Error logging in to v2 endpoint trying next endpoint



Docker login working only with daemon but not with Docker active service

I have been trying to set up nexus3 as private registry for the Docker images with nginx serving as a reverse proxy for nexus3.

I have been encountering all types of error ranging from Forbidden to Connection Refused and have tried all reference steps.

Below are my configurations.

I have set up a self-signed certificate (orgnexus.crt) with key (orgnexus.key) and used the same as reverse proxy with nginx.

Nexus is configured with port 4444 and the docker hosted repo configured with https port 6666. Nexus is configured to run on «server908» while docker is running on «server446»

Below is the configuration for nginx.

The same cert (orgnexus.crt) has been imported to the docker server at location /etc/docker/certs.d/server.int.org.com:6666.

Copied the nexus cert file (orgnexus.crt) to «server446» at location /etc/pki/ca-trust/source/anchors/server.int.org.com.crt

We are running docker version 1.12.6 and nexus 3.2.1-01.

The issue here comes when the docker service is active.

But when we run docker daemon manually with the docker service down, the same command goes through successfully.

«dockertest» is the username at «server446» .

Below is the docker info logs.

When Daemon run manually with Docker client service down

With Docker client service up.

Within daemon logs(/var/log/daemon.log) I notice this .

Where I am going wrong? Is it something related to docker group permissions or nginx or the configurations? I suspect the request (from docker client machine) is not reaching to nginx (server908) and is revolving between docker client and daemon.

Источник

Couldn’t login to docker hub. Error — login attempt to https://hub.docker.com/v2/ failed with status: 404 Not Found #34872

Comments

Description
couldn’t able to login to docker hub.
I have tested this against Fedora 25/26.
The below command is working fine in Ubuntu 16.04
$ docker login —username abc —password xxx https://hub.docker.com
WARNING! Using —password via the CLI is insecure. Use —password-stdin.
Error response from daemon: login attempt to https://hub.docker.com/v2/ failed with status: 404 Not Found

I start docker using the below command
$ sudo systemctl start docker

$ docker —version
Docker version 17.09.0-ce-rc1, build ae21824

$ docker-machine —version
docker-machine version 0.12.2, build 9371605

Steps to reproduce the issue:
1.create account in docker-hub https://hub.docker.com/.
2.login into docker hub account using terminal in ubuntu 16.04. This will work as expected.
$ docker login —username abc —password xxx https://hub.docker.com
3.login into docker hub account using terminal in Fedora 25/26.It fails.

Describe the results you received:

$ docker login —username abc —password xxx https://hub.docker.com
WARNING! Using —password via the CLI is insecure. Use —password-stdin.
Error response from daemon: login attempt to https://hub.docker.com/v2/ failed with status: 404 Not Found

Describe the results you expected:
login is expected to be succeded

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version :

Output of docker info :

Additional environment details (AWS, VirtualBox, physical, etc.):
physical — Fedora 25/26

The text was updated successfully, but these errors were encountered:

Docker Hub is the default registry, so there’s no need to specify the registry (i.e., just docker login —username . is sufficient).

Читайте также:  Empire earth error runtime error

However, the reason you’re getting this error, is because hub.docker.com is the domain of the Docker Hub website, not the registry backing Docker Hub; the registry is located at index.docker.io, (e.g. docker login index.docker.io ).

Closing because this is not a bug, but feel free to continue the conversation

hi @thaJeztah
Below is the error I am getting when I don’t specify the docker registry.

Could you please check at your end if this is the case?

That last message looks correct if the username or password is incorrect

@thaJeztah I’ve verified the username and password and it is correct but still I see the error in Fedora 25 or 26 but login is successful in Ubuntu 16.04.

Can you please check in any fedora 25/26 machine whether it works fine as expected?

@thaJeztah did you get the chance to verify the steps on Fedora 25/26?

Looks to work for me;

  • if your username has an uppercase letter, use all lowercase (the docker hub login page automatically transforms to lowercase, but the cli does not)
  • try removing or renaming your

/.docker/config.json CLI configuration file

surprisingly my laptop doesn’t have

/.docker/config.json CLI configuration file.

Iam also facing the same issue The command docker login jfrog.xxxxx.xxxxxx returns this error
Error response from daemon: login attempt to https://jfrog.xxxx.xxxxx/v2/ failed with status: 404 Not Found

«It concatenates v2 to the URL I am trying to access». The URL is valid and repository used to store the dockers is jfrog.

THe log file of docker at /var/log/upstart/docker.log reads
time=»2017-10-06T19:43:17.892166362+05:30″ level=info msg=»Error logging in to v2 endpoint, trying next endpoint: login attempt to https://jfrog.xxxx.xxxx/v2/ failed with status: 404 Not Found»

@thaJeztah — I think we shouldn’t close this issue since others facing the same issue. Could you please check why different systems login into different URLs?

If a 404 is returned by the registry, that means the registry is not conforming to the registry V2 specification; https://github.com/docker/distribution/blob/master/docs/spec/api.md#api-version-check

API Version Check

A minimal endpoint, mounted at /v2/ will provide version support information
based on its response statuses. The request format is as follows:

If a 200 OK response is returned, the registry implements the V2(.1)
registry API and the client may proceed safely with other V2 operations.
Optionally, the response may contain information about the supported paths in
the response body. The client should be prepared to ignore this data.

If a 401 Unauthorized response is returned, the client should take action
based on the contents of the «WWW-Authenticate» header and try the endpoint
again. Depending on access control setup, the client may still have to
authenticate against different resources, even if this check succeeds.

If 404 Not Found response status, or other unexpected status, is returned,
the client should proceed with the assumption that the registry does not
implement V2 of the API.

When a 200 OK or 401 Unauthorized response is returned, the
«Docker-Distribution-API-Version» header should be set to «registry/2.0».
Clients may require this header value to determine if the endpoint serves this
API. When this header is omitted, clients may fallback to an older API version.

It’s possible the registry only implements V1 (or has not been configured to use the V2 specification, in which case the daemon has to be configured to support legacy registries (using the —disable-legacy-registry=false option on the daemon)

If that doesn’t work, I suggest opening a ticket with JFrog / Artifactory

Источник

Registry misbehaving #1815

Comments

I am currently experiencing a problem with the installation of a private docker register connected to sameersbn Gitlab.

I use Traefik reverse proxy with the Gitlab container and the registry.

I already add the registry in insecure registries.

When i logging in via https://registry.domain.tld:5000 I encountered a «Connection refused» error message.

When i logging in via http://registry:5000 I encountered a «Server misbehaving» error message.

This is my files :

Thanks you in advance 🙂

The text was updated successfully, but these errors were encountered:

I found people having the same misbehaving registry error.
After a while or reboot the error disappears.

It’s not my case.

If anyone could add a new look to my config 🙏

One month later and still blocked.
I can’t figure out the problem.
UP 🙏

Hello, did you find a workaround ?

I have a similar use case trying to proxy gitlab’s registry though traefik over https but I must admit I am kind of consused on the architecture.

The registry container itself exposes its service through port 5000 if I’m correct. Gitlab’s registry management is setting a nginx vhost proxy linked to the registry container on port 5000 right ? I guess that the GITLAB_REGISTRY_API_URL=http://registry:5000 env for the gitlab container is aimed to.

What I’m asking myself is if we handle registry entrypoint with Traefik, doe’s the nginx vhost is still required by gitlab ? Maybe for it’s authentication against registry with the auth token ?

I give you some update,
I finally resolve my error yesterday.

The point was, the certs used by both gitlab and registry where owned by root user whereas it had to be owned by gitlab container git user.

Fixed by doing this :

docker exec -it gitlab bash

chown git:git -R /certs

Footer

© 2023 GitHub, Inc.

You can’t perform that action at this time.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.

Источник

not able push image to harbor project #10721

Comments

i install harbor with http also with https ..add users and so on via AD.

i want to push image via cmd but:

]$ docker push harbor-test.xxx.xx/test/wiki:test
The push refers to repository [harbor-test.xxx.xx/test/wiki]
Get https://harbor-test.xxx.xx/v2/: Service Unavailable
[xxx@harbor-test

The text was updated successfully, but these errors were encountered:

[root@harbor-test log]# tail -f messages | grep -i «docker|push»
Feb 13 15:24:42 harbor-test dockerd[22837]: time=»2020-02-13T15:24:42.563446000+01:00″ level=info msg=»Attempting next endpoint for push after error: Get https://harbor-test.xxx.xx/v2/: Service Unavailable»
Feb 13 15:25:43 harbor-test dockerd[22837]: time=»2020-02-13T15:25:43.092266500+01:00″ level=info msg=»Attempting next endpoint for push after error: Get https://harbor-test.xxx.xx/v2/: Service Unavailable»
Feb 13 15:25:55 harbor-test dockerd[22837]: time=»2020-02-13T15:25:55.534373900+01:00″ level=info msg=»Attempting next endpoint for push after error: Get https://harbor-test.xxx.xx/v2/: Service Unavailable»

in harbor /var/log/harbor i do not find nothing relevant,,

also i am not able login :

]$ docker login https://harbor-test.xxx.xx
Username: xx
Password:
Error response from daemon: Get https://harbor-test.xxx.xx/v2/: Service Unavailable

Hi,
have you added the harbor certificate in your docker client? thanks.

Источник

helm push defaulting to oci:// #109

Comments

Description

Helm Push issue since Helm v3.7.0 was released on September 15th 2021:
Error: scheme prefix missing from remote (e.g. «oci://»)

Steps

Problem Details

Getting an error OOTB

Setting the env variable HELM_EXPERIMENTAL_OCI results in the issue (tried value 0 and 1)

The text was updated successfully, but these errors were encountered:

Yeah I’m getting this too!

In the Helm 3.7.0 changelog there is a change that may be the cause of this:

helm chart push has been replaced with helm push

That’s right, the helm push command might be integrated within helm now.

But when I tried without installing the helm-push plugin, I am still getting the same issue.

Attempted to use the Docker registry image instead of ChartMuseum, which seems to be recommended by the documentation, but getting another error:

Maybe that would work for you, and it is just an issueon my side now?

Same issue for me, when doing helm push with the latest Helm version it the built-in command, instead of the ChartMuseum helm-push , which doesn’t work with ChartMuseum registries like Harbor.

We need a new release of this plugin which doesn’t collide with the built-in command to have it working again.

I wrote a small script with contacts the ChartMuseum API directly as a workaround:

Feel free to modify as needed.

Guys, I opened a PR trying to solve this issue.

It works for me, so maybe you can use: #110

To install my plugin version(that is the same of official, just changing the caller command), just install from my fork.

And change the command from helm push to helm legacy-push

Some of us are still using Helm 3.6.* due to bugs in Helm 3.7.0. If we do change the plugin name/helm command please ensure that there is a major increment in the plugin version to signal the introduction of a breaking change.

I’m concerned that the Helm project released this breaking functionality despite chartmuseum not being updated to support the new standard and name change. chartmuseum is a popular, well-known, and widely adopted tool. What can we do to ensure that the chartmuseum and helm developers collaborate more closely so that this doesn’t happen again?

A different drop-in-replacement for those willing to upgrade to Helm 3.7.0 is to use helm-push ‘s plugin binary directly.

Closing this issue as it was resolved in chartmuseum/helm-push version v0.10.0: https://github.com/chartmuseum/helm-push/releases/tag/v0.10.0

The solution is that from Helm v3.7.0 to be using the plugin ChartMuseum Push v0.10.0 used with: helm cm-push

Источник

Оцените статью
toolgir.ru
Adblock
detector