I’m using Docker on a M1 Mac Book Air. I have started with RC1 and now have upgraded to RC2 (I believe) v3.3.0 (62345).
I need to build images for linux/amd64 a lot. I always start with a common base image and then derive ‘child’ images with various individual settings and installed options. So in the final Image build process I refer to a previously built image (which used to be locally available on my old Intel Mac). Now with buildkit when using a custom builder
docker buildx create --name m1builder --use
❯ docker buildx ls NAME/NODE DRIVER/ENDPOINT STATUS PLATFORMS m1builder * docker-container m1builder0 unix:///var/run/docker.sock running linux/arm64, linux/amd64, linux/riscv64, linux/ppc64le, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6 default docker default default running linux/arm64, linux/amd64, linux/riscv64, linux/ppc64le, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6
I have been able to build the
linux/amd64 base image and used
--load to export them from
m1builder to docker. From there I tag and push them to a private registry (registry.mydomain.com:443). It is password protected and uses a letsencrypt certificate but is only available on my internal network:
REGISTRY=registry.mydomain.com:443 IMAGE_APACHE=wp-apache-base docker buildx build \ --load \ --platform linux/amd64 \ -t $REGISTRY/$IMAGE_APACHE:$VERSION \ . docker tag $REGISTRY/$IMAGE_APACHE:$VERSION $REGISTRY/$IMAGE_APACHE:latest docker push $REGISTRY/$IMAGE_APACHE:latest
docker push and
docker pull work fine. But I’m unable to access those images from within m1builder.
At first, I tried to use
--push in the
buildx command, but the result is the same as when I use
--load and then
docker push and in the Dockerfile
So when I try to use it in the downstream Dockerfile
FROM line, I get:
=> ERROR [internal] load metadata for registry.mydomain.com:443/wp-apache-base:latest 0.1s ------ > [internal] load metadata for registry.mydomain.com:443/wp-apache-base:latest: ------ error: failed to solve: rpc error: code = Unknown desc = failed to solve with frontend dockerfile.v0: failed to create LLB definition: failed to do request: Head https://registry.mydomain.com:443/v2/wp-apache-base/manifests/latest: x509: certificate signed by unknown authority
Is there something I need to do to make
m1builder trust the letsencrypt certificate of the registry or is that perhaps a bug?
Thanks for looking,