Bug 1419486

Summary: Sanitize Docker v2 Registry Logging
Product: Red Hat Enterprise Linux 7 Reporter: Marko Myllynen <myllynen>
Component: docker-distributionAssignee: Michal Minar <miminar>
Status: CLOSED WONTFIX QA Contact: atomic-bugs <atomic-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.3Keywords: Extras
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-01-15 07:31:26 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Marko Myllynen 2017-02-06 10:32:38 UTC 
Description of problem:
After configuring a secure v2 Docker Registry with docker and docker-distribution on "warn" level logging and pushing few images, I see system log being flooded with these kinds of messages:

Feb  6 09:23:48 rhev-i24c-01 registry: 192.168.122.1 - - [06/Feb/2017:09:23:20 +0200] "PATCH /v2/openshift3/ose-docker-registry/blobs/uploads/2e751922-a359-4024-9a9e-614f7803313d?_state=_1ffPNAukc-qstgfuP1JRtxMI2dm7O9fN6ZajKpig817Ik5hbWUiOiJvcGVuc2hpZnQzL29zZS1kb2NrZXItcmVnaXN0cnkiLCJVVUlEIjoiMmU3NTE5MjItYTM1OS00MDI0LTlhOWUtNjE0Zjc4MDMzMTNkIiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDE3LTAyLTA1VDExOjIzOjIwLjQwNjA3NzA4M1oifQ%3D%3D HTTP/1.1" 202 0 "" "docker/1.12.5 go/go1.7.4 kernel/3.10.0-514.6.1.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/1.12.5 \\(linux\\))"
Feb  6 09:23:48 rhev-i24c-01 registry: 192.168.122.1 - - [06/Feb/2017:09:23:48 +0200] "PUT /v2/openshift3/ose-docker-registry/blobs/uploads/2e751922-a359-4024-9a9e-614f7803313d?_state=5JNVB4W05WLkl5m3Npqad78bN3m2f8BGRu60a15gy-F7Ik5hbWUiOiJvcGVuc2hpZnQzL29zZS1kb2NrZXItcmVnaXN0cnkiLCJVVUlEIjoiMmU3NTE5MjItYTM1OS00MDI0LTlhOWUtNjE0Zjc4MDMzMTNkIiwiT2Zmc2V0Ijo5MTUxNjc0NCwiU3RhcnRlZEF0IjoiMjAxNy0wMi0wNVQxMToyMzoyMFoifQ%3D%3D&digest=sha256%3A24ef78382cb64c18f3b264fbd89e5d8d97f60f0e647e77e3536e7871a563b15c HTTP/1.1" 201 0 "" "docker/1.12.5 go/go1.7.4 kernel/3.10.0-514.6.1.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/1.12.5 \\(linux\\))"
Feb  6 09:23:48 rhev-i24c-01 registry: 192.168.122.1 - - [06/Feb/2017:09:23:48 +0200] "HEAD /v2/openshift3/ose-docker-registry/blobs/sha256:24ef78382cb64c18f3b264fbd89e5d8d97f60f0e647e77e3536e7871a563b15c HTTP/1.1" 200 0 "" "docker/1.12.5 go/go1.7.4 kernel/3.10.0-514.6.1.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/1.12.5 \\(linux\\))"

These should not be logged on warn level (debug would look more appropriate) and it might be also considered to use a dedicated log file for these.

There might be other cases as well which I didn't come across now, would be great to have docker-distribution logging reviewed and sanitized in general. If done in upstream/Fedora already, then please consider backporting to RHEL 7.

Thanks.

Version-Release number of selected component (if applicable):
docker-distribution-2.5.1-1.el7.x86_64
Comment 1 Marko Myllynen 2017-02-06 10:33:57 UTC 
See also:

https://bugzilla.redhat.com/show_bug.cgi?id=1419485
https://bugzilla.redhat.com/show_bug.cgi?id=1419487
Comment 4 RHEL Program Management 2021-01-15 07:31:26 UTC 
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.