Skip to content

docker login reg2host vs docker login reg2host:443 vs docker login https://reg2host makes a difference? #2511

New issue
New issue
Closed
Closed
docker login reg2host vs docker login reg2host:443 vs docker login https://reg2host makes a difference?#2511
@wrkhenddher

Description

@wrkhenddher
wrkhenddher
opened on Feb 2, 2018

It seems like docker login behaves differently depending on how the private registry URL is specified.

docker login reg2host:443 is the only one that works correctly allowing docker push and docker pull while the others don't albeit all seem to succeed logging in to the private registry (logs not attached but they show 401 followed by 200 on GET /v2/ as expected).

My private registry sits on a closed network with hostname nb-docker-reg

Here are both docker-compose.yml I tried so far:

The older is using nginx as reverse proxy in front of registry:2 per tutorial https://www.digitalocean.com/community/tutorials/how-to-set-up-a-private-docker-registry-on-ubuntu-14-04

The newest is using registry:2 straight up reusing htpasswd and certs according to tutorial above but without nginx reverse proxy.

diff --git a/registry/docker-compose.yml b/registry/docker-compose.yml
index c2f05ed..1217f1b 100644
--- a/registry/docker-compose.yml
+++ b/registry/docker-compose.yml
@@ -13,32 +13,35 @@ services:
   registry:
     restart: always
     image: registry:2
-#    ports:
+    ports:
 #      - 5000:5000
-  #  environment:
-  #    REGISTRY_HTTP_TLS_CERTIFICATE: /certs/domain.crt
-  #    REGISTRY_HTTP_TLS_KEY: /certs/domain.key
-  #    REGISTRY_AUTH: htpasswd
-  #    REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
-  #    REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
+      - 443:443
+    environment:
+      REGISTRY_HTTP_ADDR: 0.0.0.0:443
+      REGISTRY_HTTP_TLS_CERTIFICATE: /certs/domain.crt
+      REGISTRY_HTTP_TLS_KEY: /certs/domain.key
+      REGISTRY_AUTH: htpasswd
+      REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.passwords
+      REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
     volumes:
       - /home/$USER/registry:/var/lib/registry
-      # - /path/certs:/certs
-      # /path/auth:/auth
+      - ./domain.crt:/certs/domain.crt
+      - ./domain.key:/certs/domain.key
+      - ./registry.passwords:/auth/registry.passwords
     networks:
       - net
 
-  nginx:
-    image: nginx:alpine
-    volumes:
-      - ./docker-reg-nginx.conf:/etc/nginx/conf.d/docker-reg-nginx.conf
-      - ./registry.passwords:/etc/nginx/registry.passwords
-      - ./domain.key:/etc/nginx/domain.key
-      - ./domain.crt:/etc/nginx/domain.crt
-    ports:
-      - 443:443
-    networks:
-      - net
+#  nginx:
+#    image: nginx:alpine
+#    volumes:
+#      - ./docker-reg-nginx.conf:/etc/nginx/conf.d/docker-reg-nginx.conf
+#      - ./registry.passwords:/etc/nginx/registry.passwords
+#      - ./domain.key:/etc/nginx/domain.key
+#      - ./domain.crt:/etc/nginx/domain.crt
+#    $ports:
+#      - 443:443
+#    networks:
+#      - net
 
 networks:
   net:

Ideas/suggestions?

It seems like all examples show private register on explicit port number (5000 or 5043) but none on standard ssl 443.

me@nb-docker-reg:~/Docker/registry$ docker version
Client:
 Version:	17.12.0-ce
 API version:	1.35
 Go version:	go1.9.2
 Git commit:	c97c6d6
 Built:	Wed Dec 27 20:11:19 2017
 OS/Arch:	linux/amd64

Server:
 Engine:
  Version:	17.12.0-ce
  API version:	1.35 (minimum version 1.12)
  Go version:	go1.9.2
  Git commit:	c97c6d6
  Built:	Wed Dec 27 20:09:53 2017
  OS/Arch:	linux/amd64
  Experimental:	false

me@nb-docker-reg:~/Docker/registry$ docker info
Containers: 3
 Running: 1
 Paused: 0
 Stopped: 2
Images: 3
Server Version: 17.12.0-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 89623f28b87a6004d4b785663257362d1658a729
runc version: b2567b37d7b75eb4cf325b77297b140ea686ce8f
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.4.0-112-generic
Operating System: Ubuntu 16.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.85GiB
Name: nb-docker-reg
ID: ENUI:F52B:2HZW:CCDL:IX6O:I5SL:USWX:IFFT:4Z52:22PL:HELD:7A2D
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: No swap limit support

me@nb-docker-reg:~/Docker/registry$ docker exec registry_registry_1 registry --version
registry github.com/docker/distribution v2.6.2

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions