I am using a dind (docker in docker) image and I spin this up with the following parameters in order to provide an internal proxy repo for dockerhub
--insecure-registry=internalrepo.intra:5002 /
--registry-mirror=https://dockerproxy.intra:5000
Within the dind container these seems fine
/ # ps
PID USER TIME COMMAND
1 root 0:09 dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --insecure-registry=internalrepo.intra:5002 --registry-mirror=https://dockerproxy.intra:5000
21 root 0:11 docker-containerd --config /var/run/docker/containerd/containerd.toml
178 root 0:00 /bin/sh
209 root 0:00 /bin/sh
233 root 0:00 ps
/ #
However when I try to pull an image this parameter seems to be ignored
# docker pull jenkins/jnlp-slave
Using default tag: latest
Error response from daemon: Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
The error message is confusing. The problem is not that the parameters are ignored but rather that the certificate of https://dockerproxy.intra:5000 is not trusted. Thus adding the respective certificates to the trust store of the image helps to overcome the pro
ARG CERT_PATH=/usr/local/share/ca-certificates
# add sc certificates to certificates location and update ca-certificates
ADD mycert.crt $CERT_PATH/mycert.crt
RUN update-ca-certificates