Wonder how many builds or redeployments this will break. Personally, nothing against Docker or Docker Hub of course, I find them to be useful.
Depends on the implementation, of course: I'm speaking to 'distribution/distribution', the reference. Harbor or whatever else may behave differently, I have no idea.
Asside; seems Signal is also having issues. Damn.
Edit to add: This might spur on a few more to start doing that, but people are quick to forget/prioritise other areas. If this keeps happening then it will change.
It's not just about reducing your exposure to third parties who you (presumably) don't have a contract with, it's also good mitigation against potential supply chain attacks - especially if you go as far as building the base images from scratch.
https://github.com/actions/runner-images/issues/1445#issueco... https://github.com/orgs/community/discussions/76636
Thankfully, AWS provides a docker.io mirror for those who can't wait:
FROM public.ecr.aws/docker/library/{image_name}
▪ https://auth.docker.io → "No server is available to handle this request"
After switching to the AWS mirror, everything built successfully without any issues.
Just had to change
FROM {image_name}
FROM mirror.gcr.io/{image_name}
[0]: https://cloud.google.com/artifact-registry/docs/pull-cached-...
FROM mirror.gcr.io/{image_name}
failed to resolve source metadata for mirror.gcr.io/
If you're image is not cached on one of these then you may be SOL.
- AWS
- Vercel
- Atlassian
- Cloudflare
- Docker
- Google (see downdetector)
- Microsoft (see downdetector)
What's going on?
For instance: When there's a widespread Verizon cellular outage, sites like downdetector will show a spike in Verizon reports.
But such sites will also show a spike in AT&T and T-Mobile reports. Even though those latter networks are completely unaffected by Verizon's back-end issues, the graphs of user reports are consistently shaped the same for all 3 carriers.
This is just because some of the users doing the reporting have no clue.
So when the observation is "AWS is in outage and people are reporting issues at Google, and Microsoft," then the last two are often just factors of people being people and reporting the wrong thing.
(You're hanging out on HN, so there's very good certainty that you know what precisely what cell carrier you're using and also can discern the difference betwixt an Amazon, a Google, and a Microsoft. But lots of other people are not particularly adept at making these distinctions. It's normal and expected for some of them to be this way at all times.)
It is a huge deal if I can start investigating and deploying such a solution as a techie right away, compared to having to go through all the internal hoops for a software purchase.
Isn’t a big part of getting a project out there actually letting people know what it is? Especially if you’re trying to give a tool to the open source-valuing community. That’s a high priority for them. That’s like having a vegan menu and not saying you’re a vegan restaurant anywhere public facing.
Kuik: https://github.com/enix/kube-image-keeper?tab=readme-ov-file...
Also it looks kuik uses CRDs to store information about where images are cached, while Spegel uses its own p2p solution to do the routing of traffic between nodes.
If you are running k3s in your homelab you can enable Spegel with a flag as it is an embedded feature.
P.S. Your blog could do with an rss feed ;). I will track https://github.com/spegel-org/spegel/releases.atom for now
> [Monitoring] We are seeing error rates recovering across our SaaS services. We continue to monitor as we process our backlog.
Ex: `docker pull ghcr.io/linuxcontainers/debian-slim:latest`
Google Container Registry provides a pull-through mirror, though, just prefix `mirror.gcr.io` and use `library` as the user for the Docker Official Images. For example `mirror.gcr.io/library/redis` for https://hub.docker.com/_/redis.
I find that it better surfaces the best discussion when there are multiple threads (like in this example), and it keeps showing slightly older threads for longer when there's still discussion happening.
atymic•8h ago
reader_1000•5h ago
Isn't it everyone using multiple cloud providers nowadays? Why are they affected by single cloud provider outage?
postexitus•5h ago
lvncelot•5h ago
True multi-tenancy is not only very rare, it's an absolute pain to manage as soon as people start using any vendor-specific functionality.
dijit•2h ago
It's also true in circumstances where things have the same name but act differently.
You'd be forgiven for believing that AWS IAM and GCP IAM are the same thing for example, but in GCP an IAM Role is simply a list of permissions that you can attach to an identity. In AWS an IAM Role is the identity itself.
Other examples; if you're coming from GCP, you'd be forgiven for thinking that Networks are regional in AWS, which will be annoying to fix later when you realise you need to create peering connections.
Oh and while default firewall rules are stateful on both, if you dive into more advanced network security, the way rules are applied and processed can have subtle differences. The inherent global nature of the GCP VPC means firewall rules, by default, apply across all regions within that VPC, which requires a different mindset than AWS where rules are scoped more tightly to the region/subnet.
There's like, hundreds of these little details.
DiggyJohnson•50m ago
> There’s like hundreds of these little issues
Exactly. If it is a handful of things that is fine. It’s often as you describe.
OtherShrezzing•2h ago
DiggyJohnson•48m ago
rcxdude•5h ago
nobleach•4h ago
madisp•4h ago
roywiggins•3h ago
jelder•2h ago
On the other hand, it's pretty embarrassing at this point for something as fundamental as Docker to be in a single region. Most cloud providers make inter-region failover reasonably achievable.
richardwhiuk•47m ago
There are multiple AWS services which are "global" in the sense that they are entirely hosted out of AWS East 1
wredcoll•53m ago
No? I very much doubt anyone is doing that.
DiggyJohnson•52m ago