The Registry is a stateless, highly scalable server side application that stores and lets you distribute Docker images. The Registry is open-source, under the permissive Apache license.
Kong is one of the core technologies used by Mashape to power API request from developers. It is often described as a “drop-in replacement for expensive proprietary API management systems.” The rough idea behind Kong is to give developers a centralized management layer for microservices and APIs.
Kong provides several authentication methods that can be applied to serveral backend API. If you don’t want to manually create credentials for your Docker registry, Kong is a good solution.
The Kong supports following authentication methods:
- Key Auth
- Basic Authen
Kong also provides further features such as traffic control, transformations, logging, analytics, etc.
In the deployment, SSL is terminated at Kong, it looks like Kong does not set the
X-Forwarded-Host header properly when proxying traffic to the back-end which is Docker registry. In addition, the Docker registry cannot detect the correct url.
Although the pull action can be done without any issue, the push action gets stuck with sereral retrying then fails with error
blob upload unknown. Following is an example of the issue
[email protected] $ docker push registry.ndk.name/mysql
All we need is enabling relative urls with
relativeurls option. If it is
true, the registry returns relative URLs in Location headers. The client is responsible for resolving the correct URL.
If you are deploying Docker registry with
stack.yml file, you can set
REGISTRY_HTTP_RELATIVEURLS=true in your service’s
relativeurlsoption is not compatible with Docker 1.7 and earlier.
- I also tried with Kong transformation plugin to set the proper header but it didn’t help.
Now try to push the image to our Docker registry again and see the success result.
[email protected]$ docker push registry.ndk.name/mysql