Harbor to Harbor replication fails with large number of projects, when behind Nginx proxy.

[tjerbaugh]

When replicating between two Harbor instances, both behind the provided Nginx proxy (official harbor helm chart), the target harbor-nginx logs show the error: "upstream sent too big header while reading response header from upstream".

Is there a way in the values.yaml to modify the deployed harbor-nginx configmap?

We got it to work by adding the following values to the http section, by editing the live manifest.
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;

The issues with this are:

1. We have to do this manually (or create some script to automate it)
2. Since we deploy harbor via ArgoCD, it constantly sees the configmap as out of sync, and will overwrite on next sync.

[Vad1mo]

looks like a proxy or LB in between problem.

set your ingress to not buffer.

e.g.

 nginx.ingress.kubernetes.io/ssl-redirect: "true"
  nginx.ingress.kubernetes.io/proxy-body-size: "0"
  ingress.kubernetes.io/proxy-body-size: "0"
  nginx.ingress.kubernetes.io/proxy-buffering: "off"
  nginx.ingress.kubernetes.io/proxy-request-buffering: "off"

[tjerbaugh]

Hey @Vad1mo we are using the Nginx server that is used when exposing via loadBalancerIP. Any thoughts on how we can accomplish the same thing in the values.yaml for the Nginx server?

[inzanez]

@Vad1mo just to understand that right: doing the push to Azure should not involve any proxy or LB in between, should it? Maybe on the Azure side...but on the Harbor end I would have expected a direct connection from the client doing the push replication to the Azure server?