December 8, 2023

Docker Configure Insecure Registry

Insecure Registry

If you want to pull container-images from an insecure registry over HTTP instead of HTTPS, you have to specify the registry as insecure. Otherwise docker will refuse, because of the unencrypted connection.

To do so open the config file /etc/docker/daemon.json. If it does not exist, simply create one.

Inside you will specify the registry like so.

/etc/docker/daemon.json

{
	"insecure-registries": ["my-registry.local:5000"]
}

For the changes to take affect, you need to restart the docker-daemon.

[tux@server]$ sudo systemctl reload docker

After that you can pull and push images without an error.

Registry Mirror

If you are in an air gapped environment or need to stay below certain rate limits, you can use a registry mirror which downloads the image once an distributes the internally to other servers.
You can configure this in the /etc/docker/daemon.json as well.

/etc/docker/daemon.json

{
	"registry-mirrors": ["https://my-registry.home"]
}

Jannik Rehkemper

I'm an professional Linux Administrator and Hobby Programmer. My training as an IT-Professional started in 2019 and ended in 2022. Since 2023 I'm working as an Linux Administrator.

JRehkemper.de

Navigation

Blog

Databases

Hardware

Linux

Programming

About

Docker Configure Insecure Registry

Insecure Registry

Registry Mirror

Jannik Rehkemper