I have learn tutorial from that.I have create docker mirror in this command:
docker run -d -p 5555:5000 -e STORAGE_PATH=/mirror -e STANDALONE=false -e MIRROR_SOURCE=https://registry-1.docker.io -e MIRROR_SOURCE_INDEX=https://index.docker.io -v /Users/v11/Documents/docker-mirror:/mirror --restart=always --name mirror registry
And it succeed. Then I start my docker daemon using this command:
docker --insecure-registry 192.168.59.103:5555 --registry-mirror=http://192.168.59.103:5555 -d
Then I use command to pull image like that:
docker pull hello-world
Then it throw error in log, and more detail is:
ERRO[0012] Unable to create endpoint for http://192.168.59.103:5555/:
invalid registry endpoint https://192.168.59.103:5555/v0/: unable to
ping registry endpoint https://192.168.59.103:5555/v0/ v2 ping attempt
failed with error: Get https://192.168.59.103:5555/v2/: EOF v1 ping
attempt failed with error: Get https://192.168.59.103:5555/v1/_ping:
EOF. If this private registry supports only HTTP or HTTPS with an
unknown CA certificate, please add --insecure-registry
192.168.59.103:5555 to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the
flag; simply place the CA certificate at
/etc/docker/certs.d/192.168.59.103:5555/ca.crt
As you can see, it tell me to add '--insecure-registry 192.168.59.103:5555',But I have added it when I start docker daemon. Anyone have idea about it?
You´re probably using boot2docker?
Could you try that:
$ boot2docker init
$ boot2docker up
$ boot2docker ssh "echo $'EXTRA_ARGS=\"--insecure-registry <YOUR INSECURE HOST>\"' | sudo tee -a /var/lib/boot2docker/profile && sudo /etc/init.d/docker restart"
Taken from here
Related
I am hosting an own registry.
After rebooting the Server my registry container is unable to start.
I used this command to start the registry
docker run -d -p 5000:5000 --name registry -v /var/lib/registry/:/var/lib/registry -v /root/certs:/certs -v /root/auth/:/auth -eEGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt -e REGISTRY_HTTP_ADDR=0.0.0.0:5000 -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH=htpasswd" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" --restart always registry:2.7.1
After a reboot i get this message when i try "docker start registry":
Error response from daemon: OCI runtime create failed: container with id exists: dfb0bef21bdfc8a89b59498befd37f83513e75527c0beb552e0400df2a2b7c7d: unknown
Error: failed to start containers: registry
Starting a new container works fine.
How can a fix, it and sould the container not start by itself because of "--restart alway"
docker --version
Docker version 18.09.6, build 481bc77
Thx for your help.
Update
Intesting news I have written an init script to to the job,
but the problem is exactly the same. The container exists but isn't started.
If I try to start it, I get the error message from above.
On the boot screen in get this information.
So the docker daemon seam to be not ready.
Do you have any suggestions why?
Just basic and simple steps illustrating what I have tried:
docker pull mysql/mysql-server
sudo docker run -i -t mysql/mysql-server:latest /bin/bash
yum install vi
vi /etc/my.cnf -> bind-address=0.0.0.0
exit
docker ps
docker commit new_image_name
docker run --name mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=secret -d new_image_name
docker ps -a STATUS - Exited (1)
Please let me know what I did wrong.
Instead of trying to modify an existing image, try and use (for testing) MYSQL_ROOT_HOST=%.
That would allow root login from any IP. (As seen in docker-library/mysql issue 241)
sudo docker run --name mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=123456 -e MYSQL_ROOT_HOST=% -d mysql/mysql-server:latest
The README mentions:
By default, MySQL creates the 'root'#'localhost' account.
This account can only be connected to from inside the container, requiring the use of the docker exec command as noted under Connect to MySQL from the MySQL Command Line Client.
To allow connections from other hosts, set this environment variable.
As an example, the value "172.17.0.1", which is the default Docker gateway IP, will allow connections from the Docker host machine.
I have setup a private registry in Docker hub (hub.docker.com): rbiswas/http-service.
Now I am trying to pull/run this image into Azure Container Service (ACS) cluster vm by following the steps mentioned below:
First I ssh into the ACS cluster using command:
ssh -i /home/rbiswas/.ssh/acs_rsa -L 2375:localhost:2375 -N rbiswas#swarmclustermgmt.eastasia.cloudapp.azure.com -p 2200
Then I use the following commands in another terminal:
docker -H tcp://localhost:2375 login hub.docker.com
docker -H tcp://localhost:2375 run -i -d -p 8080:8080 rbiswas/http-service
But I am getting the following error even after successful login:
docker: Error response from daemon: Not found.
But if I make the docker hub registry public, then the docker run command is successful. So how do I pull from a Docker Hub private registry?
I solved the issue by running pull and run command separately:
docker -H tcp://localhost:2375 login
docker -H tcp://localhost:2375 pull rbiswas/http-service
docker -H tcp://localhost:2375 run -i -d -p 8080:8080 rbiswas/http-service
I'm having an issue with google container registry and dockerhub where docker pull returns the following errors.
gcr
Error: Status 403 trying to pull repository PROJECT_ID/IMAGE_NAME: "Unable to access the repository: PROJECT_ID/IMAGE_NAME; please verify that it exists and you have permission to access it (no valid credential was supplied)."
dockerhub
Using default tag: latest test-node0: Pulling
k8tems/hello-world:latest... : Error: image k8tems/hello-world not
found Error: image k8tems/hello-world not found
This only happens when docker is pointing to a swarm.
Steps to reproduce:
DOCKER_REGISTRY=asia.gcr.io/$PROJECT_ID
KEY_STORE=test-keystore
NODE_BASE=test-node
echo pushing hello-world image to gcr
docker pull hello-world
docker tag hello-world $DOCKER_REGISTRY/hello-world
docker push $DOCKER_REGISTRY/hello-world
echo setting up key store
docker-machine create \
-d digitalocean \
"$KEY_STORE"
docker $(docker-machine config "$KEY_STORE") run -d \
-p "8500:8500" \
-h "consul" \
progrium/consul -server -bootstrap
eval $(docker-machine env "$KEY_STORE")
docker-machine create \
-d digitalocean \
--swarm \
--swarm-master \
--swarm-discovery="consul://$(docker-machine ip "$KEY_STORE"):8500" \
--engine-opt="cluster-store=consul://$(docker-machine ip "$KEY_STORE"):8500" \
--engine-opt="cluster-advertise=eth0:2376" \
"$NODE_BASE"0
echo this fails
eval $(docker-machine env -swarm "$NODE_BASE"0)
docker pull $DOCKER_REGISTRY/hello-world
echo this succeeds
eval $(docker-machine env "$NODE_BASE"0)
docker pull $DOCKER_REGISTRY/hello-world
Along with the above snippet, I've also tried forcing the remote docker version to 1.10.3 and swarm to 1.1.3 but the error still persists.
ubuntu:~$ docker-machine ls | grep test
test-keystore - digitalocean Running tcp://:2376 v1.10.3
test-node0 * digitalocean Running tcp://:2376 test-node0 (master) v1.10.3
ubuntu:~$ docker exec swarm-agent-master /swarm -v
swarm version 1.1.3 (7e9c6bd)
ubuntu:~$ docker -v
Docker version 1.10.2, build c3959b1
Is there anything I can do to make this work with the -swarm flag or do I have to run the pull command for each node?
Try JSON key file! It is a long-lived credential and much more consistent than access token when you are using clusters like swarm or kubernetes.
Example command:
docker login -e 1234#5678.com -u _json_key -p "$(cat keyfile.json)" https://gcr.io
Here is the page with more details:
https://cloud.google.com/container-registry/docs/advanced-authentication#using_a_json_key_file
I want to pull ubuntu image , but there is some errors shown
wangyaos-MBP-3:test wangyao$ sudo docker pull dl.dockerpool.com:5000/ubuntu:12.04
Post http:///var/run/docker.sock/v1.19/images/create?fromImage=dl.dockerpool.com%3A5000%2Fubuntu%3A12.04: dial unix /var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?
but i can pull it in using $docker run ubuntu:14.04 grep -v '^#' /etc/apt/sources.list, it' too slowly.
How could I do to make it work ?
So your docker daemon is running with TLS and you are trying to connect without TLS(certificates). To check follow steps:-
boot2docker ssh - It will ssh to vm where docker daemon is running
ps -eaf | grep docker - check docker running with TLS and certificates.
You have 2 options -
Export DOCKER_CERT_PATH and DOCKER_TLS_VERIFY using $(boot2docker shellinit)
Or Start docker daemon without TLS.
Option 1
Run command $(boot2docker shellinit), it will set DOCKER_CERT_PATH and DOCKER_TLS_VERIFY for you and you will be able to run command.
Option 2
Follow steps -
boot2docker ssh
ps -eaf | grep docker - Get the PID of docker daemon running
sudo kill -9
docker -d -H unix:// -H tcp://0.0.0.0:2375 --insecure-registry dl.dockerpool.com:5000 &
exit from vm
export DOCKER_CERT_PATH=""
export DOCKER_TLS_VERIFY=""
export DOCKER_HOST=tcp://127.0.0.1:2375
Try to run docker pull command. It should work.
To summarize, if your docker daemon is running with TLS, you have to set certificate path and enable TLS. If your docker daemon is running without certificate then you will have to unset certificate and TLS(if set).