I have running docker with docker registry on example.domain.com
docker run -d -p 5000:5000 --restart=always --name registry \
-v /etc/ssl/certs/:/certs \
-e REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry \
-v /git/docker_registry:/var/lib/registry \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/server.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/server.key \
registry:2
I can push and pull to this docker registry but when i try to connect it with gitlab which is running on the same machine example.domain.com
using gitlab.yml
config:
registry:
enabled: true
host: example.domain.com
port: 5005
api_url: http://localhost:5000/
key: /etc/ssl/certs/server.key
path: /git/docker_registry
In web browser enabling docker registry on project works fine, but when i go to project page and open Regisry page
i get error 500
Gitlab logs shows:
Started POST "/api/v3/internal/allowed" for 10.10.200.96 at 2016-11-25 10:15:01 +0100
Started POST "/api/v3/internal/allowed" for 10.10.200.96 at 2016-11-25 10:15:01 +0100
Started POST "/api/v3/internal/allowed" for 10.10.200.96 at 2016-11-25 10:15:01 +0100
Started GET "/data-access-servicess/centipede-rest/container_registry" for 10.11.0.232 at 2016-11-25 10:15:01 +0100
Processing by Projects::ContainerRegistryController#index as HTML
Parameters: {"namespace_id"=>"data-access-servicess", "project_id"=>"centipede-rest"}
Completed 500 Internal Server Error in 195ms (ActiveRecord: 25.9ms)
Faraday::ConnectionFailed (wrong status line: "\x15\x03\x01\x00\x02\x02"):
lib/container_registry/client.rb:19:in `repository_tags'
lib/container_registry/repository.rb:22:in `manifest'
lib/container_registry/repository.rb:31:in `tags'
app/controllers/projects/container_registry_controller.rb:8:in `index'
lib/gitlab/request_profiler/middleware.rb:15:in `call'
lib/gitlab/middleware/go.rb:16:in `call'
and Docker Registry log:
2016/11/25 09:15:01 http: TLS handshake error from 172.17.0.1:44608: tls: first record does not look like a TLS handshake
The problem is that gitlab tries to connect to the registry via http and not httpS. Hence your are getting the TLS handshake error.
Change your gitlab config from
to
If you are using a self-signed certificate, don't forget to trust it on the machine where gitlab is installed. See -> https://docs.docker.com/registry/insecure/#troubleshooting-insecure-registry