Bug 1329743 - Unable to push images to private registry using docker-1.9.1-25 and python-docker-py-1.7.2-1
Summary: Unable to push images to private registry using docker-1.9.1-25 and python-do...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: docker
Version: 7.2
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Antonio Murdaca
QA Contact: atomic-bugs@redhat.com
URL:
Whiteboard: hot
Depends On:
Blocks: 1191185
TreeView+ depends on / blocked
 
Reported: 2016-04-22 20:04 UTC by Abe Music
Modified: 2019-03-06 00:35 UTC (History)
6 users (show)

Fixed In Version: docker-1.9.1-39.el7
Doc Type: Bug Fix
Doc Text:
Cause: the request body was wrongly being read twice by the docker daemon Consequence: an EOF error was being returned Fix: remove wrong if branch which wrongly read the request body the first time Result: no more EOF error is returned and the body is correctly read when really needed
Clone Of:
Environment:
Last Closed: 2016-05-12 15:18:17 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:1034 0 normal SHIPPED_LIVE Moderate: docker security, bug fix, and enhancement update 2016-05-12 19:15:01 UTC

Description Abe Music 2016-04-22 20:04:02 UTC 
Description of problem:

Installed latest version of docker (1.9.1-25) and python-docker-py (1.7.2-1). When using docker-py's Client::push method to push a local image to remote private registry we get the following error:

File "/usr/lib/python2.7/site-packages/docker/api/image.py", line 246, in push
    self._raise_for_status(response)
  File "/usr/lib/python2.7/site-packages/docker/client.py", line 146, in _raise_for_status
    raise errors.APIError(e, response, explanation=explanation)
docker.errors.APIError: 400 Client Error: Bad Request ("Bad parameters and missing X-Registry-Auth: EOF")


Version-Release number of selected component (if applicable):

docker-1.9.1-25
python-docker-py-1.7.2-1


How reproducible:

Each time

Steps to Reproduce:

1. install docker and python-docker-py
2. start docker
3. pull a test image
`docker pull hello-world`
4. tag it for remote private registry
`docker tag hello-world:latest <remote_registry>/hello-world`
5. push using docker-py
`python -c "from docker.client import Client; Client().push('<remote_registry>/hello-world')"

Actual results:

Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/docker/api/image.py", line 246, in push
    self._raise_for_status(response)
  File "/usr/lib/python2.7/site-packages/docker/client.py", line 146, in _raise_for_status
    raise errors.APIError(e, response, explanation=explanation)
docker.errors.APIError: 400 Client Error: Bad Request ("Bad parameters and missing X-Registry-Auth: EOF")


Expected results:

Image should be pushed to remote registry


Additional info:
Comment 2 Antonio Murdaca 2016-04-23 12:07:40 UTC 
Does it works by downgrading docker itself? (or the other way around downgrading docker-py)
Comment 3 Antonio Murdaca 2016-04-23 12:33:21 UTC 
I found the issue, is your private registry setup to require authentication?
Comment 4 Antonio Murdaca 2016-04-23 15:06:58 UTC 
will be fixed by https://github.com/projectatomic/docker/pull/134 if we're going to release a new 1.9 in RHEL. From 1.10.3 it's also fixed.
Comment 5 Tomas Tomecek 2016-04-25 07:28:52 UTC 
Is this fixed in upstream? I think I was hitting this with 1.11.

Originally I thought this is a bug in python-docker-py so I proposed an upstream fix: https://github.com/docker/docker-py/pull/1038
Comment 7 Antonio Murdaca 2016-04-27 10:41:20 UTC 
Tomas this was a bug in _out_ projectatomic/docker - upstream doesn't have this bug.
Comment 8 Luwen Su 2016-04-28 06:53:05 UTC 
Reproduced it with the latest docker and python-docker-py, if there will be a new build which includes the fix, i'd like to do a quick testing as i keep the environment.

# rpm -q docker python-docker-py
docker-1.9.1-37.el7.x86_64
python-docker-py-1.7.2-1.el7.noarch

Docker-client:
# docker push myregistrydomain.com:5000/busybox
The push refers to a repository [myregistrydomain.com:5000/busybox] (len: 1)
307ac631f1b5: Image already exists 
4b51ded9aed1: Image already exists 
latest: digest: sha256:72df87de1d513d6e3d8bc8164cce5d2b77c535f7e280b7411f911ebe032949c7 size: 2731

python-docker-py:
# `python -c "from docker.client import Client; Client().push('myregistrydomain.com:5000/busybox')"`
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/docker/api/image.py", line 246, in push
    self._raise_for_status(response)
  File "/usr/lib/python2.7/site-packages/docker/client.py", line 146, in _raise_for_status
    raise errors.APIError(e, response, explanation=explanation)
docker.errors.APIError: 400 Client Error: Bad Request ("Bad parameters and missing X-Registry-Auth: EOF")
Comment 9 Antonio Murdaca 2016-04-28 07:30:01 UTC 
I'm sure that build has the fix I linked above. I'll ping Lokesh.
Comment 10 Luwen Su 2016-05-02 09:15:44 UTC 
(In reply to Antonio Murdaca from comment #9)
> I'm sure that build has the fix I linked above. I'll ping Lokesh.

Yeah, i checked the docker-1.9.1-38.el7.x86_64, looks like it miss the comment#4 patch
Comment 13 Luwen Su 2016-05-03 15:35:54 UTC 
Works for me with docker-1.9.1-39.el7.x86_64 and python-docker-py-1.7.2-1.el7.noarch

for details about setup docker-distribution tls , reach for https://bugzilla.redhat.com/show_bug.cgi?id=1330393 comment#3

# `python -c "from docker.client import Client; Client().pull('myregistrydomain.com:5000/busybox')"`
# myregistrydomain.com:5000/busybox   latest              307ac631f1b5        6 weeks ago         1.113 MB
Comment 15 errata-xmlrpc 2016-05-12 15:18:17 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-1034.html
Note You need to log in before you can comment on or make changes to this bug.