30 comments

[ 2.0 ms ] story [ 52.2 ms ] thread
Yep I'm getting 503's. But the status page says nothing is wrong: https://www.dockerstatus.com/

Update: I configured the gcp docker mirror and can pull images again https://cloud.google.com/artifact-registry/docs/pull-cached-...

Same here - checked from multiple locations.
Same here. 503 when we try to pull an image during our deployment pipeline.
"Full Service Disruption" for Docker Hub Registry acknowledged at the time of writing
as of 22:45 UTC (~30 minutes ago) they marked the status green with "Issue is mitigated, monitoring the situation"

...but I'm still getting 503 responses on my dev box as well as when I run `curl https://registry.docker.io/` on 2 CI boxes in 2 different datacenters.

Can also confirm that our entire pipeline is down. We use CircleCI and henceforth all deployments are instantly failing. Luckily no mission critical deployments today...
That’s why we mirror and scan the images with Artifactory. Prevents these issues
Does anyone know how to skip/bypass the "load metadata for docker.io/" step on a build? I already have the image cached but it fails on that step regardless.
If you specify the image digest in the image address, buildkit (the low-level implementation of docker build) will skip the metadata lookup.

For example:

  FROM nginx:1.21.6@sha256:ec5c36ef5a2c29cf90d5b59c5f9f90272b472c604983b474b201bc2bfa123e6f

    docker build --pull=false ...
it’s not the pull, it’s a metadata check
The metadata check is part of the builds image pull process. The step can resolve a `FROM repo/image:tag` reference to the content sha the tag points to, and then if required fetch the content.

In any case, recent-ish (maybe 24+) versions of docker default to a "prefer local" mode in buildkit so a local cached entry will be returned first if possible before any remotes are resolved.

Out of interest, what docker/buildx/buildkit versions were attempting the connection? We ran into this on some container builds that run offline last year some time and I'm wondering if it was due to some ancient docker, as that flag appears useless on current docker.

- https://github.com/docker/buildx/blob/7b1ec7211d871dfba53b10...

docker build --pull=false . still does a metadata check for me every single time. If i add the @sha256: like the sibling comment suggested, it does not.

Docker 26.1.4

Docker is back up.
Something wasn’t run in a container…
I am using orbstack, best alternative to docker.
It's not clear how this would help with a dockerhub outage. It doesn't appear to offer a pull-through cache?

The reason the outage is impactful on many is because they're using containers which are hosted on dockerhub.

Welp, I guess I'm calling it a day off
(comment deleted)
This is the 2nd one this year I'm pretty sure. I wonder what the losses come out to all things considered in terms of development time and applications going offline (claude was offline for 10 or so minutes when this happened).
(comment deleted)