DDoS-ing container registry #2117
Comments
|
Not really sure what would be causing this. We use skopeo during build time and have some Bootc and rpm-ostree both use skopeo under the hood, but the timers for these for checking updates should be hours apart not seconds. @p5 any ideas? |
No clue why this may be happening. Will have a look in a couple days - I have my own registry proxy service so will be able to inspect the logs. |
Initially reported at containers/bootc#1008 , they said I should contact image producer.
(Original post)
Sorry I'm not sure which is the problem, the user-agent is
skopeo/1.17.0, but obviously it is triggered by bootc.Summary
I'm using Bluefin 41 on my laptop, and using custom image that built and pushed to GitHub, because Fastly CDN's speed is terrible for me, I use Cloudflare Worker + ciiiii/cloudflare-docker-proxy to build a reverse proxy so I can have better download speed, but today, I got the email from Cloudflare, said my Worker quota is exceed to 81%, after checked the Dashboard, I found out lots of query that querying my custom image.
Version
Log from Cloudflare Worker
{ "$cloudflare": { "diagnosticsChannelEvents": [], "truncated": false, "event": { "request": { "url": "https://ghcr-cdn.redacted/v2/xlionjuan/bluefin-dx/tags/list?last=sha256-46b1b35d16e2ee378377b0ba77a8c89a9c35f234a655bab5b12e0f014474b0e7&n=0", "method": "GET", "headers": { "accept-encoding": "gzip, br", "authorization": "********", "cf-connecting-ip": "redacted", "cf-ipcity": "redacted", "cf-ipcontinent": "AS", "cf-ipcountry": "TW", "cf-iplatitude": "redacted", "cf-iplongitude": "redacted", "cf-ray": "redacted", "cf-region": "redacted", "cf-region-code": "redacted", "cf-timezone": "Asia/Taipei", "cf-visitor": "{\"scheme\":\"https\"}", "connection": "Keep-Alive", "docker-distribution-api-version": "registry/2.0", "host": "ghcr-cdn.redacted", "user-agent": "skopeo/1.17.0", "x-forwarded-proto": "https", "x-real-ip": "redacted" }, "cf": {redacted...... }, "verifiedBotCategory": "", "tlsExportedAuthenticator": {redacted...... }, "tlsVersion": "TLSv1.3", "colo": "LAX", "timezone": "Asia/Taipei", "tlsClientHelloLength": "245", "requestPriority": "", "tlsClientExtensionsSha1": "redacted", "region": "redacted", "city": "redacted", "regionCode": "redacted", "asOrganization": "redacted", "tlsClientRandom": "redacted", "httpProtocol": "HTTP/1.1", "clientTcpRtt": 141, "asn": redacted, "edgeRequestKeepAliveStatus": 1 }, "path": "/v2/xlionjuan/bluefin-dx/tags/list" }, "rayId": "redacted", "executionModel": "stateless", "response": { "status": 200 } }, "scriptName": "cloudflare-docker-proxy", "outcome": "ok", "eventType": "fetch", "scriptVersion": { "id": "redacted" }, "$metadata": { "requestId": "redacted", "id": "redacted", "type": "cf-worker-event", "messagePattern": "GET <URL>" } }, "level": "info", "message": "GET https://ghcr-cdn.redacted/v2/xlionjuan/bluefin-dx/tags/list?last=sha256-46b1b35d16e2ee378377b0ba77a8c89a9c35f234a655bab5b12e0f014474b0e7&n=0" }The text was updated successfully, but these errors were encountered: