Hello,

I do not use Mesos currently  but this is what I did in the Docker settings.

If you don't care about encryption you can tell docker to use an insecure 
registry. On /etc/docker/daemon.json:

{
    "insecure-registries" : [ "myregistrymachine.domain:port" ],
    "features": {
        "buildkit": true
    }
}

Where port is your registry port (5000, etc.)

Then restart Docker daemon (systemctl restart docker.service for example)

And confirm the insecure registry is there: docker info

If you have setup user authentication you can test this with docker login:

docker login myregistrymachine.domain:port

[YYYY@ZXXXX ~]$ docker login myregistrymachine.domain:port
Authenticating with existing credentials...
WARNING! Your password will be stored unencrypted in 
/home/YYYY/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded


Hope this helps.

--Jose

-----Original Message-----
From: Benjamin Wulff <benjamin.wulff...@ieee.org>
Sent: Thursday, August 27, 2020 9:58 AM
To: user@mesos.apache.org
Subject: Docker registry without HTTPS

Hi all,

I’m running a Docker registry in my cluster network that does plain HTTP, no 
HTTPS. I tried to configure it using    docker_registry    and   docker_config  
   options, providing an http:// address. When I try to run a Docker image in a 
task it fails and I see in the log a message that CURL SSL got a malformed TLS 
answer. So apparently Mesos still tells curl to do whatever it should do via 
HTTPS.

I have seen posts that seem to indicate that it will switch to HTTP 
automatically when you provide port ‘:80’ as part of the URI for the registry. 
However, I cannot put the registry on 80 because there is already a Webserver 
sitting that is used for distributing artefacts in the cluster.

—> Is there a way to tell Mesos that it (respectively curl) use HTTP instead of 
HTTPS?

Thanks and best regards,
Ben

PS: I also saw in the logs:

curl: option —http1.1: is unknown
curl: try ‘curl —help’ or ‘curl —manual’ for more information

________________________________

CONFIDENTIALITY / PRIVILEGE NOTICE: This transmission and any attachments are 
intended solely for the addressee. This transmission is covered by the 
Electronic Communications Privacy Act, 18 U.S.C ''2510-2521. The information 
contained in this transmission is confidential in nature and protected from 
further use or disclosure under U.S. Pub. L. 106-102, 113 U.S. Stat. 1338 
(1999), and may be subject to attorney-client or other legal privilege. Your 
use or disclosure of this information for any purpose other than that intended 
by its transmittal is strictly prohibited, and may subject you to fines and/or 
penalties under federal and state law. If you are not the intended recipient of 
this transmission, please DESTROY ALL COPIES RECEIVED and confirm destruction 
to the sender via return transmittal.

Reply via email to