Docker registry getsockopt: connection refused

I am attempting to set up my own docker registry on an EC2 instance, Ubuntu Server 16.04. Having followed https://docs.docker.com/registry/deploying/, I currently have nginx running with LetsEncrypt and have successfully started the docker registry service with the docker run command. However, the system responds that the connection is refused when doing docker push.

Below I have substituted my FQDN with docker.example.com but the DNS is resolving correctly.

  • Docker containers as Linux services?
  • Redis inter-container communication fails after restart of swarm manager
  • fs.readFile Behaving Differently Inside Docker Container
  • creating a file inside /etc/apt/sources.list.d/
  • docker-compose: using multiple Dockerfiles for multiple services
  • OpenShift and persistent Redis config
  • $ docker run -d -p 5000:5000 --restart=always --name docker-registry -v /etc/letsencrypt/live/docker.example.com:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/fullchain.pem -e REGISTRY_HTTP_TLS_KEY=/certs/privkey.pem registry:2
    $ docker pull ubuntu
    $ docker tag ubuntu docker.example.com:5000/ubuntu
    $ docker push docker.example.com:5000/ubuntu
    The push refers to a repository [docker.example.com:5000/ubuntu]
    Get https://docker.example.com:5000/v1/_ping: dial tcp 54.x.x.x:5000: getsockopt: connection refused
    

    The service appears to be listening.

    $ sudo netstat -tlnp | grep :5000
    tcp6    0     0 :::5000           :::*            LISTEN      9655/docker-proxy
    

    And I can even connect on localhost.

    $ nc -nv 127.0.0.1 5000
    Connection to 127.0.0.1 5000 port [tcp/*] succeeded!
    

    But attempting to connect remotely fails.

    $ nc -nv 54.x.x.x 5000
    nc: connect to 54.x.x.x port 5000 (tcp) failed: Connection refused
    

    The firewall also allows 5000/tcp.

    $ sudo ufw status | grep 5000
    5000/tcp                   ALLOW       Anywhere
    5000/tcp (v6)              ALLOW       Anywhere (v6)
    

    The AWS ACL allows 5000/tcp to everyone (0.0.0.0/0). What am I missing?

  • Get the host IP from my django app container
  • Docker custom dns resolve among containers
  • How can docker be used to run multiple open source web applications?
  • Running Disco in a Docker container
  • Make JMX work with spotify/kafka Docker image
  • Docker container calls binary from another container
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.