Remove docker v1 registry proxy from our mirrors
Docker has long planned to turn this off and it appears that they have done so. Planning details can be found at: https://www.docker.com/blog/registry-v1-api-deprecation/ Removing this simplifies our configs as well as testing. Do this as part of good hygiene. Change-Id: I11281167a87ba30b4ebaa88792032aec1af046c1
This commit is contained in:
Clark Boylan
parent
ef94bf7645
commit
9b6398394d
@ -7,11 +7,6 @@ NameVirtualHost *:8080
|
|||||||
Listen 4443
|
Listen 4443
|
||||||
NameVirtualHost *:4443
|
NameVirtualHost *:4443
|
||||||
|
|
||||||
Listen 8081
|
|
||||||
NameVirtualHost *:8081
|
|
||||||
Listen 4444
|
|
||||||
NameVirtualHost *:4444
|
|
||||||
|
|
||||||
Listen 8082
|
Listen 8082
|
||||||
NameVirtualHost *:8082
|
NameVirtualHost *:8082
|
||||||
Listen 4445
|
Listen 4445
|
||||||
@ -329,74 +324,6 @@ ErrorLogFormat "[%{cu}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% , \
|
|||||||
Use ProxyMirror 4443
|
Use ProxyMirror 4443
|
||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
|
|
||||||
# Docker registry v1 proxy.
|
|
||||||
<Macro Dockerv1Mirror $port>
|
|
||||||
# Disable directory listing by default.
|
|
||||||
<Directory />
|
|
||||||
Order Deny,Allow
|
|
||||||
Deny from all
|
|
||||||
Options None
|
|
||||||
AllowOverride None
|
|
||||||
</Directory>
|
|
||||||
|
|
||||||
ErrorLog /var/log/apache2/proxy_$port_error.log
|
|
||||||
LogLevel warn
|
|
||||||
CustomLog /var/log/apache2/proxy_$port_access.log combined-cache
|
|
||||||
ServerSignature Off
|
|
||||||
|
|
||||||
# Caching reverse proxy for things that don't make sense in AFS
|
|
||||||
#
|
|
||||||
# General cache rules
|
|
||||||
CacheRoot "/var/cache/apache2/proxy"
|
|
||||||
CacheDirLevels 5
|
|
||||||
CacheDirLength 2
|
|
||||||
# SSL support
|
|
||||||
SSLProxyEngine on
|
|
||||||
# Prevent thundering herds.
|
|
||||||
CacheLock on
|
|
||||||
CacheLockPath "/tmp/mod_cache-lock"
|
|
||||||
CacheLockMaxAge 5
|
|
||||||
# 5GiB
|
|
||||||
CacheMaxFileSize 5368709120
|
|
||||||
# Ignore expire headers as the urls use sha256 hashes.
|
|
||||||
CacheIgnoreQueryString On
|
|
||||||
# NOTE(pabelanger): In the case of docker, if neither an expiry date nor
|
|
||||||
# last-modified date are provided default expire to 1 day. This is up from
|
|
||||||
# 1 hour.
|
|
||||||
CacheDefaultExpire 86400
|
|
||||||
CacheStoreExpired On
|
|
||||||
|
|
||||||
# registry-1.docker.io
|
|
||||||
CacheEnable disk "/registry-1.docker"
|
|
||||||
ProxyPass "/registry-1.docker/" "https://registry-1.docker.io/" ttl=120 keepalive=On retry=0
|
|
||||||
ProxyPassReverse "/registry-1.docker/" "https://registry-1.docker.io/"
|
|
||||||
|
|
||||||
# dseasb33srnrn.cloudfront.net
|
|
||||||
CacheEnable disk "/cloudfront"
|
|
||||||
ProxyPass "/cloudfront/" "https://dseasb33srnrn.cloudfront.net/" ttl=120 keepalive=On retry=0
|
|
||||||
ProxyPassReverse "/cloudfront/" "https://dseasb33srnrn.cloudfront.net/"
|
|
||||||
|
|
||||||
# production.cloudflare.docker.com
|
|
||||||
CacheEnable disk "/cloudflare"
|
|
||||||
ProxyPass "/cloudflare/" "https://production.cloudflare.docker.com/" ttl=120 keepalive=On retry=0
|
|
||||||
ProxyPassReverse "/cloudflare/" "https://production.cloudflare.docker.com/"
|
|
||||||
</Macro>
|
|
||||||
|
|
||||||
<VirtualHost *:8081>
|
|
||||||
ServerName {{ apache_server_name }}:8081
|
|
||||||
ServerAlias {{ apache_server_alias }}:8081
|
|
||||||
|
|
||||||
Use Dockerv1Mirror 8081
|
|
||||||
</VirtualHost>
|
|
||||||
|
|
||||||
<VirtualHost *:4444>
|
|
||||||
ServerName {{ apache_server_name }}:4444
|
|
||||||
ServerAlias {{ apache_server_alias }}:4444
|
|
||||||
|
|
||||||
Use SSLConfig
|
|
||||||
Use Dockerv1Mirror 4444
|
|
||||||
</VirtualHost>
|
|
||||||
|
|
||||||
# Docker registry v2 proxy.
|
# Docker registry v2 proxy.
|
||||||
<Macro Dockerv2Mirror $port>
|
<Macro Dockerv2Mirror $port>
|
||||||
# Disable directory listing by default.
|
# Disable directory listing by default.
|
||||||
|
|||||||
@ -51,28 +51,6 @@ def test_proxy_mirror(host):
|
|||||||
"http://[%s]:8080/pypi/simple/setuptools" % addr)
|
"http://[%s]:8080/pypi/simple/setuptools" % addr)
|
||||||
assert 'setuptools' in cmd.stdout
|
assert 'setuptools' in cmd.stdout
|
||||||
|
|
||||||
def test_dockerv1_mirror(host):
|
|
||||||
# Dockerv1Mirror
|
|
||||||
for addr in host.addr(host.backend.host).ipv4_addresses:
|
|
||||||
cmd = host.run("wget --no-check-certificate -O- "
|
|
||||||
"https://%s:4444/registry-1.docker" % addr)
|
|
||||||
# TODO assert that this proxy cache is working more properly
|
|
||||||
assert '403 Forbidden' in cmd.stderr
|
|
||||||
|
|
||||||
cmd = host.run("wget -O- http://%s:8081/registry-1.docker" % addr)
|
|
||||||
# TODO assert that this proxy cache is working more properly
|
|
||||||
assert '403 Forbidden' in cmd.stderr
|
|
||||||
|
|
||||||
for addr in host.addr(host.backend.host).ipv6_addresses:
|
|
||||||
cmd = host.run("wget --no-check-certificate -O- "
|
|
||||||
"https://[%s]:4444/registry-1.docker" % addr)
|
|
||||||
# TODO assert that this proxy cache is working more properly
|
|
||||||
assert '403 Forbidden' in cmd.stderr
|
|
||||||
|
|
||||||
cmd = host.run("wget -O- http://[%s]:8081/registry-1.docker" % addr)
|
|
||||||
# TODO assert that this proxy cache is working more properly
|
|
||||||
assert '403 Forbidden' in cmd.stderr
|
|
||||||
|
|
||||||
def test_dockerv2_mirror(host):
|
def test_dockerv2_mirror(host):
|
||||||
# Dockerv2Mirror
|
# Dockerv2Mirror
|
||||||
for addr in host.addr(host.backend.host).ipv4_addresses:
|
for addr in host.addr(host.backend.host).ipv4_addresses:
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user