From e3170854f973bf32d4d63b59aee75df7510cffc9 Mon Sep 17 00:00:00 2001 From: "James E. Blair" Date: Thu, 21 Feb 2019 11:22:08 -0800 Subject: [PATCH] Fix docker registry proxy Our proxy was always returning 404 on content blobs because the CDN part of the proxy was not matching since it appeared after a greedier match. Change-Id: Ie88a0e1f554922f6328809b3d96266cc7a20152b --- .../openstack_project/templates/mirror.vhost.erb | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/modules/openstack_project/templates/mirror.vhost.erb b/modules/openstack_project/templates/mirror.vhost.erb index e1457760a8..a53bea84d7 100644 --- a/modules/openstack_project/templates/mirror.vhost.erb +++ b/modules/openstack_project/templates/mirror.vhost.erb @@ -390,13 +390,6 @@ LogFormat "%h %l %u %t \"%r\" %>s %b %{cache-status}e \"%{Referer}i\" \"%{User-a CacheDefaultExpire 86400 CacheStoreExpired On - # NOTE(SamYaple): Docker has historically not allowed to have anything in - # the URI, but it wasn't enforced until they started validating the config - # in docker-ce 17.10. Prior to that, it was working fine. - CacheEnable disk "/" - ProxyPass "/" "https://registry-1.docker.io/" ttl=120 keepalive=On retry=0 - ProxyPassReverse "/" "https://registry-1.docker.io/" - # dseasb33srnrn.cloudfront.net CacheEnable disk "/cloudfront" ProxyPass "/cloudfront/" "https://dseasb33srnrn.cloudfront.net/" ttl=120 keepalive=On retry=0 @@ -407,4 +400,12 @@ LogFormat "%h %l %u %t \"%r\" %>s %b %{cache-status}e \"%{Referer}i\" \"%{User-a ProxyPass "/cloudflare/" "https://production.cloudflare.docker.com/" ttl=120 keepalive=On retry=0 ProxyPassReverse "/cloudflare/" "https://production.cloudflare.docker.com/" + # NOTE(SamYaple): Docker has historically not allowed to have anything in + # the URI, but it wasn't enforced until they started validating the config + # in docker-ce 17.10. Prior to that, it was working fine. + # NOTE(corvus): Ensure this stanza is last since it's the most + # greedy match. + CacheEnable disk "/" + ProxyPass "/" "https://registry-1.docker.io/" ttl=120 keepalive=On retry=0 + ProxyPassReverse "/" "https://registry-1.docker.io/"