Docker push – net/http: TLS handshake timeout

I’ve deployed a private docker image registry on an AWS EC2 Ubuntu 14.04 instance. The registry is secured using Let’s Encrypt certificate.

Unfortunately, I’m getting net/http: TLS handshake timeout for docker push operations that take longer than 300s:

  • x509 certificate signed by unknown authority- Kubernetes
  • DockerFile to run a java program
  • Unable to run docker image: mountpoint for blkio not found
  • Do you have to remove all stacks at once with docker?
  • Enable external network access from my docker swarm
  • Running docker build with an apt proxy
  • This is the output of the time'd command:

    [luqo33@home-pc containers]$ time docker push <my-registry-domain:5000>/nginx                                                    
    The push refers to a repository [<my-registry-domain:5000>/nginx]
    dda5a806f0b0: Layer already exists
    ec35cfccb7f7: Layer already exists
    94c1a232bb3f: Layer already exists
    6d6b9812c8ae: Layer already exists
    695da0025de6: Retrying in 1 second
    fe4c16cbf7a4: Pushing [================================================>  ]   119 MB/123 MB
    net/http: TLS handshake timeout
    real    5m0.847s
    user    0m0.097s
    sys     0m0.017s

    Logs of the regsitry:2 container do not show any errors – other than the notification that there was an unexpected EOF while receiving data. I can also push images that take less than 5min to push without problems.

    I’m suspecting that it’s a system setting at blame as the timeout happens always once the operations goes beyond 300 seconds. There isn’t any load balancer or other proxy. <my-registry-domain:5000> points directly at the server IP.

    How can I further investigate and possible remedy this situation?


    The same happens when I push images to other server providers (DigitalOcean), AWS ECS registry or even Docker Hub! I find it hard to believe that the Docker client would have a built-in handshake timeout of 300s.

    I’m thinking that perhaps I should start look for the solution at the network level – with my hardware (wi-fi router) or my ISP.

    Anybody has a clue what is happening here?

  • Docker - dynamic regex-based sed substitution in files
  • How can i deploy docker cluster for many instances via web interface? [closed]
  • How to deploy a echo app to Marathon (on Mesos on Docker on Mac)?
  • Where could I find docker-standard environment variables like DOCKER_HOST?
  • run chroot within docker
  • Can't connect in php to db in postgres-docker-container
  • One Solution collect form web for “Docker push – net/http: TLS handshake timeout”

    I got the same issue, this issue is may be from your internet connection, I solved it by decrementing the concurrency uploads (downloads for get) to 1 in dockerd

    --max-concurrent-downloads  (default: 3)    Set the max concurrent downloads for each pull
    --max-concurrent-uploads    (default: 5)    Set the max concurrent uploads for each push

    uploading 5 images in same time may result a timeout 😉

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.