Home / server / Questions / 803333
Accepted
Cédric Girard
Asked: 2016-09-16 08:41:09 +0800 CST

Docker private registry, docker push is forbidden

  • 772

I setup a private registry, which run fine. Docker 1.10. I choose to change the host, and recreate the certificate. All run fine on my server, but on my customer server I can't push an image to the registry : 

unable to ping registry endpoint https://my.customer.private.hostname:5000/v0/
 v2 ping attempt failed with error: Get https://my.customer.private.hostname:5000/v2/: Forbidden
 v1 ping attempt failed with error: Get https://my.customer.private.hostname:5000/v1/_ping: Forbidden

I can't find anybody else talking about 'forbidden' answer on Google. Where can I search to understand ? I already deleted the container, the image, uninstalled docker, reinstalled docker but still the same error. The only thing I do not delete is the thinpool used to store docker data (devicemapper).

docker-registry docker

2 Answers

  1. Best Answer

    There is a systemd conf file for docker :

    /etc/systemd/system/docker.service.d/http-proxy.conf

    with

    [Service] Environment="HTTP_PROXY=http://proxy:3128" Environment="NO_PROXY=localhost,127.0.0.0/8"

    The registry IP was not localhost, so I needed to add the host to the NO_PROXY variable. I still not undestand why the first host worked. Restarting the registry container without https (http only) and using tcpdump help us to resolve this issue.

    • 1

  2. For me it is very strange that docker is trying to reach via https to 5000 port and then you made a curl with http to the same port and it worked.

    Probably you are doing: docker pull my.customer.private.hostname:5000 xxx/yyy instead of docker pull my.customer.private.hostname xxx/yyy

    Regards

    • 0