f8a36f0621
Root cause: storage.filesystem.maxsize (5GiB) caused Docker Registry to delete blob data while keeping metadata. Registry then served 200 OK with correct Content-Length but 0 bytes body. nginx cached these broken responses. Fixes: - Remove maxsize from dockerhub/ghcr proxy configs (rely on weekly GC) - nginx: don't cache 206 responses, require 2 requests before caching - Wiped corrupted cache on registry VM and fixed corrupted pause container blobs on node3/node4
39 lines
839 B
YAML
39 lines
839 B
YAML
version: 0.1
|
|
log:
|
|
fields:
|
|
service: registry
|
|
storage:
|
|
cache:
|
|
blobdescriptor: inmemory
|
|
filesystem:
|
|
rootdirectory: /var/lib/registry
|
|
delete:
|
|
enabled: true
|
|
maintenance:
|
|
uploadpurging:
|
|
enabled: true
|
|
age: 24h
|
|
interval: 4h
|
|
dryrun: false
|
|
readonly:
|
|
enabled: false
|
|
http:
|
|
addr: :5000
|
|
headers:
|
|
X-Content-Type-Options: [nosniff]
|
|
debug:
|
|
addr: ":5001"
|
|
# Enable proxy on nodes - https://github.com/containerd/containerd/blob/main/docs/cri/registry.md
|
|
# https://ops.tips/gists/retrieving-docker-registry-metrics-using-prometheus/
|
|
prometheus:
|
|
enabled: true
|
|
path: "/metrics"
|
|
health:
|
|
storagedriver:
|
|
enabled: true
|
|
interval: 10s
|
|
threshold: 3
|
|
proxy:
|
|
remoteurl: https://registry-1.docker.io
|
|
username: vbarzin@gmail.com
|
|
password: ${password}
|