K
Q

Unable to PULL image into minikube from insecure private registry - http: server gave HTTP response to HTTPS client

9/15/2020

On Ubuntu 18, I installed Docker (19.03.12) from these instructions

And then went through these steps

and set up a private docker registry using this

docker run -d -p 5000:5000 -e REGISTRY_DELETE_ENABLED=true --restart=always --name registry registry:2

I also added this to the daemon.json file 

{ "insecure-registries" : ["my.registrydomain.lan:5000"] }

And restarted the docker daemon

sudo /etc/init.d/docker restart

I checked docker info to make sure the setting for insecure registry was applied and I saw this at the end so it seems ok

 Insecure Registries:
  my.registrydomain.lan:5000
  127.0.0.0/8

On the same machine I start minikube (1.12.3) with this command

minikube start --driver=docker --memory=3000 --insecure-registry=my.registrydomain.lan:5000

So everything is running and fine, and I proceed to apply my deployments using kubectl except when I get to the pod that needs to pull the container form the local registry I get an ErrImagePull status. Here is part of my deployment

spec:
  containers:
  - name: my-container
    image: my.registrydomain.lan:5000/name:1.0.0.9
    imagePullPolicy: IfNotPresent

When I describe the pod that failed using

kubectl describe pod mypod-8474577f6f-bpmp2

I see this message

Failed to pull image "my.registrydomain.lan:5000/name:1.0.0.9": rpc error: code = Unknown desc = Error response from daemon: Get https://my.registrydomain.lan:5000/v2/: http: server gave HTTP response to HTTPS client

EDIT: I forgot to mention that I am able to PUSH my images into the registry without any issues from a separate machine over http (machine is Windows 10 and I set the insecure registry option in the daemon config)

-- erotavlas
docker
kubernetes
minikube

Similar Questions

Best Way of Implementing One Time Job On Exact Date (Exactly One Time Run) in Kubernetes
Modify file from kubernetes pod
Accessing kafka from spring boot application running on kubernetes
Assign same helm value to more than one targets
How to query mysql Kubernetes pod? Access denied for user 'root'@'localhost'

1 Answer

9/16/2020

I tried to reproduce your issue with exact same settings that you provided and this works just fine. Image is being pulled without any problem. I tested this with my debian 9 and fresh ubuntu installation with this settings: 

minikube 	version: 	v1.12.3
docker  	version:  	v19.03.12
k8s 		version:  	v1.18.3 
ubuntu  	version: 	v18

What I`ve done what is not described in the question is to place an entry in minikube container hosts file: 

root@minikube:/# cat /etc/hosts
...
10.128.5.6 my.registrydomain.lan
...

And the tag/push commands: 

docker tag 4e2eef94cd6b my.registrydomain.lan:5000/name:1.0.0.9
docker push my.registrydomain.lan:5000/name:1.0.0.9

Here`s the describe from the pod: 

  Normal   Pulling    8m19s (x5 over 10m)     kubelet, minikube  Pulling image "my.registrydomain.lan:5000/name:1.0.0.9"

As suggested in the comments already you may want to check this github case. It goes thru couple of solution of your problem:

First is to check your hosts file and update it correctly if you hosting your repository on another node. Second solution is related to pushing images in to repository which turned for the user that both insecure-registries and docker push command are case sensitive. Third one is to use systemd to control docker daemon.

Lastly If those would not help I would try to clear all settings, uninstall docker, clear docker configuration and start again from scratch.

-- acid_fuji
Source: StackOverflow