Docker – Pull/Push Docker Registry on Port 443 Only

I've set up a Docker Registry (port 5000), which is then accessible to the internet via Reverse-Proxy (HAproxy) via https (port 443).

My reverse-proxy isn't listening on port 80 (for various reasons) – only 443.

However, when I try to pull/push images to the registry, I get this error:

> docker push dockerreg.mydomain.tld/foo/bar:tag
The push refers to repository [dockerreg.mydomain.tld/foo/bar]
67e5bc702bd3: Layer already exists
1ee6a18298af: Layer already exists
0d8d066a4449: Layer already exists
....
402111a9b517: Layer already exists
5be968ab3b04: Layer already exists
b8d33b7d28fe: Layer already exists
Patch http://dockerreg.mydomain.tld/v2/foo/bar/blobs/uploads/840a9fc2-5c10-4c0e-b674-82f76c3794a3?_state=vcTZPbOrQmhcKwilCyutNGwVpFjvWigJCApZHA834757Ik5hbWUiOiJmb3Rvd2V0dGVyL2NsZWFuIiwiVVVJRCI6Ijg0MGE5ZmMyLTVjMTAtNGMwZS1iNjc0LTgyZjc2YzM3OTRhMyIsIk9mZnNldCI6MCwiU3RhcnRlZEF0IjoiMjAyMS0wOC0xNFQyMTozODo1Mi42MzgxNjY5NTdaIn0%3D:
dial tcp 1.2.3.4:80: i/o timeout

So apparently it tries to access the registry via http/80

I was able to use the docker login command with https://dockerreg.... but the docker pull/push commands can't be run with a https://

Is there any way to access my docker registry without a https-redirect on port 80 of my reverse-proxy?

Best Answer

You need to set the http host option: https://docs.docker.com/registry/configuration/#http

A fully-qualified URL for an externally-reachable address for the registry. If present, it is used when creating generated URLs. Otherwise, these URLs are derived from client requests.

That can either be set in a configuration file injected into the registry, or with the environment variable REGISTRY_HTTP_HOST.

Best Answer

Related Solutions

Docker – Fixing Connection Reset Error When Pushing to Local Docker Registry

Docker – Authentication issue running search command in private docker registry

Related Topic