gpt4 book ai didi

docker --insecure-registry 标志未按预期工作

转载 作者:IT老高 更新时间:2023-10-28 12:46:32 25 4
gpt4 key购买 nike

登录时使用自签名证书的私有(private)注册表说明:

FATA[0005] Error response from daemon: v1 ping attempt failed with error: Get https://registry:8443/v1/_ping: x509: certificate signed by unknown authority. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add --insecure-registry
registry:8443
to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/registry:8443/ca.crt

我试过了,但又遇到了另一个错误,即 IP 不在主题中。所以我修复了这个错误,现在得到:

FATA[0006] Error response from daemon: Server Error: Post https://registry:8443/v1/users/: x509: certificate signed by unknown authority

其中registry是注册中心的IP。

然后我将“--insecure-registry registry:8443”放入/etc/default/docker 并重新启动守护进程

我已验证它已采用该设置。

root 6865 1 0 12:47 ? 00:00:00 /usr/bin/docker -d --insecure-registry registry:8443

但是 docker login 仍然会产生这个错误:

FATA[0006] Error response from daemon: Server Error: Post https://registry:8443/v1/users/: x509: certificate signed by unknown authority

insecure-registry 的工作方式是否与我想象的不同,我该如何解决?

是的,我需要 HTTPS。它是一个私有(private)注册表,但在公共(public) IP 上。使用真实证书创建正确的 DNS 条目是唯一的方法吗?

最佳答案

推荐方式 Docker 17.xx +

有多种方法可以为 Docker 守护程序配置守护程序标志和环境变量。 recommended way就是使用平台无关的daemon.json文件,在Linux上默认位于/etc/docker/

因此,要配置不安全的注册表,请执行以下操作:

  1. daemon.json 文件中设置以下标志:

    {
    "insecure-registries": ["registry:8443"]
    }
  2. 重启 Docker

     $ sudo systemctl restart docker

就是这样!

关于docker --insecure-registry 标志未按预期工作,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29402864/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com