https://rancher.com/ logo
Join Slack
Powered by
This message was deleted.
# rancher-desktop
a
This message was deleted.
h
The docker daemon config should be in your ~/.docker directory as config.json.
s
thanks, it does not work, can' t push to a local registry .... added
Copy code
127.0.0.1	localhost dockerlocal
to /etc/localhost but still get 
dial tcp 127.0.0.1:5000: connect: connection refused
Copy code
"<https://dockerlocal:5000/v2/base/manifests/latest>": dial tcp 127.0.0.1:5000: connect: connection refused
Copy code
cat ~/.docker/config.json
{
	"auths": {
		"<http://registry.gitlab.com|registry.gitlab.com>": {}
	},
	"credsStore": "osxkeychain",
	"currentContext": "rancher-desktop",
        "insecure-registries" : ["dockerlocal::5000"]
}
and restarted the rancher-desktop app.
q
it's possible it's in the lima vm...
s
I have been there and understood nothing from that conversation. I give up now, waste several hours, and my frustration level is quite too high at the moment. Thanks for the help, at least I know now about the config file!
p
Hi! For the record (if your frustration level gets lower in the future, or at least this would be useful if other people find this thread with a fresh frustration level): you can get into the VM by running 
rdctl shell
. You can get root in the VM (on mac&Linux) via 
sudo
. (On Windows, there are no non-root users IIRC.)
s
Thanks for the info, but what would that change? I wanted to run a local registry like the one shown here https://www.docker.com/blog/how-to-use-your-own-registry-2/ to accelerate some development where containers need others. But that seems to be more difficult than expected. So I fall back to using a remote over the internet to get my current talks done. Is this a Mac problem, a docker problem, or only a moby (rancher desktop) issue? Now my current talks are done and got a little de-stressed, I am still interested in a solution. But I ran out of ideas about what else to try (changed /etc/hosts, added insecure registries, tried with HTTP password, logged in into the local registry, but I can not push ....)
q
Rancher Desktop sets up a VM, on macOS, that vm is managed by lima. Modern Rancher Desktop offer 
rdctl
as a way to do things to the VM including 
rdctl shell
to get into it.
The VM is where the Docker daemon actually lives, and thus it's where you have to go to make changes it'll notice
The old instructions (from what I linked) showed:
Copy code
$ LIMA_HOME="$HOME/Library/Application Support/rancher-desktop/lima" "/Applications/Rancher <http://Desktop.app/Contents/Resources/resources/darwin/lima/bin/limactl|Desktop.app/Contents/Resources/resources/darwin/lima/bin/limactl>" shell 0
lima-rancher-desktop:~# tail -1 /etc/conf.d/docker
DOCKER_OPTS="--insecure-registry=insecure.home:80"
The equivalent would be:
Copy code
$ rdctl shell
lima-rancher-desktop:~# tail -1 /etc/conf.d/docker
DOCKER_OPTS="--insecure-registry=insecure.home:80"
But, that's them showing where the file is and what it has, you'd have to put the content you want into that file yourself.
s
This is super interesting. Thanks! I still have no luck, I managed even to make startingDOCKER_OPTS container impossible by adding a /etc/docker/daemon,json .... but it's late and I am super tired meanwhile, will check tomorrow again
Copy code
tail -1 /etc/conf.d/docker
DOCKER_OPTS="--insecure-registry=127.0.0.1:5000 --insecure-registry=dockerlocal:5000 --insecure-registry=0.0.0.0:5000"
Copy code
ERROR: failed to solve: failed to do request: Head "<http://localhost:5000/v2/adoc/devel/blobs/sha256:a71b912bc701e8b0973e75bbcd6acc9640ba82173c61c990f10dbed58a470ddf>": dial tcp 127.0.0.1:5000: connect: connection refused
Copy code
ERROR: failed to solve: localhost:5000/adoc/base:local: failed to do request: Head "<http://localhost:5000/v2/adoc/base/manifests/local>": dial tcp 127.0.0.1:5000: connect: connection refused
q
Where is this localhost:5000? If it isn't in the same place as the docker daemon, that's probably the wrong address for it...
p
host.rancher-desktop.internal
is an alias for the (macOS) machine you're running things on; that might be helpful. (I think that ends up being the SLIRP interface, so it might actually work with services listening on loopback?)
s
localhost is the local machine I am sitting on and it's where rancher desktop is running on, as earlier mentioned, I want to have a registry local on my box, as described here you do 
docker run -p 5000:5000 --name registry registry:latest
and you should be able to push images to localhost:5000 dockerlocal is just an alias name in the etc/hosts, since I found that as a possible solution in the internet the registry is running, when started with a password, I can do a 
docker login dockerlocal:5000
, but I can not push to it
q
The machine you're sitting on isn't the machine that the docker is running on. Try the domain listed above.
s
you mean, because docker is in real in the VM?
q
Yes
s
ok, I can give it a try later, but in that case, it's strange 
docker login dockerlocal:5000
worked
q
Yeah, it's confusing. Docker login is a local operation, but the registry access is from the server's perspective.
s
so I need to add 
host.rancher-desktop.internal
into my /etc/host and then add it to the insecure registries, and restart the app but 
hostname
in the VM says 
lima-rancher-desktop
.... I have slightly the feeling that the problem might be a different one , but can give it a try when I have the time
q
You don't need to change host. Just use that domain on both sides.
Remember an IP address can have multiple names. And a computer can have multiple IP addresses. Unfortunately, not all IP addresses are unique. And 127.1 is very much not unique. Almost every computer will think that's a self-reference.
s
yes, but now I am additional confuse, you mean, I use 
localhost.rancher-desktop.internal
, or my alias 
dockerlocal.rancher-desktop.internal
, and add that to etc/host and to the insecure registry?
q
Use the literal: 
host.rancher-desktop.internal
s
ok
q
Not some invented string
You currently have:
Copy code
tail -1 /etc/conf.d/docker
DOCKER_OPTS="--insecure-registry=127.0.0.1:5000 --insecure-registry=dockerlocal:5000 --insecure-registry=0.0.0.0:5000"
One of those entries should have the string above.
s
I am on it
want's to yse https, not http ...
Copy code
ERROR: failed to solve: failed to do request: Head "<https://host.rancher-desktop.internal:5000/v2/adoc/base/blobs/sha256:3ca727e3675ca83dc9580deacf077129f2ffe71a198e9fe1820c962a39c2e0db>": net/http: TLS handshake timeout
[+] Building 10.3s (30/30) FINISHED
and I think I have now all variations here
Copy code
DOCKER_OPTS="--insecure-registry=host.rancher-desktop.internal:5000 --insecure-registry=localhost:5000 --insecure-registry=127.0.0.1:5000 --insecure-registry=dockerlocal:5000 --insecure-registry=0.0.0.0:5000"
q
odds are your registry isn't 
https
s
no, of course not , I want a local docker registry just to simulate some workflows ....
q
(did you trigger a restart of docker?)
s
yes ,resetarted rancher-desktop
q
Sorry. I don't currently have this configured and I'm not paid to work on this. I have to go off and help my coworkers w/ their problems. The other people who respond often do (and the one who commented in the thing I linked at the beginning has the most experience w/ this stuff)
s
I understand, thanks for trying to help me!
771 Views
Open in Slack
PreviousNext
Powered by