New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for dockerhub rate-limiting #19984
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is a great contribution. thank you very much.. We need to give it a test
Head branch was pushed to by a user without write access
Thank you too, I just sqished some style related bugs, we'll see how it goes now. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed/explained in Fix: review - ...
commits.
bd59e2d
to
55be54b
Compare
cc483a2
to
b443030
Compare
|
701420e
to
43f6e95
Compare
Fixed, 'retry' is now used ONLY when last response was 429 and we waited. |
From the perspective of Harbor core, adding retry would result in more GET or HEAD requests to the upstream Docker registry, potentially increasing the chances of hitting rate limits. Personally, I believe it's better to fail early and inform the client of the failure ASAP. This allows the client to decide whether to implement retry on their end. Hiding the retry functionality on the server side would inevitably increase response time, which could lead to timeouts for some clients. This approach doesn't seem practical to me. |
Retry was implemented in order to keep running replication alive during block time (in exchange for time waited). But I can see your point and without retry, the solution is also more elegant: |
@wy65701436 can you elaborate on what would be required to change in order to get this PRs merged. IMO, it definitely makes sense to be compliant and respect the Docker Hub rate limits. |
@wy65701436, what should I do to get this PR accepted?
I'm OK with any solution that makes Harbor able to replicate projects with many tags. |
5a71fd2
to
4fa9a38
Compare
d1a4f00
to
4ee91bf
Compare
d366a14
to
5e8ecfc
Compare
Signed-off-by: Jiri Vrba <jiri.vrba@firma.seznam.cz>
Is there anybody to help me with this PR? |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #19984 +/- ##
==========================================
- Coverage 67.56% 67.47% -0.09%
==========================================
Files 991 998 +7
Lines 109181 110134 +953
Branches 2719 2724 +5
==========================================
+ Hits 73768 74317 +549
- Misses 31449 31831 +382
- Partials 3964 3986 +22
Flags with carried forward coverage won't be shown. Click here to find out more.
|
@wy65701436 can we get some indication for @Grimm75 in what direction to move? |
Add support for dockerhub API rate-limiting
Added function which wraps around
client.Do()
and:retry-after
header.appropriately if rate-limit depletion is eminent.
And replaced calls to
client.Do()
with wrapped one.See:
https://docs.docker.com/docker-hub/api/latest/#tag/rate-limiting
PS: Above docs are incorrect about
x-retry-after
header -name
andcontent
doesn't match observed headers from dockerhub, which areretry-after
(withoutx-
) and content is positive integer - number of seconds to wait, conforming to RFC9110 10.2.3.Issue being fixed
Fixes #19967
Please indicate you've done the following: