Private Docker Registry Not Connectible to Shell & Web Management UI?
To setup a private docker registry server at path c:\dkrreg on localhost on Windows 10 (x64) system, installed with Docker for Windows, have successfully tried following commands:
docker run --detach --publish 1005:5000 --name docker-registry --volume /c/dkrreg:/var/lib/registry registry:2 docker pull hello-world:latest docker tag hello-world:latest localhost:1005/hello-world:latest docker push localhost:1005/hello-world:latest docker pull localhost:1005/hello-world:latest
Push and Pull from
localhost:1005/hello-world:latest via command line succeeds too.
If i use my IP address via
docker pull 192.168.43.239:1005/hello-world:latest it gives following error in command shell:
Error response from daemon: Get https://192.168.43.239:1005/v1/_ping: http: server gave HTTP response to HTTPS client
When using 3rd party Docker UI Manager via
docker run --detach portainer:latest it also shows error to connect as:
2017/04/19 14:30:24 http: proxy error: dial tcp [::1]:1005: getsockopt: connection refused
Tried other stuff also. How can I connect my private registry server that is
localhost:1005 from LAN using any Docker Management UI tool ?
2 Solutions collect form web for “Private Docker Registry Not Connectible to Shell & Web Management UI?”
At last find solution to this which was tricky
Generated CA private key and certificate as
ca-cert-key-companyname.pem. And configured docker-compose.yml to save both files as :ro in these locations:
/etc/docker/certs.d/mysite.com. But I also tried only copying certificate to
/usr/local/share/ca-certificateswas enough as docker will ignore duplicate CA certificates. This extra copying is because at many placed docker fellow recommended the same. I did not executed command:
update-ca-certificatesthis time in registry container but was doing earlier as against what is suggested by many.
Defined in docker-compose.yml: random number as
REGISTRY_HTTP_SECRET, and server’s chained certificate (CA certificate appended to end of it) to
REGISTRY_HTTP_TLS_CERTIFICATEamd server’s public key to
REGISTRY_HTTP_TLS_KEY. Had disabled HTTP authentication. Especially used some naming for file names as found with other certificates in container folder as
mysite.com_server-chained-certificate.crtinstead of just
V-Imp: pushed certificate to trusted root in windows using command
certutil.exe -addstore root .\Keys\ca-certificate.crtfollowed with restarting Docker for Windows from taskbar icon and then creating container using
docker-compose up -d. This is most important step without this nothing worked.
Now can perform
docker pull mysite.com:1005/my-repo:my-tag.
You need to specify to your Docker daemon that your registry is insecure: https://docs.docker.com/registry/insecure/
Based on your OS/system, you need to change the configuration of the daemon to specify the registry address (format
192.168.43.239:1005 rather than
Once you have done that, you should be able to execute the following:
docker pull 192.168.43.239:1005/hello-world:latest
You should also be able to access it via Portainer using
192.168.43.239:1005 in the registry field.
If you want to access your registry using
localhost:1005 inside Portainer, you can try to run it inside the
docker run --detach --net host portainer:latest