Share and learn in the Docker community.
Hello, I have a strange problem with Docker
Briefly about my setup - Ubuntu Server, Internet via proxy
Vaultwarden - no problem
I want to, for example, pull WordPress - so docker pull wordpress - but there is an error
error pulling image configuration: download failed after attempts=6: read tcp 172.x.x.x:59162->172.x.x.x:8080: read: connection reset by peer
When I try to pull elestio/wordpress, it works without any problems
At the moment, I have no idea - what else can I do?
We will need way more context than what you shared to get an idea of what could be the cause.
What is running on the anonymized 172.x.x.x IPs, and if they are identical in both appearances?
Since it’s an ip from a private ip range, it must be pointing to a service in your network.
Do you happen to run your own private container registry and/or require a http forward proxy to access the private container registry or the internet?
Thank you very much for your response.
They are both private networks - mine and the proxy’s.
For example, 172.50.20.14 (local system) and 172.70.30.42 (proxy).
The regular Docker installation is running on the Docker system - standard with proxy entries in daemon.json and config.json - the proxy forwards everything to the Internet.
No private Docker registry…
Access to https://registry-1.docker.io/v2/ is fine (nslookup / curl)
Can we trust that 172.50.x.x and 172.70.x.x are really the used subnets and that their cidr range doesn’t use 8, 9 or 10 bits to define the subnet.
I am asking because docker has a list of default address pool, that cover 172.17.0.0 to 172.31.255.255 (see: https://docs.docker.com/engine/network/#automatic-subnet-allocation)
So the configured proxy is 172.70.30.42:8080 (to stick to your example) and it resets the connection.
Hmm, that’s interesting, a docker pull, is a native process, the same way like your curl command is a native process. The only difference is that a pull is done by the docker daemon with root privileges. Do you see anything in docker system journal and the proxy’s logs that can indicate why the connection was reset?
Is there a pattern? What’s the result of
docker pull mongo
docker pull percona/percona-server-mongodb
docker pull mongo
error pulling image configuration: download failed after attempts=6: read tcp 172.50.xx.xx:43826->172.70.xx.xx:8080: read: connection reset by peer
docker pull percona/percona-server-mongodb
download complete
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.