diff --git a/docker.spec b/docker.spec
index 5e4ee8e..22846bf 100644
--- a/docker.spec
+++ b/docker.spec
@@ -1,6 +1,6 @@
 Name: docker-engine
 Version: 18.09.0
-Release: 109
+Release: 110
 Summary: The open-source application container engine
 Group: Tools/Docker
 
@@ -223,3 +223,10 @@ fi
 5.do not sync if BYPAAS_SYNC is false
 6.fix panic on single-character volumes
 7.mask /proc/pin_memory
+
+* Mon Dec 21 2020 fengshaobao<shaobao.feng@huawei.com> - 18.09.110
+- Type:bugfix
+- ID:NA
+- CVE:NA
+- SUG:restart
+- DESC: append the image hostname itself as an endpoint even the registry mirror matched.
diff --git a/patch/0174-docker-do-not-return-when-matched-registry-mirror.patch b/patch/0174-docker-do-not-return-when-matched-registry-mirror.patch
new file mode 100644
index 0000000..20865d7
--- /dev/null
+++ b/patch/0174-docker-do-not-return-when-matched-registry-mirror.patch
@@ -0,0 +1,139 @@
+From 56c1d6c149b18214a8d01ab3f1738cae4792109a Mon Sep 17 00:00:00 2001
+From: f00231050 <shaobao.feng@huawei.com>
+Date: Mon, 7 Dec 2020 15:30:11 +0800
+Subject: [PATCH] docker: do not return when matched registry mirror
+
+reason: append hostname itself to make sure the hostname itself will be tried.
+---
+ components/engine/registry/service_v2.go | 86 +++++++++++++++-----------------
+ 1 file changed, 41 insertions(+), 45 deletions(-)
+ mode change 100644 => 100755 components/engine/registry/service_v2.go
+
+diff --git a/components/engine/registry/service_v2.go b/components/engine/registry/service_v2.go
+old mode 100644
+new mode 100755
+index adeb10c..df66cd7
+--- a/components/engine/registry/service_v2.go
++++ b/components/engine/registry/service_v2.go
+@@ -19,8 +19,7 @@ func (s *DefaultService) lookupV2Endpoints(hostname string) (endpoints []APIEndp
+ 		if reg != nil {
+ 			var regEndpoints []registrytypes.Endpoint = reg.Mirrors
+ 
+-			lastIndex := len(regEndpoints) - 1
+-			for i, regEP := range regEndpoints {
++			for _, regEP := range regEndpoints {
+ 				official := regEP.Address == registrytypes.DefaultEndpoint.Address
+ 				regURL := regEP.GetURL()
+ 
+@@ -41,49 +40,48 @@ func (s *DefaultService) lookupV2Endpoints(hostname string) (endpoints []APIEndp
+ 					TLSConfig:    tlsConfig,
+ 					Prefix:       hostname,
+ 					// the last endpoint is not considered a mirror
+-					Mirror: i != lastIndex,
++					Mirror: true,
+ 				})
+ 			}
+-			return endpoints, nil
++			// don't return here, otherwise the hostname itself will not be appended to the endpoints,
++			// and the hostname itself will not be tried, which is not a desired action.
+ 		}
+-	} else {
++	}
++	if hostname == DefaultNamespace || hostname == IndexHostname {
+ 		tlsConfig = tlsconfig.ServerDefault()
+-		if hostname == DefaultNamespace || hostname == IndexHostname {
+-			// v2 mirrors
+-			for _, mirror := range s.config.Mirrors {
+-				if !strings.HasPrefix(mirror, "http://") && !strings.HasPrefix(mirror, "https://") {
+-					mirror = "https://" + mirror
+-				}
+-				mirrorURL, err := url.Parse(mirror)
+-				if err != nil {
+-					return nil, err
+-				}
+-				mirrorTLSConfig, err := s.tlsConfigForMirror(mirrorURL)
+-				if err != nil {
+-					return nil, err
+-				}
+-				endpoints = append(endpoints, APIEndpoint{
+-					URL: mirrorURL,
+-					// guess mirrors are v2
+-					Version:      APIVersion2,
+-					Mirror:       true,
+-					TrimHostname: true,
+-					TLSConfig:    mirrorTLSConfig,
+-				})
++		// v2 mirrors
++		for _, mirror := range s.config.Mirrors {
++			if !strings.HasPrefix(mirror, "http://") && !strings.HasPrefix(mirror, "https://") {
++				mirror = "https://" + mirror
++			}
++			mirrorURL, err := url.Parse(mirror)
++			if err != nil {
++				return nil, err
++			}
++			mirrorTLSConfig, err := s.tlsConfigForMirror(mirrorURL)
++			if err != nil {
++				return nil, err
+ 			}
+-			// v2 registry
+ 			endpoints = append(endpoints, APIEndpoint{
+-				URL:          DefaultV2Registry,
++				URL: mirrorURL,
++				// guess mirrors are v2
+ 				Version:      APIVersion2,
+-				Official:     true,
++				Mirror:       true,
+ 				TrimHostname: true,
+-				TLSConfig:    tlsConfig,
++				TLSConfig:    mirrorTLSConfig,
+ 			})
+-
+-			return endpoints, nil
+ 		}
+-	}
++		// v2 registry
++		endpoints = append(endpoints, APIEndpoint{
++			URL:          DefaultV2Registry,
++			Version:      APIVersion2,
++			Official:     true,
++			TrimHostname: true,
++			TLSConfig:    tlsConfig,
++		})
+ 
++		return endpoints, nil
++	}
+ 	ana := allowNondistributableArtifacts(s.config, hostname)
+ 
+ 	tlsConfig, err = s.tlsConfig(hostname)
+@@ -91,18 +89,16 @@ func (s *DefaultService) lookupV2Endpoints(hostname string) (endpoints []APIEndp
+ 		return nil, err
+ 	}
+ 
+-	endpoints = []APIEndpoint{
+-		{
+-			URL: &url.URL{
+-				Scheme: "https",
+-				Host:   hostname,
+-			},
+-			Version:                        APIVersion2,
+-			AllowNondistributableArtifacts: ana,
+-			TrimHostname:                   true,
+-			TLSConfig:                      tlsConfig,
++	endpoints = append(endpoints, APIEndpoint{
++		URL: &url.URL{
++			Scheme: "https",
++			Host:   hostname,
+ 		},
+-	}
++		Version:                        APIVersion2,
++		AllowNondistributableArtifacts: ana,
++		TrimHostname:                   true,
++		TLSConfig:                      tlsConfig,
++	})
+ 
+ 	if tlsConfig.InsecureSkipVerify {
+ 		endpoints = append(endpoints, APIEndpoint{
+-- 
+1.8.3.1
+
diff --git a/series.conf b/series.conf
index 3ea83f6..b4246ed 100644
--- a/series.conf
+++ b/series.conf
@@ -168,4 +168,5 @@ patch/0170-docker-fix-docker-load-files-leak.patch
 patch/0171-docker-do-not-sync-if-BYPAAS_SYNC-is-false.patch
 patch/0172-docker-fix-panic-on-single-character-volumes.patch
 patch/0173-docker-mask-proc-pin_memory.patch
+patch/0174-docker-do-not-return-when-matched-registry-mirror.patch
 #end