How to get remote access to a private docker-registry?

Question

I\'m trying to setup a private docker registry using the image taken from: https://github.com/docker/docker-registry

Just by running:
docker run -p 5000:50

Answer 1

Edit the config file "/etc/default/docker"

sudo vi /etc/default/docker

add the line at the end of file

DOCKER_OPTS="$DOCKER_OPTS --insecure-registry=192.168.2.170:5000"

(replace the 192.168.2.170 with your own ip address)

and restart docker service

sudo service docker restart

Answer 2

OK - I found the solution to this - after a day of digging.

For docker below 1.12.1:

It turns out that the new client version refuses to work with a private registry without SSL.

To fix this - the daemon on the client machine should be launched with the insecure flag:

Just type:

sudo service docker stop # to stop the service

and then

sudo docker -d --insecure-registry 10.0.0.26:5000

(replace the 10.0.0.26 with your own ip address).

I would expect the docker guys to add this option to the pull/push command line...

Edit - altenantively - you can add the flag to DOCKER_OPTS env variable inside /etc/default/docker... and then sudo service docker restart

Edit again - It seems that the docker guys are on it - and a fix will come soon: https://github.com/docker/docker/pull/8935

For docker 1.12.1:

Please follow below the answer of vikas027 (valid for centos)

Answer 3

edit docker.service file, add --insecure-registry x.x.x.x after -d flag, restart docker

this is the only thing that worked for me, the DOCKER_OPTS didn't have any effect

Answer 4

In addition to the above answers, I am adding what worked in "docker for mac" for me:

1. Click on the docker whale icon from mac tray on top right corner of your screen.
2. Click on Preferences -> Daemon.
3. Add your IP and port to the insecure registries.
4. Restart the Daemon.

Answer 5

Setting Local insecure registry in docker along with proxy:

1) in ubuntu add the following flag --insecure-registry IP:port under DOCKER_OPTS in file /etc/default/docker

1.1) configure no_proxy env variable to bypass local IP/hostname/domainname...as proxy can throw a interactive msg ...like continue and this intermediate msg confuses docker client and finally timesout...

1.2) if domainname is configured...then don't forget to update /etc/hosts file if not using DNS.

1.3) in /etc/default/docker set the env variables http_proxy and https_proxy...as it enables to download images from outside company hubs. format http_proxy=http://username:password@proxy:port

2) restart the docker service...if installed as service, use sudo service docker restart

3) restart the registry container [sudo docker run -p 5000:5000 registry:2 ]

4) tag the required image using sudo docker tag imageid IP:port/imagename/tagname ifany

5) push the image ...sudo docker push ip:port/imagename

6) If u want to pull the image from another machine say B without TLS/SSL,then in B apply setps 1,1.1 and 2. If these changes are not done in machine B...pull will fail.

Answer 6

Two step solution(without --insecure-registry):

1. Download public key from your registry
2. Put it into /etc/docker/certs.d/$HOSTNAME/ directory

 

mkdir -p /etc/docker/certs.d/10.0.0.26:5000
echo -n | openssl s_client -connect 10.0.0.26:5000 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /etc/docker/certs.d/10.0.0.26:5000/registry.crt

Now your docker will trust your self-signed certificate.