I would like to know the IP address of dockerhub to add them on my whitelist. I didn't find any kind of documentation providing this like the github one.
But maybe I'm blind ?
Thank you
You can do curl -v https://index.docker.io:443 to get the ip-address.
Currently, the ip address is 52.5.199.233, however this might change over time. If it change, do the curl again and replace the ip-address.
Update:
Now, Docker Hub doesn't have static IP that can be whitelist. Docker Hub is based on Amazon ELB, so they can change any time.
So whitelisting Docker Hub based on IP is not a good solution. If you still need to do it anyway, this post might help:
https://serverfault.com/questions/665191/whitelist-elastic-load-balancer-based-on-ip
Related
I need to copy images from Docker Hub into a private registry. For example, I need redislabs/rebloom:2.2.2. Then, can I name it my-private-registry.com/my-organization/redislabs/rebloom:2.2.2? (Notice there is my-organization which I cannot modify.)
In other words, is a.com/b/c/d:v1.0 ok or not?
I read this post and see Docker can parse it. However, will some tools reject this? Will Containerd reject this? I am afraid that they accept it but fails somewhere, which may be very difficult to debug.
Thank you very much!
My day job uses image names with a similar structure (hosted on Amazon ECR) and they work fine with plain Docker, Compose, and Kubernetes. I would not expect to run into any trouble with this, unless the specific image repository has stricter rules.
Is it possible to define aliases for private docker repository?
I have a repository on the server docker.internal.example.com for internal use, which is not available extern. Now I want to be able to push the images to another repository, docker.distr.example.com, which is available for client installations.
Everything would be OK, if the final images would not depend on intermediate images, referred in FROM, example:
FROM docker.internal.example.com:5000/java/jetty-jdk8:latest
That image would not be pullable from docker.distr.example.com, because the reference to java/jetty-jdk8 would not be resolved (docker.internal.example.com would not be visible).
Ideally, I'd like to be able to write simply
FROM java/jetty-jdk8:latest
but I know that for some strange reason it was considered unsecure by docker developers, so something like that would be enough:
FROM DOCKER-PRIVATE:5000/java/jetty-jdk8:latest
The alias that you are looking for is a DNS entry which you can create locally. You need to figure out the ip address of the private registry.
You can do that by running host docker.internal.example.com.
Edit /etc/hosts and add an entry like docker-registry ip-address-of-registry
As I know for now Docker doesn't support aliases.
But you can use one of these possible solutions:
Create DNS CNAME entry for your registry domain.
OR
Create alias in /etc/hosts file on machines where you want to use it.
You can read additional details in Google Groups discussion HERE.
I am just learning docker (I use windows 7 and install docker tools) and when I tried to use push command to push a local image to repository, it kept pushing for a long time without any prompts or error messages so that I have to use "ctrl+C" to stop it. I tried many times but got same results.
the screenshot is as follows:
I am not sure what is wrong with it. Maybe it's because I am now in China and it is due to the firewall?
I'm glad you pointed out that you're in China! Yes, this is very likely due to a Great Firewall issue.
docker push goes to docker.io as you can see; which returns the IP address of 34.234.103.99
A WHOIS result of this returns that this IP address belongs to Amazon Web Services (AWS); which the Great Firewall blocks access to. After a cursory search, it looks like you're not the first to hit this as well.
I'd recommend setting up a VPN or proxy in order to bypass this.
You can also try and use the docker mirror that is hosted in china, see
https://docs.docker.com/registry/recipes/mirror/#use-case-the-china-registry-mirror
https://www.docker-cn.com/registry-mirror (chinese)
I've searched a lot but still can't get the accurate answer of this question:
What's the default url that docker using when run docker pull? (Especially the /v2 one)
I've see several urls from log or some documents:
http://index.docker.io
http://registry.hub.docker.com
http://registry-1.docker.io
But I'm not sure which one is correct, and what's the purpose of the others
Those 3 urls are there for different purposes:
http://registry.hub.docker.com is the Docker web site for listing the image.
It is not where those images are actually stored.
As the Nexus Docker settings details:
https://registry-1.docker.io is a remote storage: this issue illustrates what is going on when the storage does not answer:
This is a service issue, not related to the docker engine project.
Amazon S3 is experiencing some problems.
https://index.docker.io/ is the docker index, used for requests related to searches, users, docker tokens and other aspects.
To quote man docker-pull:
If you do not specify a REGISTRY_HOST, the command uses Docker's public registry located at registry-1.docker.io by default.
I don't think you can get more official than that.
I am attempting to use etcd's remote api to configure a coreOS box remotely with static values like ip address, dns resolve address, gateway, ect.
I theory I should be able to file something like:
curl -X PUT "http://xxx.xxx.xxx.xxx:4001/v2/keys/etcd/registry/???_/_state?prevExist=false" -d value=10.10.10.1
But i can't find a reference to the exact syntax to use.
etcd doesn't handle configuration of the host system. It is a distributed key / value store. It can certainly store configuration for applications and maybe even the host. But you have need some other tool to pull the data from the store and transform it into configuration that the application or host recognizes. The application I use to do this inside Docker containers is confd (https://github.com/kelseyhightower/confd).
For configuration of the CoreOS host, you would generally be using Cloud-Config (https://coreos.com/docs/cluster-management/setup/cloudinit-cloud-config/) and writing unit files to deal with certain parts of the system, such as networking (https://coreos.com/docs/cluster-management/setup/network-config-with-networkd/). Hope this helps!