How to configure Docker for HTTP Registries

The error indicates that Docker is attempting to pull an image from a private registry (10.25.0.238:5000) over HTTPS, but the registry is only serving HTTP. To allow pulling images from a non-HTTPS registry, you need to explicitly configure Docker to trust that registry for HTTP communication.

Steps to Configure Docker for HTTP Registries

1. Edit Docker Daemon Configuration

Open the Docker daemon configuration file, typically located at /etc/docker/daemon.json:

sudo nano /etc/docker/daemon.json

2. Add or Modify the insecure-registries Setting

Update the file to include the insecure-registries key with your registry address. If the file already has existing configurations, merge the changes.

Example configuration:

{
    "insecure-registries": ["10.25.0.238:5000"]
}

If the file is empty, add the entire block:

{
    "insecure-registries": ["10.25.0.238:5000"] 
}

3. Restart Docker

After saving the changes, restart the Docker service:

sudo systemctl restart docker

4. Verify the Configuration

Confirm that Docker recognizes the insecure registry:

docker info | grep "Insecure Registries"

You should see your registry (10.25.0.238:5000) listed under "Insecure Registries".

5. Retry the Docker Pull

Try running the docker-compose up or equivalent command again:

docker-compose up -d

---

Security Warning

Using an HTTP registry is not recommended for production systems because it exposes your credentials and image data to interception. Consider enabling HTTPS with a valid certificate on the registry server. You can use tools like Let's Encrypt to generate certificates or configure self-signed certificates.

If you need assistance enabling HTTPS on your Docker registry, let me know!