Kubernetes Private Docker Registry Push Error

So I have deployed a Kubernetes cluster and installed a private Docker registry. Here is my registry controller:

---
  apiVersion: v1
  kind: ReplicationController
  metadata:
    name: registry-master
    labels:
      name: registry-master
  spec:
    replicas: 1
    selector:
      name: registry-master
    template:
      metadata:
        labels:
          name: registry-master
      spec:
        containers:
        - name: registry-master
          image: registry
          ports:
          - containerPort: 5000
          command: ["docker-registry"]

And the service:

  • Nginx with docker not working for web application
  • Docker-Machine and Swarm behind proxy
  • Docker Compose raise an AccessDeniedExpcetion
  • Running httpd in docker container requires restart after updating the services in other containers
  • Docker communication without using legacy links
  • Create Docker image for existing setup
  • ---
      apiVersion: v1
      kind: Service
      metadata:
        name: registry-master
        labels:
          name: registry-master
      spec:
        ports:
          # the port that this service should serve on
        - port: 5000
          targetPort: 5000
        selector:
          name: registry-master
    

    Now I sshed to one of Kubernetes’ nodes and built a Ruby app container:

    cd /tmp
    git clone https://github.com/RichardKnop/sinatra-redis-blog.git
    cd sinatra-redis-blog
    docker build -t ruby-redis-app
    

    When I try to tag it and push it to the registry:

    docker tag ruby-redis-app registry-master/ruby-redis-app
    docker push 10.100.129.115:5000/registry-master/ruby-redis-app
    

    I am getting this error:

    Error response from daemon: invalid registry endpoint https://10.100.129.115:5000/v0/: unable to ping registry endpoint https://10.100.129.115:5000/v0/
    v2 ping attempt failed with error: Get https://10.100.129.115:5000/v2/: read tcp 10.100.129.115:5000: connection reset by peer
     v1 ping attempt failed with error: Get https://10.100.129.115:5000/v1/_ping: read tcp 10.100.129.115:5000: connection reset by peer. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry 10.100.129.115:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/10.100.129.115:5000/ca.crt
    

    Any idea how to solve it? I have been struggling with this for several hours.

    Richard

  • Error: unknown shorthand flag: 'r' in -r
  • Docker Toolbox SSH Login
  • Docker Cannot link to a non running container
  • Connectionstring from docker container to SQL Server dblocal in host
  • Some questions about Docker Image
  • “ImportError: No module named _bsddb” when opening shelve in Docker container
  • 3 Solutions collect form web for “Kubernetes Private Docker Registry Push Error”

    if you’re using HTTPS, you must have created a self-signed certificate (with your own CA authority) or you have a CA signed certificate.

    If so, you need to install this CA cert on the machine you’re calling FROM

    put your CA cert in

    /etc/ssl/certs
    

    and run

    update-ca-certificates
    

    sometimes I have had to put it also in

    /usr/local/share/ca-certificates/
    

    (in both cases your CA file EXTENSION should be .pem

    For Docker you may also need to put a file in

    /etc/docker/certs.d/<--your-site-url--->/ca.crt
    

    and the file must be named ca.crt
    (same file file as the .pem file but named ca.crt)

    I saw a similar issue and it was related to my registry not supporting https. If your registry does not support https, then you’ll have to specify it’s an insecure registry to the docker daemon

    echo ‘DOCKER_OPTS=”–insecure-registry 10.100.129.115:5000″‘ | sudo tee -a /etc/default/docker

    And then restart your docker daemon.

    If you are using Ubuntu, add this line into your /etc/default/docker file.

    $DOCKER_OPTS=“--insecure-registry xxx.xxx.xxx.xxx:5000”
    

    Where the xxx.xxx.xxx.xxx is your private registry ip.

    And then restart your docker client.

    sudo docker service restart
    
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.