Project

Profile

Help

Issue #1256

The httpd configuration is not acceptable to the Docker client

Added by rbarlow about 6 years ago. Updated over 2 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
High
Assignee:
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version - Docker:
master
Platform Release:
2.8.0
Target Release - Docker:
2.0.0
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Description

There are a few issues with the httpd configuration for Docker v2:

  • Docker is written in Go and thus it suffers from this bug:
    https://github.com/golang/go/issues/5742
    We need to rework the httpd config so that it works around this limitation.
  • The default httpd configuration in Fedora uses mod_mime_magic, which adds content-type and content-encoding headers to
    the responses. These headers confuse the Docker client, so we should configure httpd not to do that for these paths.
  • The SSL options in the current config do not make much sense. They do things like exporting the client certificate into
    the environment, when this config only serves flat files. It also has strange client certificate settings when client
    certificates are not required for these views.
  • The Docker client may expect to see the Docker-Distribution-API-Version set to registry/2.0 on all requests.

Associated revisions

Revision 633977ad View on GitHub
Added by rbarlow about 6 years ago

Reconfigure the httpd vhost to better suit the Docker client.

This commit fixes a few issues with the httpd configuration for Docker v2:

  • Docker is written in Go and thus it suffers from this bug:

    https://github.com/golang/go/issues/5742

    This commit removes most SSL directives from the httpd configuration because they were causing httpd to want to renegotiate with the client (causing the issue), and they were unnecessary to begin with. The SSL options in the config did not make much sense. They did things like exporting the client certificate into the environment, when this config only serves flat files. It also had strange client certificate settings when client certificates are not required for these views.

  • The default httpd configuration in Fedora uses mod_mime_magic, which adds content-type and content-encoding headers to the responses. These headers confuse the Docker client, so this commit configures httpd not to do that for these paths.

  • The Docker client expects to see the Docker-Distribution-API-Version set to registry/2.0 on all requests.

https://pulp.plan.io/issues/1256

fixes #1256

Revision 633977ad View on GitHub
Added by rbarlow about 6 years ago

Reconfigure the httpd vhost to better suit the Docker client.

This commit fixes a few issues with the httpd configuration for Docker v2:

  • Docker is written in Go and thus it suffers from this bug:

    https://github.com/golang/go/issues/5742

    This commit removes most SSL directives from the httpd configuration because they were causing httpd to want to renegotiate with the client (causing the issue), and they were unnecessary to begin with. The SSL options in the config did not make much sense. They did things like exporting the client certificate into the environment, when this config only serves flat files. It also had strange client certificate settings when client certificates are not required for these views.

  • The default httpd configuration in Fedora uses mod_mime_magic, which adds content-type and content-encoding headers to the responses. These headers confuse the Docker client, so this commit configures httpd not to do that for these paths.

  • The Docker client expects to see the Docker-Distribution-API-Version set to registry/2.0 on all requests.

https://pulp.plan.io/issues/1256

fixes #1256

Revision 633977ad View on GitHub
Added by rbarlow about 6 years ago

Reconfigure the httpd vhost to better suit the Docker client.

This commit fixes a few issues with the httpd configuration for Docker v2:

  • Docker is written in Go and thus it suffers from this bug:

    https://github.com/golang/go/issues/5742

    This commit removes most SSL directives from the httpd configuration because they were causing httpd to want to renegotiate with the client (causing the issue), and they were unnecessary to begin with. The SSL options in the config did not make much sense. They did things like exporting the client certificate into the environment, when this config only serves flat files. It also had strange client certificate settings when client certificates are not required for these views.

  • The default httpd configuration in Fedora uses mod_mime_magic, which adds content-type and content-encoding headers to the responses. These headers confuse the Docker client, so this commit configures httpd not to do that for these paths.

  • The Docker client expects to see the Docker-Distribution-API-Version set to registry/2.0 on all requests.

https://pulp.plan.io/issues/1256

fixes #1256

Revision 633977ad View on GitHub
Added by rbarlow about 6 years ago

Reconfigure the httpd vhost to better suit the Docker client.

This commit fixes a few issues with the httpd configuration for Docker v2:

  • Docker is written in Go and thus it suffers from this bug:

    https://github.com/golang/go/issues/5742

    This commit removes most SSL directives from the httpd configuration because they were causing httpd to want to renegotiate with the client (causing the issue), and they were unnecessary to begin with. The SSL options in the config did not make much sense. They did things like exporting the client certificate into the environment, when this config only serves flat files. It also had strange client certificate settings when client certificates are not required for these views.

  • The default httpd configuration in Fedora uses mod_mime_magic, which adds content-type and content-encoding headers to the responses. These headers confuse the Docker client, so this commit configures httpd not to do that for these paths.

  • The Docker client expects to see the Docker-Distribution-API-Version set to registry/2.0 on all requests.

https://pulp.plan.io/issues/1256

fixes #1256

History

#1 Updated by rbarlow about 6 years ago

  • Description updated (diff)

#2 Updated by rbarlow about 6 years ago

  • Description updated (diff)

#3 Updated by rbarlow about 6 years ago

  • Status changed from ASSIGNED to POST

#4 Updated by mhrivnak about 6 years ago

  • Triaged changed from No to Yes

#5 Updated by rbarlow about 6 years ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100

#6 Updated by rbarlow about 6 years ago

  • Target Release - Docker changed from master to 2.0.0

#7 Updated by rbarlow almost 6 years ago

  • Status changed from MODIFIED to 5

#8 Updated by rbarlow over 5 years ago

  • Status changed from 5 to CLOSED - CURRENTRELEASE
  • Platform Release set to 2.8.0

#9 Updated by bmbouter over 2 years ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF