Commit graph

8 commits

Author SHA1 Message Date
Stephen J Day
027de801a8 swarm/controller: allow cancellation to propagate
Ensure that cancellation of a pull propagates rather than continuing to
container creation. This ensures that the `Prepare` method is properly
re-entrant.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
(cherry picked from commit d99c6b837f)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-25 23:26:42 -07:00
Aaron Lehmann
72274de26e Don't retry push on an unknown repository
If the remote registry responds with a NAME_UNKNOWN error, treat this as
a fatal error and don't retry the push.

Tested against an ECR registry.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit a12ab28e0a)
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-07-12 15:50:36 -07:00
Antonio Murdaca
66fbc0c2a3 distribution: errors: do not retry on too many requests from registry
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-05-04 18:57:55 +02:00
Antonio Murdaca
264b5b6083 distribution: errors: do not retry if no token in response
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-19 12:20:14 +01:00
Antonio Murdaca
1b5c2e1d72 distribution: errors: do not access the errors slice if it's empty
- cherry-pick from 1.10.3 branch: 0186f4d422
- add token service test suite
- add integration test (missing in 1.10.3 branch)

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-16 09:00:39 +01:00
Antonio Murdaca
497d545093 distribution: errors: do not retry if no credentials provided
Fix and add test for case c) in #21054

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-12 20:41:47 +01:00
Aaron Lehmann
5e8af46fda Smarter push/pull TLS fallback
With the --insecure-registry daemon option (or talking to a registry on
a local IP), the daemon will first try TLS, and then try plaintext if
something goes wrong with the push or pull. It doesn't make sense to try
plaintext if a HTTP request went through while using TLS. This commit
changes the logic to keep track of host/port combinations where a TLS
attempt managed to do at least one HTTP request (whether the response
code indicated success or not). If the host/port responded to a HTTP
using TLS, we won't try to make plaintext HTTP requests to it.

This will result in better error messages, which sometimes ended up
showing the result of the plaintext attempt, like this:

    Error response from daemon: Get
    http://myregistrydomain.com:5000/v2/: malformed HTTP response
    "\x15\x03\x01\x00\x02\x02"

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-02-12 13:47:48 -08:00
Aaron Lehmann
8f26fe4f59 Push/pull errors improvement and cleanup
Several improvements to error handling:

- Introduce ImageConfigPullError type, wrapping errors related to
  downloading the image configuration blob in schema2. This allows for a
  more descriptive error message to be seen by the end user.

- Change some logrus.Debugf calls that display errors to logrus.Errorf.
  Add log lines in the push/pull fallback cases to make sure the errors
  leading to the fallback are shown.

- Move error-related types and functions which are only used by the
  distribution package out of the registry package.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-02-11 16:28:56 -08:00