Container Registry listening on wrong port?
I recently set up a container registry for our GitLab instance. It's supposed to run on port 5056
. (We've already set up the firewall accordingly)
However, from the logs and output of netstat
it seems the registry is actually running on port 5000
.
Now I'm not sure if this is intentional behavior, but uploading images to the registry doesn't work.
From my CI/CD job I've written I know that runners can't connect to it:
Error response from daemon: Get "https://git.example.com:5056/v2/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
This is when using the following job:
.build-docker:
image: docker:26
services:
- docker:26-dind
variables:
IMAGE: ${CI_REGISTRY_IMAGE}/$SERVICE
before_script:
- docker info
- export VER=$(date +"%Y.%m.%d")
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
script:
- docker build -f ${CI_PROJECT_DIR}/docker/${SERVICE}.DOCKERFILE -t ${IMAGE}:${VER} -t ${IMAGE}:latest
- docker push ${IMAGE}:${VER}
- docker push ${IMAGE}:latest
I also can't connect to it from my local machine:
docker login -u <user> https://git.example.com:5056
Error response from daemon: Get "https://git.example.com:5056/v2/": dial tcp xxx.xxx.xxx.xxx:5056: connect: connection refused
This also happens when I try port 5000
but that is probably due to the firewall settings which I don't have access to.
My registry is configured as follows in my /etc/gitlab/gitlab.rb
:
external_url 'https://git.example.com'
# [...]
##################
# Regsitry Nginx #
##################
## see: https://docs.gitlab.com/ee/administration/packages/container_registry.html
registry_external_url 'https://git.example.com:5056'
registry_nginx['listen_https'] = true
registry_nginx['listen_port'] = '5056'
registry_nginx['ssl_certificate'] = '/path/to/my/wildcard/cert.crt'
registry_nginx['ssl_certificate_key'] = '/path/to/my/wildcard/cert.key'
gitlab_rails['registry_path'] = "/mnt/data/registry" # specifically mounted drive for registry data, owner is 'registry:git'
## see: https://docs.gitlab.com/ee/administration/packages/container_registry_metadata_database.html
registry['database'] = {
'enabled' => true,
'host' => 'localhost',
'port' => 5432,
'user' => 'registry',
'password' => 'database-password',
'dbname' => 'registry',
'sslmode' => 'disable', # The database is not accessible from the outside so I didn't enable SSL
'sslcert' => '',
'sslkey' => '',
'sslrootcert' => ''
}
Edited by JL Euler