Mirror Registry for OpenShift doesn’t show correct IP address in logs

Solution Verified - Updated -

Issue

  • When deploying Mirror Registry(on RHEL 8,9) as a non-root user, the real IP address of the local machine/ VM/ RHOCP worker nodes does not get logged.

  • User logs from Quay WebUI, record the IP 10.0.2.100 even if requests to Quay come from different clients.

  • Systemd logs show the below error message :

    May 16 12:05:46 apimts-registry quay-app[12878]: nginx stdout | 10.0.2.100 (-) - - [16/May/2023:05:05:46 +0000] "GET 
/v2/openshift4/blobs/sha256:bb6df4bd210d623b8f328c9f15a6264af9196d42d6654e4d5538bb43111e5d94 HTTP/1.1" 200 114216651 "-" "cri-o/1.23.5- 
7.rhaos4.10.git5cc2f1e.el8 go/go1.17.12 os/linux arch/amd64" (4.904 1361 4.904)
May 16 12:05:46 apimts-registry podman[12800]: gunicorn-registry stdout | 2023-05-16 05:05:46,589 [185] [INFO] [gunicorn.access] 10.0.2.100 - - 
[16/May/2023:05:05:46 +0000] "GET /v2/openshift4/blobs/sha256:bb6df4bd210d623b8f328c9f15a6264af9196d42d6654e4d5538bb43111e5d94 HTTP/1.1" 200 
115717174 "-" "cri-o/1.23.5-7.rhaos4.10.git5cc2f1e.el8 go/go1.17.12 os/linux arch/amd64"

  • How to log the real IP address of the client which is pulling images from the mirror registry?

  • What is the right way to add a flag --network slirp4netns:port_handler=slirp4netns in the unit file quay-app.service?

Environment

  • Mirror Registry for OpenShift
    • 1.3.7
  • Red Hat OpenShift Container Platform (RHOCP)
    • 4.x
  • Red Hat Enterprise Linux (RHEL)
    • 8, 9

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content