Can I increase LDAP timeouts when accessing Quay?

Solution Verified - Updated 13 Jun 2024

Environment

Red Hat Quay
- 3.x

Issue

There are ldap timeouts for some users when accessing Quay. Is it possible to increase the timeout value?

Resolution

Add the following properties to Quay's config.yaml file. This will increase the timeout to 60 seconds. The Content from github.com is not included.default is 10 seconds:

LDAP_TIMEOUT: 60
LDAP_NETWORK_TIMEOUT: 60

For containerized Quay, redeploy quay with latest configuration.
For operator based Quay, update the config-bundle secret with latest configuration.

Root Cause

The LDAP configuration is read from Quay's config.yaml file. Go through the Content from github.com is not included.code snip that governs LDAP parameters.

Diagnostic Steps

End Clients see below error when connecting to Quay.

2022-07-07T05:42:16.0060248Z ##[error]Head "https://docker-registry-example.com/v2/repo1/image-name/manifests/tag": received unexpected HTTP status: 500 Internal Server Error

Quay logs show below error:

nginx stdout | 10.49.12.4 () - user1 [07/Jul/2022:05:42:15 +0000] "GET /v2/auth?account=user1&scope=repository%3repo1%2Fimage-name%3Apull&service=docker-registry-example.com HTTP/1.1" 500 141 "-" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/4.15.0-166-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \x5C(linux\x5C))" (10.207 493 10.208)

SBR

Shift Container Registry

Product(s)

Red Hat Quay

Components

quay

Category

Learn more

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.