https://rancher.com/ logo
Title
s

some-sandwich-85435

11/09/2022, 6:02 PM
MacOS, rancher desktop with docker moby Please, where is the deamon.json ? I need to add
{
  "insecure-registries": [
    "mylocalhost:5000"
  ]
}
but I can't find the file.
h

handsome-jewelry-53515

11/09/2022, 6:32 PM
The docker daemon config should be in your ~/.docker directory as config.json.
s

some-sandwich-85435

11/09/2022, 6:39 PM
thanks, it does not work, can' t push to a local registry .... added
127.0.0.1	localhost dockerlocal
to /etc/localhost but still get
dial tcp 127.0.0.1:5000: connect: connection refused
"<https://dockerlocal:5000/v2/base/manifests/latest>": dial tcp 127.0.0.1:5000: connect: connection refused
cat ~/.docker/config.json
{
	"auths": {
		"<http://registry.gitlab.com|registry.gitlab.com>": {}
	},
	"credsStore": "osxkeychain",
	"currentContext": "rancher-desktop",
        "insecure-registries" : ["dockerlocal::5000"]
}
and restarted the rancher-desktop app.
q

quick-keyboard-83126

11/09/2022, 6:46 PM
it's possible it's in the lima vm...
s

some-sandwich-85435

11/09/2022, 6:52 PM
I have been there and understood nothing from that conversation. I give up now, waste several hours, and my frustration level is quite too high at the moment. Thanks for the help, at least I know now about the config file!
p

proud-jewelry-46860

11/09/2022, 9:13 PM
Hi! For the record (if your frustration level gets lower in the future, or at least this would be useful if other people find this thread with a fresh frustration level): you can get into the VM by running
rdctl shell
. You can get root in the VM (on mac&Linux) via
sudo
. (On Windows, there are no non-root users IIRC.)
s

some-sandwich-85435

11/09/2022, 9:24 PM
Thanks for the info, but what would that change? I wanted to run a local registry like the one shown here https://www.docker.com/blog/how-to-use-your-own-registry-2/ to accelerate some development where containers need others. But that seems to be more difficult than expected. So I fall back to using a remote over the internet to get my current talks done. Is this a Mac problem, a docker problem, or only a moby (rancher desktop) issue? Now my current talks are done and got a little de-stressed, I am still interested in a solution. But I ran out of ideas about what else to try (changed /etc/hosts, added insecure registries, tried with HTTP password, logged in into the local registry, but I can not push ....)
q

quick-keyboard-83126

11/09/2022, 9:26 PM
Rancher Desktop sets up a VM, on macOS, that vm is managed by lima. Modern Rancher Desktop offer
rdctl
as a way to do things to the VM including
rdctl shell
to get into it.
The VM is where the Docker daemon actually lives, and thus it's where you have to go to make changes it'll notice
The old instructions (from what I linked) showed:
$ LIMA_HOME="$HOME/Library/Application Support/rancher-desktop/lima" "/Applications/Rancher <http://Desktop.app/Contents/Resources/resources/darwin/lima/bin/limactl|Desktop.app/Contents/Resources/resources/darwin/lima/bin/limactl>" shell 0
lima-rancher-desktop:~# tail -1 /etc/conf.d/docker
DOCKER_OPTS="--insecure-registry=insecure.home:80"
The equivalent would be:
$ rdctl shell
lima-rancher-desktop:~# tail -1 /etc/conf.d/docker
DOCKER_OPTS="--insecure-registry=insecure.home:80"
But, that's them showing where the file is and what it has, you'd have to put the content you want into that file yourself.
s

some-sandwich-85435

11/09/2022, 9:52 PM
This is super interesting. Thanks! I still have no luck, I managed even to make startingDOCKER_OPTS container impossible by adding a /etc/docker/daemon,json .... but it's late and I am super tired meanwhile, will check tomorrow again
tail -1 /etc/conf.d/docker
DOCKER_OPTS="--insecure-registry=127.0.0.1:5000 --insecure-registry=dockerlocal:5000 --insecure-registry=0.0.0.0:5000"
ERROR: failed to solve: failed to do request: Head "<http://localhost:5000/v2/adoc/devel/blobs/sha256:a71b912bc701e8b0973e75bbcd6acc9640ba82173c61c990f10dbed58a470ddf>": dial tcp 127.0.0.1:5000: connect: connection refused
ERROR: failed to solve: localhost:5000/adoc/base:local: failed to do request: Head "<http://localhost:5000/v2/adoc/base/manifests/local>": dial tcp 127.0.0.1:5000: connect: connection refused
q

quick-keyboard-83126

11/09/2022, 10:09 PM
Where is this localhost:5000? If it isn't in the same place as the docker daemon, that's probably the wrong address for it...
p

proud-jewelry-46860

11/09/2022, 11:00 PM
host.rancher-desktop.internal
is an alias for the (macOS) machine you're running things on; that might be helpful. (I think that ends up being the SLIRP interface, so it might actually work with services listening on loopback?)
s

some-sandwich-85435

11/10/2022, 6:48 AM
localhost is the local machine I am sitting on and it's where rancher desktop is running on, as earlier mentioned, I want to have a registry local on my box, as described here you do
docker run -p 5000:5000 --name registry registry:latest
and you should be able to push images to localhost:5000 dockerlocal is just an alias name in the etc/hosts, since I found that as a possible solution in the internet the registry is running, when started with a password, I can do a
docker login dockerlocal:5000
, but I can not push to it
q

quick-keyboard-83126

11/10/2022, 1:32 PM
The machine you're sitting on isn't the machine that the docker is running on. Try the domain listed above.
s

some-sandwich-85435

11/10/2022, 1:35 PM
you mean, because docker is in real in the VM?
q

quick-keyboard-83126

11/10/2022, 1:36 PM
Yes
s

some-sandwich-85435

11/10/2022, 1:37 PM
ok, I can give it a try later, but in that case, it's strange
docker login dockerlocal:5000
worked
q

quick-keyboard-83126

11/10/2022, 1:38 PM
Yeah, it's confusing. Docker login is a local operation, but the registry access is from the server's perspective.
s

some-sandwich-85435

11/10/2022, 2:11 PM
so I need to add
host.rancher-desktop.internal
into my /etc/host and then add it to the insecure registries, and restart the app but
hostname
in the VM says
lima-rancher-desktop
.... I have slightly the feeling that the problem might be a different one , but can give it a try when I have the time
q

quick-keyboard-83126

11/10/2022, 2:11 PM
You don't need to change host. Just use that domain on both sides.
Remember an IP address can have multiple names. And a computer can have multiple IP addresses. Unfortunately, not all IP addresses are unique. And 127.1 is very much not unique. Almost every computer will think that's a self-reference.
s

some-sandwich-85435

11/10/2022, 2:15 PM
yes, but now I am additional confuse, you mean, I use
localhost.rancher-desktop.internal
, or my alias
dockerlocal.rancher-desktop.internal
, and add that to etc/host and to the insecure registry?
q

quick-keyboard-83126

11/10/2022, 2:16 PM
Use the literal:
host.rancher-desktop.internal
s

some-sandwich-85435

11/10/2022, 2:16 PM
ok
q

quick-keyboard-83126

11/10/2022, 2:16 PM
Not some invented string
You currently have:
tail -1 /etc/conf.d/docker
DOCKER_OPTS="--insecure-registry=127.0.0.1:5000 --insecure-registry=dockerlocal:5000 --insecure-registry=0.0.0.0:5000"
One of those entries should have the string above.
s

some-sandwich-85435

11/10/2022, 2:18 PM
I am on it
want's to yse https, not http ...
ERROR: failed to solve: failed to do request: Head "<https://host.rancher-desktop.internal:5000/v2/adoc/base/blobs/sha256:3ca727e3675ca83dc9580deacf077129f2ffe71a198e9fe1820c962a39c2e0db>": net/http: TLS handshake timeout
[+] Building 10.3s (30/30) FINISHED
and I think I have now all variations here
DOCKER_OPTS="--insecure-registry=host.rancher-desktop.internal:5000 --insecure-registry=localhost:5000 --insecure-registry=127.0.0.1:5000 --insecure-registry=dockerlocal:5000 --insecure-registry=0.0.0.0:5000"
q

quick-keyboard-83126

11/10/2022, 2:23 PM
odds are your registry isn't
https
s

some-sandwich-85435

11/10/2022, 2:23 PM
no, of course not , I want a local docker registry just to simulate some workflows ....
q

quick-keyboard-83126

11/10/2022, 2:24 PM
(did you trigger a restart of docker?)
s

some-sandwich-85435

11/10/2022, 2:24 PM
yes ,resetarted rancher-desktop
q

quick-keyboard-83126

11/10/2022, 2:25 PM
Sorry. I don't currently have this configured and I'm not paid to work on this. I have to go off and help my coworkers w/ their problems. The other people who respond often do (and the one who commented in the thing I linked at the beginning has the most experience w/ this stuff)
s

some-sandwich-85435

11/10/2022, 2:26 PM
I understand, thanks for trying to help me!