LB Agent doesn't forward request to docker private registry

I’m trying to create a stack on the same host with Managed network:

SSL CN : registry.lan
Rancher LB Agent (443:5000 SSL)
Private Registry:2 (5000 SSL) -h registry.lan

docker@default:~$ docker push registry.lan/alpine:3.2
The push refers to a repository [registry.lan/alpine] (len: 1)
Sending image list
Error: Status 502 trying to push repository alpine: "<html><body><h1>502 Bad Gateway</h1>\nThe server returned an invalid or incomplete response.\n</body></html>\n\n"

The scope is to place the private registry behind the LB to eliminate the need for tagging the images:<5000>

Is there a limitation on the LB Agent in forwarding the request to a container with SSL?

Rancher	v0.44.0
Cattle	v0.107.0
User Interface	v0.55.0
Rancher Compose	v0.5.1

Turning SSL on for the balancer means to do SSL termination and send the unencrypted request to the target service. In this case your service’s only port is encrypted, so you want the listener to be TCP with SSL unchecked so that the request is just passed straight through.

Or you could also map port 443 to 5000 on the registry container so it directly listening on 443, and not have a balancer at all. The

1 Like