull <my IPV4>:5000/<my model name>:<tag>
->Error response from daemon: Get https://<my IPV4>:5000/v2/: Service Unavailable

The health check keeps checking localhost:443 (where I have it running), which the certificates don't include for use.
It works when using the proper service name, but fails for localhost.

I'd suggest an ENV variable that default to localhost, but can use the FQDN provided.

Is it possible in some way to use a http-proxy to fetch the images?