Bug 1329743 – Unable to push images to private registry using docker-1.9.1-25 and python-docker-py-1.7.2-1

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1329743 - Unable to push images to private registry using docker-1.9.1-25 and python-docker-py-1.7.2-1

Summary:	Unable to push images to private registry using docker-1.9.1-25 and python-do...

Status:	CLOSED ERRATA

Aliases:	None

Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	docker (Show other bugs)
Sub Component:
Version:	7.2
Hardware:	x86_64 Linux

Priority	unspecified Severity unspecified
Target Milestone:	rc
Target Release:	---
Assigned To:	Antonio Murdaca
QA Contact:	atomic-bugs@redhat.com
Docs Contact:

URL:
Whiteboard:	hot
Keywords:	Extras, ZStream

Depends On:
Blocks:	1191185
	Show dependency tree / graph

Reported:	2016-04-22 16:04 EDT by Abe Music
Modified:	2016-05-12 11:18 EDT (History)
CC List:	6 users (show)

See Also:
Fixed In Version:	docker-1.9.1-39.el7
Doc Type:	Bug Fix
Doc Text:	Cause: the request body was wrongly being read twice by the docker daemon Consequence: an EOF error was being returned Fix: remove wrong if branch which wrongly read the request body the first time Result: no more EOF error is returned and the body is correctly read when really needed
Story Points:	---
Clone Of:
Environment:
Last Closed:	2016-05-12 11:18:17 EDT
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2016:1034	normal	SHIPPED_LIVE	Moderate: docker security, bug fix, and enhancement update	2016-05-12 15:15:01 EDT

Groups: None (edit)

Description Abe Music 2016-04-22 16:04:02 EDT

Description of problem:

Installed latest version of docker (1.9.1-25) and python-docker-py (1.7.2-1). When using docker-py's Client::push method to push a local image to remote private registry we get the following error:

File "/usr/lib/python2.7/site-packages/docker/api/image.py", line 246, in push
    self._raise_for_status(response)
  File "/usr/lib/python2.7/site-packages/docker/client.py", line 146, in _raise_for_status
    raise errors.APIError(e, response, explanation=explanation)
docker.errors.APIError: 400 Client Error: Bad Request ("Bad parameters and missing X-Registry-Auth: EOF")


Version-Release number of selected component (if applicable):

docker-1.9.1-25
python-docker-py-1.7.2-1


How reproducible:

Each time

Steps to Reproduce:

1. install docker and python-docker-py
2. start docker
3. pull a test image
`docker pull hello-world`
4. tag it for remote private registry
`docker tag hello-world:latest <remote_registry>/hello-world`
5. push using docker-py
`python -c "from docker.client import Client; Client().push('<remote_registry>/hello-world')"

Actual results:

Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/docker/api/image.py", line 246, in push
    self._raise_for_status(response)
  File "/usr/lib/python2.7/site-packages/docker/client.py", line 146, in _raise_for_status
    raise errors.APIError(e, response, explanation=explanation)
docker.errors.APIError: 400 Client Error: Bad Request ("Bad parameters and missing X-Registry-Auth: EOF")


Expected results:

Image should be pushed to remote registry


Additional info:

Comment 2 Antonio Murdaca 2016-04-23 08:07:40 EDT

Does it works by downgrading docker itself? (or the other way around downgrading docker-py)

Comment 3 Antonio Murdaca 2016-04-23 08:33:21 EDT

I found the issue, is your private registry setup to require authentication?

Comment 4 Antonio Murdaca 2016-04-23 11:06:58 EDT

will be fixed by https://github.com/projectatomic/docker/pull/134 if we're going to release a new 1.9 in RHEL. From 1.10.3 it's also fixed.

Comment 5 Tomas Tomecek 2016-04-25 03:28:52 EDT

Is this fixed in upstream? I think I was hitting this with 1.11.

Originally I thought this is a bug in python-docker-py so I proposed an upstream fix: https://github.com/docker/docker-py/pull/1038

Comment 7 Antonio Murdaca 2016-04-27 06:41:20 EDT

Tomas this was a bug in _out_ projectatomic/docker - upstream doesn't have this bug.

Comment 8 Luwen Su 2016-04-28 02:53:05 EDT

Reproduced it with the latest docker and python-docker-py, if there will be a new build which includes the fix, i'd like to do a quick testing as i keep the environment.

# rpm -q docker python-docker-py
docker-1.9.1-37.el7.x86_64
python-docker-py-1.7.2-1.el7.noarch

Docker-client:
# docker push myregistrydomain.com:5000/busybox
The push refers to a repository [myregistrydomain.com:5000/busybox] (len: 1)
307ac631f1b5: Image already exists 
4b51ded9aed1: Image already exists 
latest: digest: sha256:72df87de1d513d6e3d8bc8164cce5d2b77c535f7e280b7411f911ebe032949c7 size: 2731

python-docker-py:
# `python -c "from docker.client import Client; Client().push('myregistrydomain.com:5000/busybox')"`
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/docker/api/image.py", line 246, in push
    self._raise_for_status(response)
  File "/usr/lib/python2.7/site-packages/docker/client.py", line 146, in _raise_for_status
    raise errors.APIError(e, response, explanation=explanation)
docker.errors.APIError: 400 Client Error: Bad Request ("Bad parameters and missing X-Registry-Auth: EOF")

Comment 9 Antonio Murdaca 2016-04-28 03:30:01 EDT

I'm sure that build has the fix I linked above. I'll ping Lokesh.

Comment 10 Luwen Su 2016-05-02 05:15:44 EDT

(In reply to Antonio Murdaca from comment #9)
> I'm sure that build has the fix I linked above. I'll ping Lokesh.

Yeah, i checked the docker-1.9.1-38.el7.x86_64, looks like it miss the comment#4 patch

Comment 13 Luwen Su 2016-05-03 11:35:54 EDT

Works for me with docker-1.9.1-39.el7.x86_64 and python-docker-py-1.7.2-1.el7.noarch

for details about setup docker-distribution tls , reach for https://bugzilla.redhat.com/show_bug.cgi?id=1330393 comment#3

# `python -c "from docker.client import Client; Client().pull('myregistrydomain.com:5000/busybox')"`
# myregistrydomain.com:5000/busybox   latest              307ac631f1b5        6 weeks ago         1.113 MB

Comment 15 errata-xmlrpc 2016-05-12 11:18:17 EDT

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-1034.html

Note You need to log in before you can comment on or make changes to this bug.