LB Agent doesn't forward request to docker private registry

vvetu · November 15, 2015, 7:17pm

Hello,
I’m trying to create a stack on the same host with Managed network:

SSL CN : registry.lan
Rancher LB Agent (443:5000 SSL)
Private Registry:2 (5000 SSL) -h registry.lan

docker@default:~$ docker push registry.lan/alpine:3.2
The push refers to a repository [registry.lan/alpine] (len: 1)
Sending image list
Error: Status 502 trying to push repository alpine: "<html><body><h1>502 Bad Gateway</h1>\nThe server returned an invalid or incomplete response.\n</body></html>\n\n"

The scope is to place the private registry behind the LB to eliminate the need for tagging the images:<5000>

Is there a limitation on the LB Agent in forwarding the request to a container with SSL?

vvetu · November 15, 2015, 7:24pm

Rancher	v0.44.0
Cattle	v0.107.0
User Interface	v0.55.0
Rancher Compose	v0.5.1

vincent · November 15, 2015, 7:59pm

Turning SSL on for the balancer means to do SSL termination and send the unencrypted request to the target service. In this case your service’s only port is encrypted, so you want the listener to be TCP with SSL unchecked so that the request is just passed straight through.

Or you could also map port 443 to 5000 on the registry container so it directly listening on 443, and not have a balancer at all. The

Topic		Replies	Views
Request host on loadbalancer doesn't work as expected might I be doing something wrong? Rancher 1.x	5	1414	August 3, 2016
Rancher 1.6.30 and SSL (new Let's Encrypt) error Rancher 1.x	21	2197	December 6, 2021
Rancher LB and X-Forwarded-Port Rancher 1.x	2	1038	October 28, 2016
Rancher Private Repository on Azure can't get working RancherOS	2	1596	October 31, 2016
How to add private registry on HTTP - not HTTPS Rancher 1.x	2	1585	October 13, 2017

LB Agent doesn't forward request to docker private registry

Related topics