Docker registry getsockopt: connection refused

I am attempting to set up my own docker registry on an EC2 instance, Ubuntu Server 16.04. Having followed https://docs.docker.com/registry/deploying/, I currently have nginx running with LetsEncrypt and have successfully started the docker registry service with the docker run command. However, the system responds that the connection is refused when doing docker push.

Below I have substituted my FQDN with docker.example.com but the DNS is resolving correctly.

  • How to remote debug python code in a Docker Container with VS Code
  • Docker - browsing to docker container using its IP
  • Packer shell provisioning hangs when building Docker container
  • Getting error while runnig neo4j-mazerunner project
  • Setting AWS hazelcast cluster in WSO2 API manager cluster using docker
  • How to sandbox Ansible playbooks for high availability Glassfish application on AWS
  • $ docker run -d -p 5000:5000 --restart=always --name docker-registry -v /etc/letsencrypt/live/docker.example.com:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/fullchain.pem -e REGISTRY_HTTP_TLS_KEY=/certs/privkey.pem registry:2
    $ docker pull ubuntu
    $ docker tag ubuntu docker.example.com:5000/ubuntu
    $ docker push docker.example.com:5000/ubuntu
    The push refers to a repository [docker.example.com:5000/ubuntu]
    Get https://docker.example.com:5000/v1/_ping: dial tcp 54.x.x.x:5000: getsockopt: connection refused
    

    The service appears to be listening.

    $ sudo netstat -tlnp | grep :5000
    tcp6    0     0 :::5000           :::*            LISTEN      9655/docker-proxy
    

    And I can even connect on localhost.

    $ nc -nv 127.0.0.1 5000
    Connection to 127.0.0.1 5000 port [tcp/*] succeeded!
    

    But attempting to connect remotely fails.

    $ nc -nv 54.x.x.x 5000
    nc: connect to 54.x.x.x port 5000 (tcp) failed: Connection refused
    

    The firewall also allows 5000/tcp.

    $ sudo ufw status | grep 5000
    5000/tcp                   ALLOW       Anywhere
    5000/tcp (v6)              ALLOW       Anywhere (v6)
    

    The AWS ACL allows 5000/tcp to everyone (0.0.0.0/0). What am I missing?

  • docker-compose adding to PATH
  • docker cassandra with opscenter unable connected
  • Kitchen doesn't recognise docker
  • Pass folder between builds - GitLab CI with Docker
  • Vagrant up --no-parallel flag meaning
  • Determining if a process runs inside windows/iis
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.