Docker mirroring configuration questions

We’re running a private docker registry (currently 0.8.1), to which we push our images. It is running with standalone set to default (true), and with no index specified. Now, we’re looking to set up private mirrors of that private registry. I configure the MIRROR_SOURCE with the IP_ADDR:PORT and MIRROR_TAGS_CACHE_TTL with a TTL, and pass both with -e on the container command line.

So far so good. I can push to this registry mirror, and pull anything that I have pushed there. I cannot, however, get it to act like a proper mirror, where on a cache miss it fetches from the upstream registry specified in MIRROR_SOURCE. Instead, I get an HTTP 500.

Is a docker index (such as ekristen/docker-index) required when enabling mirroring? Firewall config looks good. Pointers on what else I should be looking at would be appreciated.

are you perhaps hanging out for https://github.com/docker/docker/pull/9161 ?

Yes, this might very well be it. However, in trying to test this on my CentOS 6.5 box, I run into the following issue:

[root@marcporw-ws bin]# docker run -d -e MIRROR_SOURCE=10.30.50.33:5000 -e MIRROR_TAGS_CACHE_TTL=7200 --name docker_registry_mirror -v /media/state/var/dat/registry:/var/dat/registry:rw -p 5000:5000 registry:5000/registry-mirror
5a315780488a62d2f9659cc17d1bb5123053163b37d475a16bacf3d080fb968e
2014/11/14 09:27:11 Error response from daemon: Cannot start container 5a315780488a62d2f9659cc17d1bb5123053163b37d475a16bacf3d080fb968e: open /sys/class/net/veth2ba8832/brport/hairpin_mode: read-only file system

Seems like someone else is hitting this as well, also CentOS 6.5 only: https://github.com/docker/docker/issues/9134

Our dev environment is mostly CentOs 6.5, and we deploy on CoreOS. I can’t seem to update /usr/bin/docker on CoreOS, unless there’s a way of doing that via cloud_config that I haven’t found yet. So, seemingly stuck for now.

Interestingly, the hairpin_mode problem does not appear on the first invocation of the container after a reboot… so I was able to get it running. However, it does not look like it is detecting the mirror I provided:

marcporw-ws[~]$ sudo docker run -d -e MIRROR_SOURCE=10.30.50.33:5000 -e MIRROR_TAGS_CACHE_TTL=7200 --name docker_registry_mirror -v /media/state/var/dat/registry:/var/dat/registry:rw -p 5000:5000 registry:5000/registry-mirror

marcporw-ws[~]$ sudo docker ps
CONTAINER ID        IMAGE                                  COMMAND                CREATED             STATUS              PORTS                    NAMES
c26cf1c4c2b8        registry:5000/registry-mirror:latest   "/bin/sh -c 'exec do   41 minutes ago      Up 8 seconds        0.0.0.0:5000->5000/tcp   docker_registry_mirror   
marcporw-ws[~]$ sudo docker pull registry:5000/ecm
Pulling repository registry:5000/ecm - with mirrors []
2014/11/14 10:46:16 HTTP code: 500
marcporw-ws[~]$ ping registry
PING localhost (127.0.0.1) 56(84) bytes of data.

So there’s still something I must be missing in the config?