I just started using the Docker for Mac beta, but immediately ran into an issue pulling from my company’s private registry which is hosted inside our VPN. It seems the docker daemon is trying to use Google’s DNS servers instead of the DNS servers set by the VPN.
Docker pull should work when registry is inside VPN.
I noticed that it tries to use Google’s DNS server (18.104.22.168) to perform name resolution:
$ docker pull docker.mycompany.io/alpine:3.3 Error response from daemon: Get https://docker.mycompany.io/v1/_ping: dial tcp: lookup docker.mycompany.io on 22.214.171.124:53: no such host
I also tried restarted Docker after logging into the VPN (I noticed that restart is needed every time I change networks).
From OS X, you can see resolv.conf has been updated to the VPN’s name servers:
$ cat /etc/resolv.conf # # Mac OS X Notice # # This file is not used by the host name and address resolution # or the DNS query routing mechanisms used by most processes on # this Mac OS X system. # # This file is automatically generated. # search eng.mycompany.com nameserver 172.31.18.70 nameserver 172.31.27.35 nameserver 172.31.47.153
And I can perform name resolution
$ nslookup docker.mycompany.io Server: 172.31.27.35 Address: 172.31.27.35#53 Name: docker.mycompany.io Address: 172.31.20.162 $ pinata diagnose -u OS X: version 10.11.4 (build: 15E65) Docker.app: version v1.11.1-beta10 Running diagnostic tests: [OK] docker-cli [OK] Moby booted [OK] driver.amd64-linux [OK] vmnetd [OK] osxfs [OK] db [OK] slirp [OK] menubar [OK] environment [OK] Docker [OK] VT-x Docker logs are being collected into /tmp/20160505-122624.tar.gz Most specific failure is: No error was detected Your unique id is: 5ED5A8AB-0944-4019-BEF3-2D11D3EE6FF9 Please quote this in all correspondence.
Steps to reproduce the behavior
- Setup docker registry on private network
- VPN into the private network
- Issue a ‘docker pull’ command on an image in the registry