Docker push – net/http: TLS handshake timeout

I’ve deployed a private docker image registry on an AWS EC2 Ubuntu 14.04 instance. The registry is secured using Let’s Encrypt certificate.

Unfortunately, I’m getting net/http: TLS handshake timeout for docker push operations that take longer than 300s:

  • Is there a way to watch the change of service`tasks in docker swarm mode?
  • Direct-LVM stops working after reboot
  • Start a docker machine using JavaScript
  • Docker-compose failing to run a jar file but works with Dockerfile
  • Run multiple services inside one docker container [closed]
  • rebuild docker image from specific step
  • This is the output of the time'd command:

    [luqo33@home-pc containers]$ time docker push <my-registry-domain:5000>/nginx                                                    
    The push refers to a repository [<my-registry-domain:5000>/nginx]
    dda5a806f0b0: Layer already exists
    ec35cfccb7f7: Layer already exists
    94c1a232bb3f: Layer already exists
    6d6b9812c8ae: Layer already exists
    695da0025de6: Retrying in 1 second
    fe4c16cbf7a4: Pushing [================================================>  ]   119 MB/123 MB
    net/http: TLS handshake timeout
    real    5m0.847s
    user    0m0.097s
    sys     0m0.017s

    Logs of the regsitry:2 container do not show any errors – other than the notification that there was an unexpected EOF while receiving data. I can also push images that take less than 5min to push without problems.

    I’m suspecting that it’s a system setting at blame as the timeout happens always once the operations goes beyond 300 seconds. There isn’t any load balancer or other proxy. <my-registry-domain:5000> points directly at the server IP.

    How can I further investigate and possible remedy this situation?


    The same happens when I push images to other server providers (DigitalOcean), AWS ECS registry or even Docker Hub! I find it hard to believe that the Docker client would have a built-in handshake timeout of 300s.

    I’m thinking that perhaps I should start look for the solution at the network level – with my hardware (wi-fi router) or my ISP.

    Anybody has a clue what is happening here?

  • DockerHub Webhook trigger Jenkins build
  • How to auto restart a Docker container after a reboot in CoreOS?
  • Copy files and create symlink from a shared volume on Docker on container start
  • Unexpected error when Vagrant up using yaml file
  • Why I cannot get output of tail of a file created by docker build
  • docker dead but pidfile exists
  • One Solution collect form web for “Docker push – net/http: TLS handshake timeout”

    I got the same issue, this issue is may be from your internet connection, I solved it by decrementing the concurrency uploads (downloads for get) to 1 in dockerd

    --max-concurrent-downloads  (default: 3)    Set the max concurrent downloads for each pull
    --max-concurrent-uploads    (default: 5)    Set the max concurrent uploads for each push

    uploading 5 images in same time may result a timeout 😉

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.