Reputation: 21
How to download a image from default docker registry?
I'm trying to download a container image from default registry with the command:
docker run -d --name=nginx -p 80:80 nginx:alpine
The output is:
Unable to find image 'nginx:alpine' locally docker: Error response from daemon: Get https://registry-1.docker.io/v2/: x509: certificate signed by unknown authority. See 'docker run --help'.
I already configured the proxy with cntlm. I'm behind a corporate firewall with Deep Inspection Package (DIP, man in the middle)
Could I define the default registry (https://registry-1.docker.io/v2/) like a insecure registry? How? There are another solution? I already try the options:
--insecure-registry=registry-1.docker.io:5000
--insecure-registry=registry-1.docker.io
--insecure-registry='*'
--insecure-registry=https://registry-1.docker.io/v2/
Upvotes: 0
Views: 2234
Answers (1)
Reputation: 21
Problem resolved.
My SO is mint (based in ubuntu xenial) and docker version 17.06.0-ce
To resolve I needed do put the root certificate from my company's firewall to my linux ca-certificates (reference 1 - https://askubuntu.com/questions/73287/how-do-i-install-a-root-certificate). Obs.: Proxy already configured using cntlm (reference 2 - http://cntlm.sourceforge.net/) (reference 3 - https://docs.docker.com/engine/admin/systemd/)
First I exported the certicate installed in my browser, google chrome. From chrome a choose configuration->advanced->privacy and security->manage certificates->trusted root certificate authorities, so I selected the authority, in my case something like mycompany.com. After, I choose export->advance, select X.509 base64 format (*.cer). The correct format is very important. I saved the file ~/certificate.crt. Create a extra directory:
sudo mkdir /usr/share/ca-certificates/extra
copy the certificate to extra dir:
sudo cp ~/certificate.crt /usr/share/ca-certificates/extra
update ca-certificates config:
sudo dpkg-reconfigure ca-certificates
restart docker:
sudo systemctl daemon-reload
sudo systemctl restart docker
Now docker can download images from default registry.
Upvotes: 2
Related Questions
- How to get a list of images on docker registry v2
- How do I download Docker images without using the pull command?
- Pulling an image from local Docker registry
- How to set image stored path in docker registry?
- pull image from remote registry - docker
- Where is images in registry:2
- How to push an image to a docker registry using the docker Registry API v2
- How do I get a docker image from a fileserver into my local registry?
- Pull image from local docker registry with IP
- Pull image from another Docker Machine