SolvedPortus Garbage Collector removes all tags

Description

I Activated Garbage Collector on Portus Background process with keep_latest: 5 and older_than: 100
But it deletes all images older_than 100 ignoring the keep_latest flag. In result I have old repositories wiped all completely

Steps to reproduce

  1. Using Portus 2.4 with two processes: Portus and Portus Background
  2. Enable Garbage Collector with following options:
  garbage_collector:
    enabled: true
    older_than: 100
    keep_latest: 5
    tag: ""
  1. Restart Portus Background process
  2. All images older than 100 days are deleted, keep_latest is ignored.
  • Expected behavior: I expected that an old repository it kept latest 5 tags
  • Actual behavior: All images older than 100 days are deleted

Here initial logs:

[Initialization] Running: 'Registry events', 'Garbage collector'
[catalog] Removed the tag 'master'.
[catalog] Removed the image 'bsdash'.
[catalog] Removed the tag 'master'.
[catalog] Removed the image 'bsdash-gitlabreceiver'.
[catalog] Removed the tag '5.13'.
[catalog] Removed the tag '4.0.28'.
[catalog] Removed the tag '4.0.29'.
[catalog] Removed the tag '4.0.30'.
[catalog] Removed the tag '5.14'.
Handling 'delete' event:
{
  "id": "16748f9c-95cd-496d-ba29-2d46881f657b",
  "timestamp": "2019-10-14T17:04:02.347313389+02:00",
  "action": "delete",
  "target": {
    "digest": "sha256:2aa456083567cc6c63aafca541805fe551088abd347f32d5adca245ee3cc8100",
    "repository": "bs/bsdash"
  },
  "request": {
    "id": "2220cb85-5421-405f-8b0b-ade62cb5c504",
    "addr": "172.17.0.2:46500",
    "host": "registry.bscompany.eu:5000",
    "method": "DELETE",
    "useragent": "Ruby"
  },
  "actor": {
    "name": "portus"
  },
  "source": {
    "addr": "itportus01:5000",
    "instanceID": "5dfbe8ef-e81d-4ce6-84b6-470c720ea725"
  }
}

Deployment information

Deployment method: Portus is deployed as a standalone Container (not Compose) which connects to local MariaDB and Registry.

Configuration:

email:
  from: portus@bscompany.eu
  name: Portus
  reply_to: ''
  smtp:
    enabled: false
    address: smtp.example.com
    port: 587
    domain: example.com
    ssl_tls: ''
    enable_starttls_auto: false
    openssl_verify_mode: none
    ca_path: ''
    ca_file: ''
    user_name: ''
    password: "****"
    authentication: login
gravatar:
  enabled: true
delete:
  enabled: true
  contributors: false
  garbage_collector:
    enabled: false
    older_than: 30
    keep_latest: 5
    tag: ''
ldap:
  enabled: false
  hostname: ldap_hostname
  port: 389
  timeout: 5
  encryption:
    method: ''
    options:
      ca_file: ''
      ssl_version: TLSv1_2
  base: ''
  admin_base: ''
  group_base: ''
  filter: ''
  uid: uid
  authentication:
    enabled: false
    bind_dn: ''
    password: "****"
  group_sync:
    enabled: true
    default_role: viewer
  guess_email:
    enabled: false
    attr: ''
oauth:
  local_login:
    enabled: true
  google_oauth2:
    enabled: false
    id: ''
    secret: ''
    domain: ''
    options:
      hd: ''
  open_id:
    enabled: false
    identifier: ''
    domain: ''
  openid_connect:
    enabled: false
    issuer: ''
    identifier: ''
    secret: ''
  github:
    enabled: false
    client_id: ''
    client_secret: ''
    organization: ''
    team: ''
    domain: ''
  gitlab:
    enabled: false
    application_id: ''
    secret: ''
    group: ''
    domain: ''
    server: ''
  bitbucket:
    enabled: false
    key: ''
    secret: ''
    domain: ''
    options:
      team: ''
first_user_admin:
  enabled: true
signup:
  enabled: false
check_ssl_usage:
  enabled: true
registry:
  jwt_expiration_time:
    value: 15
  catalog_page:
    value: 100
  timeout:
    value: 2
  read_timeout:
    value: 120
machine_fqdn:
  value: portus.bscompany.eu
display_name:
  enabled: false
user_permission:
  change_visibility:
    enabled: true
  create_team:
    enabled: true
  manage_team:
    enabled: true
  create_namespace:
    enabled: true
  manage_namespace:
    enabled: true
  create_webhook:
    enabled: true
  manage_webhook:
    enabled: true
  push_images:
    policy: allow-teams
security:
  clair:
    server: ''
    health_port: 6061
    timeout: 900
  zypper:
    server: ''
  dummy:
    server: ''
anonymous_browsing:
  enabled: true
background:
  registry:
    enabled: true
  sync:
    enabled: true
    strategy: initial
pagination:
  per_page: 10
  before_after: 2

Portus version: 2.4.3@5a616c0ef860567df5700708256f42505cdb9952

env_portus: environment file used for customizing Portus Foreground:

PORTUS_MACHINE_FQDN_VALUE=portus.bscompany.eu
PORTUS_PUMA_HOST=0.0.0.0:3000

PORTUS_SECRET_KEY_BASE=***
PORTUS_KEY_PATH=/certificates/***
PORTUS_PASSWORD=***

CCONFIG_PREFIX=PORTUS

PORTUS_DB_ADAPTER=mysql2
PORTUS_DB_HOST=portus.host.local
PORTUS_DB_USERNAME=***
PORTUS_DB_PASSWORD=***
PORTUS_DB_DATABASE=portus_production
PORTUS_DB_POOL=5

RAILS_SERVE_STATIC_FILES=true

PORTUS_PUMA_TLS_KEY=/certificates/***
PORTUS_PUMA_TLS_CERT=/certificates/***

PORTUS_LOG_LEVEL=info

TZ=Europe/Rome

We are running portus with:

docker run -d --restart=always -v /opt/ssl:/certificates:ro -v /srv/portus/config/config.yml:/srv/Portus/config/config.yml \
       -p 3000:3000 --name portus --env-file=/srv/portus/config/env_portus opensuse/portus:2.4

env_background: environment file used for customizing Portus Background:

PORTUS_MACHINE_FQDN_VALUE=portus.bscompany.eu
PORTUS_PUMA_HOST=0.0.0.0:3000
PORTUS_BACKGROUND=true

PORTUS_SECRET_KEY_BASE=***
PORTUS_KEY_PATH=/certificates/***
PORTUS_PASSWORD=***

CCONFIG_PREFIX=PORTUS

PORTUS_DB_ADAPTER=mysql2
PORTUS_DB_HOST=portus.host.local
PORTUS_DB_USERNAME=***
PORTUS_DB_PASSWORD=***
PORTUS_DB_DATABASE=portus_production
PORTUS_DB_POOL=5

RAILS_SERVE_STATIC_FILES=true

PORTUS_PUMA_TLS_KEY=/certificates/***
PORTUS_PUMA_TLS_CERT=/certificates/***

PORTUS_LOG_LEVEL=info

TZ=Europe/Rome

Then we are running portus background:

docker run -d --restart=always -v /opt/ssl:/certificates:ro -v /srv/portus/config/config.yml:/srv/Portus/config/config.yml \
       --name portus_background --env-file=/srv/portus/config/env_background opensuse/portus:2.4

Thanks in advance
Roberto

40 Answers

βœ”οΈAccepted Answer

@robgiovanardi I think I found your solution!!!!, and oh my god, the idea I just wrote 5minutes ago, inspred by #2275 (comment) , gave full reward !!!!

have a look out there : https://github.com/Ashtonian/server-setup/blob/bc9ac031a18f1c686da5a662d3cf969009a50c38/portus/docker-compose.yml

So Yesssss! there exist PORTUS_BACKGROUND_GARBAGE_COLLECTION_XXXX variables to activate and configure Garbage collection !!! :D :D :D thank you sooo much @kylegoetz and Ashtonian

And so, what you need to do, is to ad the following env. variables to both your background and your portus services in docker-compose.yml

      - PORTUS_DELETE_ENABLED=true
      - PORTUS_DELETE_CONTRIBUTORS=false
      - PORTUS_DELETE_GARBAGE_COLLECTOR_ENABLED=true
      - PORTUS_DELETE_GARBAGE_COLLECTOR_OLDER_THAN=30
      - PORTUS_DELETE_GARBAGE_COLLECTOR_KEEP_LATEST=5

Honestly, I'll try as soon aspossible to set that only for the background, just to check if it works, cause there 's a potential non-necessary copy-paste in this example.

I have a lot of other work on Portus, so I can't do that this weekend, I am so dying that you do that and give me feedback even before I run it πŸ˜„

The whole docker-compose.yml, so we don't lose it

I found it seraching github with string PORTUS_BACKGROUND_REGISTRY_ENABLED, and got only 4 results in code, in the whole of github.com as of 15/02/2020!!

Even funnier, πŸ˜† , none of those 4 results are in portus documentation !! I had take the screenshot before there are more results on github.com ! πŸ˜†

PORTUS_BACKGROUND_REGISTRY_ENABLED_none_of_result_search_in_portus_documentation

version: "3.7"

services:
  portus:
    image: opensuse/portus:2.4.3
    # env_file:
    #   - ./portus.env
    environment:
      - PORTUS_MACHINE_FQDN_VALUE=portus.ashlab.dev
      - PORTUS_DB_HOST=db
      - PORTUS_DB_DATABASE=portus_production
      - PORTUS_DB_PASSWORD=${DATABASE_PASSWORD}
      - PORTUS_DB_POOL=5
      - PORTUS_SECRET_KEY_BASE=${SECRET_KEY_BASE}
      - PORTUS_KEY_PATH=/certificates/portus.ashlab.dev/privatekey.key
      - PORTUS_PASSWORD=${PORTUS_PASSWORD}
      - PORTUS_CHECK_SSL_USAGE_ENABLED=false

      - PORTUS_SIGNUP_ENABLED=false
      - RAILS_SERVE_STATIC_FILES=true

      - PORTUS_GRAVATAR_ENABLED=true
      - PORTUS_DELETE_ENABLED=true
      - PORTUS_DELETE_CONTRIBUTORS=false
      - PORTUS_DELETE_GARBAGE_COLLECTOR_ENABLED=true
      - PORTUS_DELETE_GARBAGE_COLLECTOR_OLDER_THAN=30
      - PORTUS_DELETE_GARBAGE_COLLECTOR_KEEP_LATEST=5
      - PORTUS_ANONYMOUS_BROWSING_ENABLED=false

      - PORTUS_OAUTH_GITHUB_ENABLED=true
      - PORTUS_OAUTH_GITHUB_CLIENT_ID=${PORTUS_OAUTH_GITHUB_CLIENT_ID}
      - PORTUS_OAUTH_GITHUB_CLIENT_SECRET=${PORTUS_OAUTH_GITHUB_CLIENT_SECRET}
      - PORTUS_OAUTH_GITHUB_ORGANIZATION=karsto
      # # - PORTUS_OAUTH_GITHUB_TEAM=''
      # # - PORTUS_OAUTH_GITHUB_DOMAIN=''


      #       - PORTUS_SECURITY_CLAIR_SERVER=http://clair:6060
    # ports:
    #   - 3000:3000
    depends_on:
      - db
    links:
      - db
    volumes:
      - traefik_certs_raw:/certificates:ro
      # - secrets:/certificates:ro
    networks:
      - portus
      - public
    labels:
      - "traefik.enable=true"
      # - "traefik.http.middlewares.sslHeaders.headers.SSLHost=portus.ashlab.dev"
      - "traefik.http.routers.portus.rule=Host(`portus.ashlab.dev`)"
      - "traefik.http.routers.portus.middlewares=https_redirect, sslHeaders"
      - "traefik.http.routers.portus.service=portus"
      - "traefik.http.routers.portus.tls=true"
      - "traefik.http.routers.portus.tls.certresolver=le"
      - "traefik.http.services.portus.loadbalancer.server.port=3000"
      - "traefik.http.services.portus.loadbalancer.server.scheme=http"
      - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https" # Standard move to default when traefik fixes behavior
      - "traefik.http.middlewares.https_redirect.redirectscheme.permanent=true"
      # - "traefik.http.middlewares.sslHeaders.headers.framedeny=true"
      # - "traefik.http.middlewares.sslHeaders.headers.sslredirect=true"
      # - "traefik.http.middlewares.sslHeaders.headers.STSSeconds=315360000"
      # - "traefik.http.middlewares.sslHeaders.headers.browserXSSFilter=true"
      # - "traefik.http.middlewares.sslHeaders.headers.contentTypeNosniff=true"
      # - "traefik.http.middlewares.sslHeaders.headers.forceSTSHeader=true"
      # - "traefik.http.middlewares.sslHeaders.headers.STSIncludeSubdomains=true"
      # - "traefik.http.middlewares.sslHeaders.headers.STSPreload=true"
    deploy:
      labels:
        - "traefik.enable=true"
        # - "traefik.http.middlewares.sslHeaders.headers.SSLHost=portus.ashlab.dev"
        - "traefik.http.routers.portus.rule=Host(`portus.ashlab.dev`)"
        - "traefik.http.routers.portus.middlewares=https_redirect, sslHeaders"
        - "traefik.http.routers.portus.service=portus"
        - "traefik.http.routers.portus.tls=true"
        - "traefik.http.routers.portus.tls.certresolver=le"
        - "traefik.http.services.portus.loadbalancer.server.port=3000"
        - "traefik.http.services.portus.loadbalancer.server.scheme=http"
        # - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https" # Standard move to default when traefik fixes behavior
        # - "traefik.http.middlewares.https_redirect.redirectscheme.permanent=true"
        # - "traefik.http.middlewares.sslHeaders.headers.framedeny=true"
        # - "traefik.http.middlewares.sslHeaders.headers.sslredirect=true"
        # - "traefik.http.middlewares.sslHeaders.headers.STSSeconds=315360000"
        # - "traefik.http.middlewares.sslHeaders.headers.browserXSSFilter=true"
        # - "traefik.http.middlewares.sslHeaders.headers.contentTypeNosniff=true"
        # - "traefik.http.middlewares.sslHeaders.headers.forceSTSHeader=true"
        # - "traefik.http.middlewares.sslHeaders.headers.STSIncludeSubdomains=true"
        # - "traefik.http.middlewares.sslHeaders.headers.STSPreload=true"
  background:
    image: opensuse/portus:2.4.3
    depends_on:
      - portus
      - db
    environment:
      # Theoretically not needed, but cconfig's been buggy on this...
      - CCONFIG_PREFIX=PORTUS
      - PORTUS_MACHINE_FQDN_VALUE=portus.ashlab.dev
      - PORTUS_DB_HOST=db
      - PORTUS_DB_DATABASE=portus_production
      - PORTUS_DB_PASSWORD=${DATABASE_PASSWORD}
      - PORTUS_DB_POOL=5
      - PORTUS_SECRET_KEY_BASE=${SECRET_KEY_BASE}
      - PORTUS_KEY_PATH=/certificates/portus.ashlab.dev/privatekey.key
      - PORTUS_PASSWORD=${PORTUS_PASSWORD}
      #       - PORTUS_SECURITY_CLAIR_SERVER=http://clair:6060
      # - PORTUS_CHECK_SSL_USAGE_ENABLED=false
      - PORTUS_GRAVATAR_ENABLED=true
      - PORTUS_DELETE_ENABLED=true
      - PORTUS_DELETE_CONTRIBUTORS=false
      - PORTUS_DELETE_GARBAGE_COLLECTOR_ENABLED=true
      - PORTUS_DELETE_GARBAGE_COLLECTOR_OLDER_THAN=30
      - PORTUS_DELETE_GARBAGE_COLLECTOR_KEEP_LATEST=5

      - PORTUS_OAUTH_GITHUB_ENABLED=true
      - PORTUS_OAUTH_GITHUB_CLIENT_ID=${PORTUS_OAUTH_GITHUB_CLIENT_ID}
      - PORTUS_OAUTH_GITHUB_CLIENT_SECRET=${PORTUS_OAUTH_GITHUB_CLIENT_SECRET}
      - PORTUS_OAUTH_GITHUB_ORGANIZATION=karsto
      # - PORTUS_OAUTH_GITHUB_TEAM=''
      # - PORTUS_OAUTH_GITHUB_DOMAIN=''
      - PORTUS_ANONYMOUS_BROWSING_ENABLED=false

      - PORTUS_BACKGROUND=true
      - PORTUS_BACKGROUND_REGISTRY_ENABLED=true
      - PORTUS_BACKGROUND_SYNC_ENABLED=true
      - PORTUS_BACKGROUND_SYNC_STRATEGY=update-delete
    links:
      - db
    # env_file:
    #   - ./portus.env
    volumes:
      - traefik_certs_raw:/certificates:ro
    networks:
      - portus

  db:
    image: library/mariadb:10.0.33
    command: mysqld --character-set-server=utf8 --collation-server=utf8_unicode_ci --init-connect='SET NAMES UTF8;' --innodb-flush-log-at-trx-commit=0
    # env_file:
    #   - ./portus.env
    environment:
      - MYSQL_DATABASE=portus_production
      - MYSQL_ROOT_PASSWORD=${DATABASE_PASSWORD}
    volumes:
      - mariadb:/var/lib/mysql
    networks:
      - portus

  # clair: TODO:
  #   image: quay.io/coreos/clair
  #   restart: unless-stopped
  #   depends_on:
  #     - postgres
  #   links:
  #     - postgres
  #     - portus
  #   ports:
  #     - "6060-6061:6060-6061"
  #   volumes:
  #     - /tmp:/tmp
  #     - ./clair/clair.yml:/clair.yml
  #   command: [-config, /clair.yml]

  registry:
    image: library/registry:2.7.1
    # env_file:
    #   - ./portus.env
    environment:
      # REGISTRY_HTTP_ADDR: registry.ashlab.dev
      # Authentication
      REGISTRY_AUTH_TOKEN_REALM: https://portus.ashlab.dev/v2/token
      REGISTRY_AUTH_TOKEN_SERVICE: registry.ashlab.dev
      REGISTRY_AUTH_TOKEN_ISSUER: portus.ashlab.dev
      REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE: /certificates/portus.ashlab.dev/certificate.crt

      # Portus endpoint
      REGISTRY_NOTIFICATIONS_ENDPOINTS: >
        - name: portus
          url: https://portus.ashlab.dev/v2/webhooks/events
          timeout: 2000ms
          threshold: 5
          backoff: 1s
    volumes:
      - traefik_certs_raw:/certificates:ro
      - registry:/var/lib/registry
      - secrets:/secrets:ro
      - ./config.yml:/etc/docker/registry/config.yml:ro
    ports:
      # - 5000:5000
      - 5001:5001 # required to access debug service
    links:
      - portus:portus
    networks:
      - portus
      - public
    labels:
      - "traefik.enable=true"
      # - "traefik.http.middlewares.sslHeaders.headers.SSLHost=registry.ashlab.dev"
      - "traefik.http.routers.registry.rule=Host(`registry.ashlab.dev`)"
      - "traefik.http.routers.registry.middlewares=https_redirect, sslHeaders"
      - "traefik.http.routers.registry.service=registry"
      - "traefik.http.routers.registry.tls=true"
      - "traefik.http.routers.registry.tls.certresolver=le"
      - "traefik.http.services.registry.loadbalancer.server.port=5000"
      - "traefik.http.services.registry.loadbalancer.server.scheme=http"
      # - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https" # Standard move to default when traefik fixes behavior
      # - "traefik.http.middlewares.https_redirect.redirectscheme.permanent=true"
      # - "traefik.http.middlewares.sslHeaders.headers.framedeny=true"
      # - "traefik.http.middlewares.sslHeaders.headers.sslredirect=true"
      # - "traefik.http.middlewares.sslHeaders.headers.STSSeconds=315360000"
      # - "traefik.http.middlewares.sslHeaders.headers.browserXSSFilter=true"
      # - "traefik.http.middlewares.sslHeaders.headers.contentTypeNosniff=true"
      # - "traefik.http.middlewares.sslHeaders.headers.forceSTSHeader=true"
      # - "traefik.http.middlewares.sslHeaders.headers.STSIncludeSubdomains=true"
      # - "traefik.http.middlewares.sslHeaders.headers.STSPreload=true"
    deploy:
      labels:
      - "traefik.enable=true"
      # - "traefik.http.middlewares.sslHeaders.headers.SSLHost=registry.ashlab.dev"
      - "traefik.http.routers.registry.rule=Host(`registry.ashlab.dev`)"
      - "traefik.http.routers.registry.middlewares=https_redirect, sslHeaders"
      - "traefik.http.routers.registry.service=registry"
      - "traefik.http.routers.registry.tls=true"
      - "traefik.http.routers.registry.tls.certresolver=le"
      - "traefik.http.services.registry.loadbalancer.server.port=5000"
      - "traefik.http.services.registry.loadbalancer.server.scheme=http"
      # - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https" # Standard move to default when traefik fixes behavior
      # - "traefik.http.middlewares.https_redirect.redirectscheme.permanent=true"
      # - "traefik.http.middlewares.sslHeaders.headers.framedeny=true"
      # - "traefik.http.middlewares.sslHeaders.headers.sslredirect=true"
      # - "traefik.http.middlewares.sslHeaders.headers.STSSeconds=315360000"
      # - "traefik.http.middlewares.sslHeaders.headers.browserXSSFilter=true"
      # - "traefik.http.middlewares.sslHeaders.headers.contentTypeNosniff=true"
      # - "traefik.http.middlewares.sslHeaders.headers.forceSTSHeader=true"
      # - "traefik.http.middlewares.sslHeaders.headers.STSIncludeSubdomains=true"
      # - "traefik.http.middlewares.sslHeaders.headers.STSPreload=true"

volumes:
  secrets:
    driver: local
    driver_opts:
      type: "none"
      o: "bind,rw"
      device: "/mnt/workspace/portus/secrets"
  traefik_certs_raw:
    driver: local
    driver_opts:
      type: "none"
      o: "bind,ro"
      device: "/mnt/workspace/traefik_certs_raw/"


  mariadb:
  registry:

networks:
  public:
    external: true
  portus:

Related Issues:

3
Portus Garbage Collector removes all tags
@robgiovanardi I think I found your solution!!!! and oh my god the idea I just wrote 5minutes ago in...
720
distribution Private registry push fail: server gave HTTP response to HTTPS client
I get helped from [http://stackoverflow.com/questions/38695515/can-not-pull-push-images-after-update...
523
kubernetes deleting namespace stuck at "Terminating" state
@ManifoldFR I had the same issue as yours and I managed to make it work by making an API call with j...
447
moby The name "/data-container-name" is already used by container <hash>. You have to remove (or rename) that container to be able to reuse that name.
I have a helper function to nuke everything so that our Continuous blah cycle can be tested erm.. co...
279
kubernetes PV is stuck at terminating after PVC is deleted
I got rid of this issue by performing the following actions: Then I manually edited the pv individua...
271
kubernetes x509 cert issues after kubeadm init
do you have $KUBECONFIG pointing to /etc/kubernetes/kubelet.conf? BUG REPORT: (I think?) What happen...
264
kubernetes Ingress: Allow for multiple hosts
I also would like to see this feature but as a workaround I use YAML ids Here is how it would look f...
225
kubernetes The connection to the server localhost:8080 was refused - did you specify the right host or port?
Run these commands solved this issue: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HO...
210
minikube minikube start - Error starting host, machine does not exist
On macOS Sierra rm -rf ~/.minikube fixed it for me After that minikube start worked as expected mini...
208
kubernetes Force pods to re-pull an image without changing the image tag
@yujuhong Sometimes it's very useful to be able to do this For instance Problem A frequent question ...
205
moby docker-engine 1.10.2-0~trusty can't install on clean Ubuntu 64-bit 14.04.3
I seem to have resolved this by putting deb http://cz.archive.ubuntu.com/ubuntu trusty main in /etc/...
183
moby Docker service update --image "could not accessed on a registry to record its digest"
When updating services that need credentials to pull the image you need to pass --with-registry-auth...
182
kubernetes 'unknown revision v0.0.0' errors, seemingly due to 'require k8s.io/foo v0.0.0'
For anyone else who hits this issue after much weeping and gnashing of teeth this is the little scri...
148
minikube kube-proxy configmap update: timed out (unknown root cause)
I had this error when upgrading from 0.25 to 0.26.1 Simply performing minikube delete and then re-cr...
127
kubernetes JSONpath fails to return keys containing dots in a map
Escaping dots works now To revisit the example in my original message: Closing πŸŽ‰ ...
127
moby docker daemon unable to access registry - Client.Timeout exceeded while awaiting headers
I found out that the problem might be in /etc/resolv.conf I had: but moving the non-working (yet) 10...
123
kubernetes "Failed to setup network for pod \ using network plugins \"cni\": no IP addresses available in network: podnet; Skipping pod"
I had a simliar issue while testing kubernetes with kubeadm This started to happen after I did a kub...
119
kubernetes Kubectl cp gives "tar: removing leading '/' from member names" warning
Something I found is that if I do not put a / at the beginning of my path following : in <pod>:<path...
114
moby docker.service Failed with result 'start-limit-hit'.
I had the same error message once because of an empty /etc/docker/daemon.json file Delete it if you ...
112
kubernetes no kind "Deployment" is registered for version "apps/v1beta2"
Small tip: To find out what exact apps/xxx api version your cluster supports use kubectl api-version...
111
minikube Can't pull images from an insecure registry in Minikube VM
I just tried this with minikube v0.10.0 and --insecure-registry='docker-registry.example.com:443' wa...
110
rancher Namespace created by rancher can't delete
This is a known issue with removing an imported cluster (and in the process of being fixed) but you ...
108
che event-stream-3.3.6.tgz not found in Yarnpkg.
this is due to : https://blog.npmjs.org/post/180565383195/details-about-the-event-stream-incident to...
103
moby containerd: start container" error="oci runtime error: fork/exec /usr/bin/docker (deleted): no such file or directory: "
Not sure if this is the same cause but this might help someone Steps to reproduce the issue: Install...
102
moby Error response from daemon: Get https://registry-1.docker.io/v2/
may be you are behind a firewall/proxy server i was also behind my office firewall so i tried below ...
101
kubernetes Scale down a deployment by removing specific pods
In my company we have the exact same case of that of @antoinne85: workers that pick tasks from a que...
99
kubernetes Ubuntu 16.04 LTS - Unable to locate package kubelet, kubeadm, kubectl
Hi @monique77 On Ubuntu 16.04: Add key for new repository: Add repository: Install Kubernetes: Regar...
96
vscode remote release VS Code Server for WSL closed unexpectedly: Input/output error
I just got this issue too I installed the Windows May 2020 Update yesterday and then installed Ubunt...
95
kubernetes Kubernetes-cni issue with 1.9.0 - no ip address available in range
I had the same issue on Ubuntu 16.04.1 LTS (using flannel for the networking) Is this a BUG REPORT o...
85
minikube Error getting state for host: exit status 126
As a referential point for anyone who run into this issue on El Capitan and found this via Google (l...
84
minikube Can't use Minikube on VPN
I know this is closed but I'm adding this comment to describe how we made this work: Set port forwar...
81
moby linux spec user: Unable to find user xxx
Why not use the numeric ID of the user instead of a user-name; doing so you don't have to bind-mount...
79
minikube Failed to restart crio.service: Unit crio.service not found.
Ran into the same issue However I am working on Linux The following steps did the trick for me: Unin...
78
moby 20.10.0-beta1@Fedora 33: Failed to program NAT chain: ZONE_CONFLICT: 'docker0' already bound to a zone
I've got a similar error after upgrading docker to version 20.10 on Fedora 32 To fix this ...
77
kubernetes Flannel (NetworkPlugin cni) error: /run/flannel/subnet.env: no such file or directory
Just got the same problem - fixed it by manually adding the file: /run/flannel/subnet.env ...
75
kubernetes Pods stuck on terminating
I have the same issue on Kubernetes 1.8.2 on IBM Cloud After new pods are started the old pods are s...
74
moby Named Volumes in Dockerfile
This is by design With docker-compose I can use named volumes like this: What about Dockerfile? I tr...
73
minikube No example to use minikube with private registry
For Google Container Registry (using oauth2) this works for me: kubectl create secret docker-registr...
72
moby Add daemon options for Docker network subnets
This is a feature request and I support it! docker daemon should have two additional options: --net-...
68
kubernetes Deployment with recreate strategy does not remove old replica set
Thought this might help anyone looking at how to remove inactive replicasets (spec.replicas set to z...
67
moby Trying to connect to Docker API for shell commands throws error
This is likely due to either the Virtual Machine not being started (try docker-machine start default...
66
kubernetes network plugin is not ready: cni config uninitialized
removing $KUBELET_NETWORK_ARGS not work with me. Hello I want to do a fresh install of kubernetes vi...
64
kops etcd-manager certificate rotation
The certs and keys in S3 are only for the CA certificates which have a 10 year expiration ...
64
kubernetes gcloud container get-credentials not authenticating service account
Previously gcloud would have configured kubectl to use the cluster's static client certificate to au...
62
kubernetes kube-proxy iptables load-balancing probability is not equal
This is intended because these iptables rules will be examined from top to bottom Take your case as ...
60
kops kubelet-api is Forbidden to logs pods
I'm not sure this is the right solution 1 What kops version are you running? The command kops versio...
60
kubernetes (1.17) Kubelet won't reconnect to Apiserver after NIC failure (use of closed network connection)
I've fixed it by running this bash script every 5 minutes: We've just upgrade our production cluster...
57
containers roadmap [EKS] [request]: Remove requirement of public IPs on EKS managed worker nodes
Yea thats the part in your documentation I was surprised by Community Note Please vote on this issue...