Join Log in
Score:2
avatar Server

`registry-mirrors` with Harbor as pull-through registry cache

ar flag
mimo

I am trying to configure Harbor as a pull-through registry linked to Docker hub.

While I manage to pull images by prefixing them per the doc, I cannot make it work by using the registry-mirrors Docker daemon parameter: Commands such as docker pull mysql still download the layers from docker.io.

Client config

Docker version: 20.10.8

/etc/docker/daemon.log:

{
  "registry-mirrors": ["https://harbor.example.com"]
}

Harbor config

  • Harbor v2.3.1
  • Installed using docker-compose
  • In the Harbor interface:
    • Registries \ New endpoint: Created endpoint with "Docker Hub" as provider.
    • Projects \ New project: Set name to proxy, ticked "Proxy Cache" and selected the above endpoint.

Test 1: Pull image with prefix:

$ docker pull harbor.example.com/proxy/library/mysql
Using default tag: latest
latest: Pulling from proxy/library/mysql
33847f680f63: Already exists 
5cb67864e624: Already exists 
1a2b594783f5: Already exists 
b30e406dd925: Already exists 
48901e306e4c: Already exists 
603d2b7147fd: Already exists 
802aa684c1c4: Already exists 
715d3c143a06: Pull complete 
6978e1b7a511: Pull complete 
f0d78b0ac1be: Pull complete 
35a94d251ed1: Pull complete 
36f75719b1a9: Pull complete 
Digest: sha256:8b928a5117cf5c2238c7a09cd28c2e801ac98f91c3f8203a8938ae51f14700fd
Status: Downloaded newer image for harbor.example.com/proxy/library/mysql:latest
harbor.example.com/proxy/library/mysql:latest

The second last line shows this is pulled from my repo as expected.

Test 2: Pull image without prefix:

$ docker pull mysql
Using default tag: latest
latest: Pulling from library/mysql
33847f680f63: Already exists 
5cb67864e624: Already exists 
1a2b594783f5: Already exists 
b30e406dd925: Already exists 
48901e306e4c: Already exists 
603d2b7147fd: Already exists 
802aa684c1c4: Already exists 
715d3c143a06: Pull complete 
6978e1b7a511: Pull complete 
f0d78b0ac1be: Pull complete 
35a94d251ed1: Pull complete 
36f75719b1a9: Pull complete 
Digest: sha256:8b928a5117cf5c2238c7a09cd28c2e801ac98f91c3f8203a8938ae51f14700fd
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest

This comes from docker.io instead of taking it from my registry! After the command above, I also see this line in /var/log/syslog:

Aug 11 15:54:57 myhost dockerd[12663]: time="2021-08-11T15:54:57.229516951+02:00" level=info msg="Attempting next endpoint for pull after error: unknown: repository library/mysql not found"

Since this suggests Docker tried my registry first, I suspect the problem is in the configuration of the registry and not in Docker. Perhaps in the path conventions used by Harbor...

Has anyone managed to pull images from a Harbor cache without having to manually prefix them?

775
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.