Docker Community Forums

Share and learn in the Docker community.

Docker pull fails even with --insecure-registry set in systemd unit file

Issue: unable to pull docker images from insecure registry.

Testing running on 1.12.5 but running into an issue when trying to pull images. My pull commands fail because they are going over https even though I have set --insecure-registry in the unit file.

OS: Centos 7 x86_64

App version: 1.12.5

Steps to replicate:
Edited the unit file(/etc/systemd/system/docker.service) ExecStart line to include the flag --insecure_registry docker.corp.domain.com
sudo systemctl daemon-reload
sudo systemctl restart docker
sudo docker info shows the insecure registry:

Containers: 2
Running: 0
Paused: 0
Stopped: 2
Images: 20
Server Version: 1.12.5
**truncated
Insecure Registries:
docker.corp.domain.com
127.0.0.0/8
Registries: docker.io (secure)

sudo docker pull docker.corp.domain.com/folder/login
Using default tag: latest
Trying to pull repository docker.corp.domain.com/folder/login
unknown: Not Acceptable

sudo journalctl -xe:
level=warning msg="Error getting v2 registry: Get https://docker.corp.domain.com/v2/: dial tcp 10.110.x.x:443: getsockopt: connection refused"
level=error msg="Attempting next endpoint for pull after error: Get https://docker.corp.domain.com/v2/: dial tcp 10.110.x.x:443: getsockopt: connection refus
level=error msg=“Not continuing with pull after error: unknown: Not Acceptable”

How come it is still trying to connect over https on port 443? I’ve tried adding the insecure registry with http:// and also with the port, still having no luck.

1 Like

Hi

We are suffering a similar problem. We had previously configured our internal docker registry and was working correctly for version 1.10 (docker-1.10.3-57.el7) but after upgrading to 1.12.5, it is not able to pull from the repository anymore.

In another machine without this previous configuration (insecure registry), we are able to pull from the registry from version 1.12.5

SO = Red Hat Enterprise Linux Server 7.2

Any clue?