Hello,
I do not use Mesos currently but this is what I did in the Docker settings.
If you don't care about encryption you can tell docker to use an insecure
registry. On /etc/docker/daemon.json:
{
"insecure-registries" : [ "myregistrymachine.domain:port" ],
"features": {
"buildkit": true
}
}
Where port is your registry port (5000, etc.)
Then restart Docker daemon (systemctl restart docker.service for example)
And confirm the insecure registry is there: docker info
If you have setup user authentication you can test this with docker login:
docker login myregistrymachine.domain:port
[YYYY@ZXXXX ~]$ docker login myregistrymachine.domain:port
Authenticating with existing credentials...
WARNING! Your password will be stored unencrypted in
/home/YYYY/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
Hope this helps.
--Jose
-----Original Message-----
From: Benjamin Wulff <benjamin.wulff...@ieee.org>
Sent: Thursday, August 27, 2020 9:58 AM
To: user@mesos.apache.org
Subject: Docker registry without HTTPS
Hi all,
I’m running a Docker registry in my cluster network that does plain HTTP, no
HTTPS. I tried to configure it using docker_registry and docker_config
options, providing an http:// address. When I try to run a Docker image in a
task it fails and I see in the log a message that CURL SSL got a malformed TLS
answer. So apparently Mesos still tells curl to do whatever it should do via
HTTPS.
I have seen posts that seem to indicate that it will switch to HTTP
automatically when you provide port ‘:80’ as part of the URI for the registry.
However, I cannot put the registry on 80 because there is already a Webserver
sitting that is used for distributing artefacts in the cluster.
—> Is there a way to tell Mesos that it (respectively curl) use HTTP instead of
HTTPS?
Thanks and best regards,
Ben
PS: I also saw in the logs:
curl: option —http1.1: is unknown
curl: try ‘curl —help’ or ‘curl —manual’ for more information
________________________________
CONFIDENTIALITY / PRIVILEGE NOTICE: This transmission and any attachments are
intended solely for the addressee. This transmission is covered by the
Electronic Communications Privacy Act, 18 U.S.C ''2510-2521. The information
contained in this transmission is confidential in nature and protected from
further use or disclosure under U.S. Pub. L. 106-102, 113 U.S. Stat. 1338
(1999), and may be subject to attorney-client or other legal privilege. Your
use or disclosure of this information for any purpose other than that intended
by its transmittal is strictly prohibited, and may subject you to fines and/or
penalties under federal and state law. If you are not the intended recipient of
this transmission, please DESTROY ALL COPIES RECEIVED and confirm destruction
to the sender via return transmittal.
