Reputation: 5444
How do I access a docker insecure registry from a Windows docker on Windows 10 machine?
I have 2 machines running dockerd. One an Ubunto.18.04 box with docker version 18.06.1-ce installed, which I want to use as an insecure test registry/repository server where the only way I'll use it is to use a SSH tunnel in to port 5000.
The other is a development workstation, a Windows 10 'pro' box which also has a local instance of docker (docker for Windows version 18.06.1-ce) running as a service on it which I am using to build test images.
So far I can't get the Windows box to push to or pull from the Ubuntu box through the tunnel.
Both dockerds are running. I added the insecure registries setting on the workstation ( via the docker GUI, I could not find the daemon.json file so assume it is in the Windows registry or a hidden location?)
I added localhost:5000 to test for using the SSHE tunnel and Dev2:5000 (temporary for this test opened port 5000 on the internal subnet) to test a direct connection without the tunnel, and restarted docker.
On the registry box I followed the sample of how to use a private registry and did the below to test it. I was logged to "Dev2" as a user I added to the "docker" group that also has sudo privileges. I also tried as root.
Dev2:> docker pull ubuntu:18.04
# success
Dev2:> docker tag ubuntu:18.04 localhost:5000/testapp:00.01
Dev2:> docker push localhost:5000/testapp/00.01
# success
Dev2:> docker tag ubuntu:18.04 Dev2:5000/testapp:00.02
Dev2:> docker push Dev2:5000/testapp/00.02
# success
Dev2:> docker image rm ubuntu:18.04
# success
Dev2:> docker image ls -a
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost:5000/testapp 00.01 ea4c82dcd15a 40 hours ago 85.8MB
Dev2:5000/testapp 00.02 ea4c82dcd15a 40 hours ago 85.8MB
registry 2 2e2f252f3c88 5 weeks ago 33.3MB
Dev2:> curl http://localhost:5000/v2/_catalog
{"repositories":["testapp"]}
Dev2:> curl http://localhost:5000/v2/testapp/tags/list
{"name":"testapp","tags":["00.01","00.02"]}
Dev2:> curl http://Dev2:5000/v2/_catalog
{"repositories":["testapp"]}
Dev2:> curl http://Dev2:5000/v2/testapp/tags/list
{"name":"testapp","tags":["00.01","00.02"]}
At this point all seems to be fine. If I delete the images on the Dev2 docker and pull them they are extracted from the repository and re-added to the docker instance.
Now I try to pull the images into docker on the workstation.
I run a ssh tunnel ssh on the Windows 10 workstation ( Msys GNU version)
workstation:> ssh nyc.livingwork.com -L 5000:localhost:5000 & # this runs and the tunnel workstation
I also try using a browser (no curl here) with URLs:
http://Dev2:5000/v2/testapp/tags/list and http://localhost:5000/v2/testapp/tags/list
And I get for both: {"name":"testapp","tags":["00.01","00.02"]}
So the server is accessible both direct and through tunnel.
Now I try:
workstation:$ docker pull localhost:5000/testapp:00.01
Error response from daemon: Get http://localhost:5000/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
workstation:> docker pull Dev2:5000/testapp:00.02
Error response from daemon: Get http://Dev2:5000/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
The timeout is at least 30 seconds. Note: if I do the same thing from another Unix box running docker everything works right so this is particular to docker for Windows running on Windows 10. For some reason this fails.
I haven't been able to solve this. There are no HTTP proxies in the chain on either machine. It is on a local subnet. All other services on the server are accessible, etc. The "insecure-registries" in the Windows docker in the UI is set for both hosts and ports.
Is it a bug? In Windows 10 docker? It works fine from another Ubuntu box.
Upvotes: 4
Views: 22594
Answers (1)
Reputation: 1845
I was experiencing the same problem. I was able to "fix" it by going to daemon.json, and disabling the experimental features. Here's my json config:
{
"insecure-registries": [
"localhost:5000"
],
"debug": true,
"experimental": false,
"registry-mirrors": []
}
Upvotes: 12
Related Questions
- Add Insecure Registry to Docker
- Docker config file location on windows to, e.g., enable insecure registry / docker options
- How to pull docker windows_image on Linux hosted local Registry
- Dockerfile FROM Insecure Registry
- docker --insecure-registry flag not working as expected
- How login to a Custom docker registry with SSL Cert from Windows server
- Docker insecure registry pull doesnt work
- allow insecure registry in host provisioned with docker-machine
- How to get remote access to a private docker-registry?
- Trouble running docker registry in insecure mode on Ubuntu 16.04