3f0ecda737
- Add proxy_intercept_errors + error_page for 502/503/504 on blob locations to prevent caching truncated upstream responses (root cause of repeated ImagePullBackOff across services) - Reduce proxy_cache_lock_timeout from 15m to 5m — fail fast, let containerd retry instead of all concurrent pulls waiting on a failed first download - Add proxy_cache_valid any 0 — never cache error responses - Add /healthz endpoints on Docker Hub and GHCR servers - Add draintimeout and proxy.ttl to registry proxy configs
30 lines
505 B
Smarty
30 lines
505 B
Smarty
version: 0.1
|
|
log:
|
|
fields:
|
|
service: registry-${name}
|
|
storage:
|
|
cache:
|
|
blobdescriptor: inmemory
|
|
filesystem:
|
|
rootdirectory: /var/lib/registry
|
|
delete:
|
|
enabled: true
|
|
maintenance:
|
|
uploadpurging:
|
|
enabled: true
|
|
age: 24h
|
|
interval: 4h
|
|
dryrun: false
|
|
http:
|
|
addr: :5000
|
|
draintimeout: 60s
|
|
headers:
|
|
X-Content-Type-Options: [nosniff]
|
|
health:
|
|
storagedriver:
|
|
enabled: true
|
|
interval: 10s
|
|
threshold: 3
|
|
proxy:
|
|
remoteurl: ${remote_url}
|
|
ttl: 168h
|