Docker deamon options are parameters/options configured for docker deamon. INSECURE_REGISTRY, which is a parameter used to let docker deamon knows a registry is an insecure docker registry, is one of those options. Those options are described more at the docker site:
https://docs.docker.com/articles/systemd/
There are a lot of options we can configure for docker deamon such as: temporary folder for docker, docker registry, ssl certificate for docker…
The problem I am facing is I have an internal docker registry secured with self-certificate . And I got below error when I execute any docker command on this internal registry. For example, when I executed: docker search docker.internal.company:5555, I got this error:
1 2 3 4 5 |
FATA[0002] Error response from daemon: v1 ping attempt failed with error: Get https://docker.internal.company:5555/v1/_ping: dial tcp 172.17.30.99:5000: connection refused. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry docker.gcs.vn:5000` to the daemon's arguments. In the case of HTTPS, if you have access to.... |
After figuring out, I realized that I need to “tell” docker deamon that the registry is an insecure Docker registry.
I did that by edit the file: /etc/sysconfig/docker (I am using CentOS 7)
Find the key: INSECURE_REGISTRY, uncomment it, and add my insecure registry as the value. For example:
1 |
INSECURE_REGISTRY='--insecure-registry docker.internal.company:5555' |
1 |
sudo systemctl restart docker |