I changed /etc/default/docker
to add a private docker registry, then I restarted docker service and finally tried to pull some image.
$ cat /etc/default/docker DOCKER_OPTS="--insecure-registry mydocker-registry.net:5000" $ service docker restart $ docker pull mydocker-registry.net:5000/testdb FATA[0000] Error: v1 ping attempt failed with error: Get https://mydocker- registry.net:5000/v1/_ping: dial tcp: lookup mydocker-registry.net: no such host. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry mydocker- registry.net:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/mydocker- registry.net:5000/ca.crt
A ps
output shows nothing about DOCKER_OPTS environment var.
$ ps auxwww|grep docker root 6919 0.0 0.1 331076 19984 ? Ssl 10:14 0:00 /usr/bin/docker -d -H fd://
According to docker documentation the way to use a private registry is through DOCKER_OPTS in /etc/default/docker
. Why, after doing that, it does not take effect in this environment?
There are a number of ways to configure the daemon flags and environment variables for your Docker daemon. The recommended way is to use the platform-independent daemon.json
file, which is located in /etc/docker/
on Linux by default.
So, for configuring insecure registries, do the following:
Set the following flag in the /etc/docker/daemon.json
file:
{ "insecure-registries": ["mydocker-registry.net:5000"] }
Restart Docker
$ sudo systemctl restart docker
Easier each time!
According to docker documentation, The recommended way to configure the daemon flags and environment variables for your Docker daemon is to use a systemd drop-in file.
So, for this specific case, do the following:
Create a file called /etc/systemd/system/docker.service.d/private-registry.conf
with the following content:
If not exists, create directory
/etc/systemd/system/docker.service.d
[Service] ExecStart= ExecStart=/usr/bin/dockerd --insecure-registry mydocker-registry.net:5000
Flush changes:
$ sudo systemctl daemon-reload
Restart Docker:
$ sudo systemctl restart docker
Voila!
Edit file /lib/systemd/system/docker.service
... [Service] ExecStart=/usr/bin/docker -d -H fd:// $DOCKER_OPTS ... EnvironmentFile=-/etc/default/docker ...
Then execute
systemctl daemon-reload systemctl restart docker
Verify that /etc/default/docker
is loaded
ps auxwww | grep docker root 4989 0.8 0.1 265540 16608 ? Ssl 10:37 0:00 /usr/bin/docker -d -H fd:// --insecure-registry
That's it.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With