I installed docker registry 2.0 in a Ubuntu 14.04, following the official site: https://docs.docker.com/registry/deploying/
It will be used for testing so the development so I don't think we need a production instance:
- All clients will be 1.6 so just registry 2.0 required
- We don't need any kind of authentication
I install it:
docker run -d -p 5000:5000 registry:2.0
Then I prepare a new image for docker:
docker tag ubuntu:14.04 juandapc:5000/ubuntu:14.04
docker tag ubuntu:14.04 juandapc:5000/ubuntu:14.04
I've replace localhost as in docs for juandapc, the machine hostname.
Howerver when I try to access the repository from another machine (telnet juandapc 5000) I get this error:
FATA[0000] Error response from daemon: v1 ping attempt failed with error: Get https://juandapc:5000/v1/_ping: dial tcp 192.168.1.50:5000: connection refused. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry juandapc:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/juandapc:5000/ca.crt
If I pull, same error:
# docker pull juandapc:5000/ubuntu
FATA[0000] Error response from daemon: v1 ping attempt failed with error: Get https://juandapc:5000/v1/_ping: tls: oversized record received with length 20527. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry juandapc:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/juandapc:5000/ca.crt
Do I need to configure nginx? Documentation install nginx for production mode with registry 1.6 and 2.0 but it's not my case...
The firewall in the host (juandapc):
# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- anywhere anywhere ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- anywhere !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 anywhere
MASQUERADE tcp -- 172.17.0.5 172.17.0.5 tcp dpt:5000
Chain DOCKER (2 references)
target prot opt source destination
DNAT tcp -- anywhere anywhere tcp dpt:5000 to:172.17.0.5:5000
Ports from the host juandapc (ESCUCHAR is LISTEN):
# netstat -natp
Conexiones activas de Internet (servidores y establecidos)
Proto Recib Enviad Dirección local Dirección remota Estado PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* ESCUCHAR 919/sshd
tcp 0 0 192.168.1.50:22 172.30.164.14:38412 ESTABLECIDO 3924/sshd: administ
tcp6 0 0 :::22 :::* ESCUCHAR 919/sshd
tcp6 0 0 :::5000 :::* ESCUCHAR 3651/docker-proxy
5000 is there, but no ipv4????
The registry in the container:
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1978cdff5e8c registry:2.0 "registry cmd/regist 4 hours ago Up 4 hours 0.0.0.0:5000->5000/tcp mad_shockley
# docker exec mad_shockley ps -ax
PID TTY STAT TIME COMMAND
1 ? Ssl 0:00 registry cmd/registry/config.yml
14 ? Rs 0:00 ps -ax
From juandpc I can get into the container:
# docker exec -t -i mad_shockley /bin/bash
root@1978cdff5e8c:/go/src/github.com/docker/distribution# hostname
1978cdff5e8c