Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Run Docker on MacOS and Access Remote Insecure Docker Registries

DZone's Guide to

Run Docker on MacOS and Access Remote Insecure Docker Registries

With the explosion of Docker's popularity, learning how to secure your working environment is crucial. Read on to learn how to deal with a common error.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

How to Run Docker on MacOS and Access Remote Insecure Docker Registries for Dev/TestIt's been a while since I looked into running a Docker Registry to host images, my previous notes on setting this up are here. While looking into setting up Docker Registry running on a remote CentOS VM (currently running on my Mac Pro running Proxmox) I ran into the configuration issue with insecure registries.

Having tagged an image ready to push to my remote Repository, this error looks like this:

$ docker push 192.168.1.73:5000/redisservice

The push refers to a repository [192.168.1.73:5000/redisservice]

Get https://192.168.1.73:5000/v2/: http: server gave HTTP response to HTTPS client

Unless you're familiar with this error and the required flag to configure running a Repository insecurely (for local testing), there's articles and posts about how to configure this, but it's not immediately obvious that the config needs to be made on the client side from where you're trying to push, not on the server side running the Repository.

On my CentOS server side, this would be configured in  /etc/docker/daemon.json as:

{
   "insecure-registries": [
     "192.168.1.73:5000"
   ]
}

But after finding this has no effect, I saw this post, which suggested to configure this from the client. From my Mac Docker client this can be configured using the widget in the toolbar when Docker is running:

Now trying again:

$ docker push 192.168.1.73:5000/redisservice

The push refers to a repository [192.168.1.73:5000/redisservice]

2ac8b2b0781d: Pushed 

7ce27e37c9b1: Pushed 

e870224c1375: Pushed 

3fc666989c1d: Pushed 

latest: digest: sha256:9f015c8d73c814d8bf0c0d089b8960c7c5c36cec750c81e09378cd2cb8d844af size: 1159

Success! Next up, I'm looking into creating a Stack of my related Container services on Rancher.

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

Topics:
security ,docker security ,container security ,https

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}