docker
Docker Desktop donot respect the insecure-registies setting
Description
i have tried multiple versions(v4.30.0, and the lates v4.32.0). it looks like its make a https request ,instead of http, All trys end in such response:
Error response from daemon: failed to resolve reference "docker.mycompany.com/nginx:1.27.0": failed to do request: Head "https://docker.mycompany.com/v2/nginx/manifests/1.27.0": dialing docker.mycompany.com:443 container via direct connection because has no HTTPS proxy: connecting to 10.191.255.160:443: dial tcp 10.191.255.160:443: connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
here is daemon configuration file
{
"builder": {
"gc": {
"defaultKeepStorage": "20GB",
"enabled": true
}
},
"experimental": false,
"insecure-registries": [
"http://docker.mycomyany.com"
],
"live-restore": true,
"registry-mirrors": [
"https://****.com"
]
}
Reproduce
$ docker login http://docker.mycompany.com -u **** -p *********
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Login Succeeded
$ docker pull docker.mycompany.com/nginx:1.27.0
Error response from daemon: failed to resolve reference "docker.mycompany.com/nginx:1.27.0": failed to do request: Head "https://docker.mycompany.com/v2/nginx/manifests/1.27.0": dialing docker.mycompany.com:443 container via direct connection because has no HTTPS proxy: connecting to 10.191.255.160:443: dial tcp 10.191.255.160:443: connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Expected behavior
pull should be work as well as a ubuntu server with some insecure registries configuration.
Desktop's configurations should been supported exactly the same as docker in linux.
docker version
Client:
Version: 27.0.3
API version: 1.46
Go version: go1.21.11
Git commit: 7d4bcd8
Built: Sat Jun 29 00:01:25 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Desktop
Engine:
Version: 27.0.3
API version: 1.46 (minimum version 1.24)
Go version: go1.21.11
Git commit: 662f78c
Built: Sat Jun 29 00:02:50 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.7.18
GitCommit: ae71819c4f5e67bb4d5ae76a6b735f29cc25774e
runc:
Version: 1.7.18
GitCommit: v1.1.13-0-g58aa920
docker-init:
Version: 0.19.0
GitCommit: de40ad0
docker info
Client:
Version: 27.0.3
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.15.1-desktop.1
Path: /usr/local/lib/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.28.1-desktop.1
Path: /usr/local/lib/docker/cli-plugins/docker-compose
debug: Get a shell into any image or container (Docker Inc.)
Version: 0.0.32
Path: /usr/local/lib/docker/cli-plugins/docker-debug
dev: Docker Dev Environments (Docker Inc.)
Version: v0.1.2
Path: /usr/local/lib/docker/cli-plugins/docker-dev
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.25
Path: /usr/local/lib/docker/cli-plugins/docker-extension
feedback: Provide feedback, right in your terminal! (Docker Inc.)
Version: v1.0.5
Path: /usr/local/lib/docker/cli-plugins/docker-feedback
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v1.3.0
Path: /usr/local/lib/docker/cli-plugins/docker-init
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: /usr/local/lib/docker/cli-plugins/docker-sbom
scout: Docker Scout (Docker Inc.)
Version: v1.10.0
Path: /usr/local/lib/docker/cli-plugins/docker-scout
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 21
Server Version: 27.0.3
Storage Driver: overlayfs
driver-type: io.containerd.snapshotter.v1
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: ae71819c4f5e67bb4d5ae76a6b735f29cc25774e
runc version: v1.1.13-0-g58aa920
init version: de40ad0
Security Options:
seccomp
Profile: unconfined
Kernel Version: 5.15.153.1-microsoft-standard-WSL2
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
CPUs: 16
Total Memory: 15.47GiB
Name: docker-desktop
ID: 1aeaeebb-2949-4320-a2d0-114790456626
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Labels:
com.docker.desktop.address=unix:///var/run/docker-cli.sock
Experimental: false
Insecure Registries:
docker.mycompany.com
hubproxy.docker.internal:5555
127.0.0.0/8
Registry Mirrors:
https://***.com/
https://***.com/
Live Restore Enabled: true
WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support
WARNING: daemon is not using the default seccomp profile
Diagnostics ID
C728A0A6-C6D9-415F-886C-75C17C283020/20240722053239
Additional Info
damn! i finally got it figured out. i am surprised at the difference in configuration between Desktop and linux, in Desktop we have to explicitly specify the port number "docker.mycompany.com:80"
**
No response
